We created a method named
editor? that checks whether a user’s role is “editor”, and returns
false. The method uses
self to refer to the current instance of a User object.
Now that we can determine whether a user has an editor role on the site, let’s add a few methods to the Application controller (app/controllers/application_controller.rb) to make sure that users with the editor role can access specific parts of the site.
In the Application controller (app/controllers/application_controller.rb), below
require_user, add another method named
def require_editor redirect_to '/' unless current_user.editor? end
Next, in the Recipes controller, use another before action that uses
require_editor to permit only users with an editor role to access the
before_action :require_editor, only: [:show, :edit]
Then in app/views/recipes/show.html, use the
editor? method to display an edit link only if a user is an editor
<% if current_user && current_user.editor? %> <p class="recipe-edit"> <%= link_to "Edit Recipe", edit_recipe_path(@recipe.id) %> </p> <% end %>
Try it out - first log in to the app as a user without a role. Looking at db/seeds.rb, Julian doesn’t have an editor role, so use his email
email@example.com and password
Julian1 to log in. Then visit
http://localhost:8000/recipes/1. You shouldn’t see the Edit link on this page.
Log out of the app, and then log back in as an editor. Looking at db/seeds.rb, Mateo has an editor role, so use his email
firstname.lastname@example.org and password
Mateo1 to log in to the app. Then visit
http://localhost:8000/recipes/1. You should see the Edit link.