Creating an admin user in Devise on Rails beta 3

Question

Ok, I\'m probably going to feel quite dumb when someone answers this one with a simple thing that I\'m missing but... here goes:

I\'ve got a brand new app on rails 3

Answer 1

@Stewart You are correct. Using an admin flag in the user model is acceptable and can still co-exist with many authorization options. Take a look at the Ability class in the cancan docs for an example of how this might look:

def initialize(user)
  if user.admin?
    can :manage, :all
  else
    can :read, :all
  end
end

Having multiple authorization models can be useful if the functionality is really different or if the requirements for authorization, such as adding subdomain to the authkeys, is different.

Another approach is to add a HABTM roles relationship to your user. Here is a nice tutorial by Tony Amoyal: http://www.tonyamoyal.com/2010/07/28/rails-authentication-with-devise-and-cancan-customizing-devise-controllers/