Validation Idiom

All - is there a standard pattern for the following case? My domain is pretty unique so let me use an analogy to try and better convey the problem.

Let's assume that a "director" owns a "series" and that an "administrator" or "director" can add information (actors, an episode, whatever) to that "series". So, for a given season (Let's say it's Lost and JJ Abrams is the director), JJ wants to login to this app and say "add a new episode to Lost."

I need to ensure that JJ has the rights to add this episode or actor to the series he's wishing to add it to. In other words, I need to say - if JJ (current_user) is the director of this series, then let him.

That said, let's say I have an 'episode' object - and JJ has gone and created a new instance. I'm guessing the best way to make sure that the current user (JJ) has rights to create this episode (before saving) is to override validate and basically say:

def validate   errors.add_to_base("no no") unless current_user (jj) owns the series we're trying to associate this episode to end

Does this question make sense? Hope so.

it is not validation issue, it should not go to model at all. before_filter in controller or decent acl plugin will do the job

There's a great Rails Recipe (Pragmatic Bookshelf: By Developers, For Developers) that covers basic access control using users, roles, and rights. I don't have it nearby, but I'd highly recommend reading it in your case.

-Kyle