Great job! We now have a way to determine whether a user has an admin role on the site. Let’s add a few methods to the Application controller to make sure that users with the admin role can access specific parts of the site.
In the Application controller, create a method named
In the Recipes controller, create a before action that calls the
require_admin method before running the
In app/views/recipes/show.html.erb, use the
admin? method to display a delete link only if a user is an admin:
<% if current_user && current_user.admin? %> <p class="recipe-delete"><%= link_to "Delete", recipe_path(@recipe), method: "delete" %><p> <% end %>
Try it out. Sign in as Freida with the email
firstname.lastname@example.org and password
Freida1. Then visit
http://localhost:8000/recipes/1. You should see your delete link.