Well I have implemented in my app a wall similar to the one found on
facebooks user profiles. I have created a wall_comments controller and
wall_comment model. Only friends can post in each others wall. On my
views I check that if the current user is not friend of a particular
user the form for posting a comments is not shown. On the
wall_comments controller I have a before_filter for the create action
that checks if the two users are friends. And on my wall_comment model
I have a validate_on_save method that checks again if the two users
are friends again.
Is this a good practice? That much validations? More queries, slower
response times? Any suggestions or is it ok like that?