All - is there a standard pattern for the following case? My domain is pretty unique so let me use an analogy to try and better convey the problem.
Let's assume that a "director" owns a "series" and that an "administrator" or "director" can add information (actors, an episode, whatever) to that "series". So, for a given season (Let's say it's Lost and JJ Abrams is the director), JJ wants to login to this app and say "add a new episode to Lost."
I need to ensure that JJ has the rights to add this episode or actor to the series he's wishing to add it to. In other words, I need to say - if JJ (current_user) is the director of this series, then let him.
That said, let's say I have an 'episode' object - and JJ has gone and created a new instance. I'm guessing the best way to make sure that the current user (JJ) has rights to create this episode (before saving) is to override validate and basically say:
def validate errors.add_to_base("no no") unless current_user (jj) owns the series we're trying to associate this episode to end
Does this question make sense? Hope so.