routing URL REST or not REST

my question is maybe silly.... but it's already July 4th .. and I am

until now I have been using in my tests the following routes
(simplified version)

  map.resources :academies do |academies|
    academies.resources :ecourses
     academies.resources :instructors
    academies.resources :trainees

so I get the URL type : /academies/1/libraries from

the current_user being defined , and he is always logged into one
academy when working (

I wonder is it possible to replace academy_id in the URL with a
string 'CURRENT' ? and have :

/academies/CURRENT/libraries (then nobody could hack the academy)

or is it better to keep the REST URL type and perform a security check
(permit ) in the controller ??


You may also want to look at the :shallow option to map.resources - it
does pretty much what you're looking for.

--Matt Jones