OR, like was mentioned above
Create any method that checks for what conditions you are specifying to
access that controller through a before_filter
My authorize example works great for users but you may or may not have a
users database setup.
Keep up to date with Rails on Twitter and This Week in Rails
Policies: Conduct, License, Maintenance, Security, Trademarks