Hi, I am looking for a simple way to implement a form of "data ownership" in a Rails application. Basically, I'd like for users / accounts to only be able to view or operate on model data that they have created themselves and to not have any sort of awareness of the data created by other users / accounts.
My initial thought is that I will need something like account_id on all of the models and each request will check that the searched for model id is owned by the currently authenticated account. Has anyone done anything like this and is there a simpler way?
Thanks
