Well, since you guys are still talking about this, I might as well share
the whole method(s) with you. And yes, I got rid of the bang. 
It's for a website where users can save other users as contacts... and anybody user #1 (the "system user") saves as a contact is considered an administrator... You can categorize your contacts, and #1's categorizations effectively become permissions...
ruby_code=<<_NEAT def is_admin(groupname=nil) unless logged_in? raise AdminAuthenticationError.new, "not logged in" end return true if current_user.id == 1 system_user = User.find_by_id 1
unless system_user.contacts.includes_user? current_user raise AdminAuthenticationError.new, "user is not a member of system_user's contacts" end
return true if groupname.nil? unless( group = system_user.contactgroups.select{ |g| g.name == groupname }.first ) raise UserError.new, "Unknown admin group " + group + " used in code!" end unless group.include? current_user raise AdminAuthenticationError.new, "user is not a member of system_user's '#{groupname}' group" end return true end
def is_admin?(groupname=nil) begin return is_admin(groupname) rescue AdminAuthenticationError => detail logger.error "is_admin? failed: #{detail}" return false end end
class AuthenticationError < UserError end class AdminAuthenticationError < AuthenticationError end
_NEAT
Cheers, Tyler