How to restrict a controller access based on a logged in user's role in ROR

Question

Guys I have 4 tables in my DB as follows

• Functions {id, name
• Admin_Users {Id, Email, Password, role_id}
• Roles {id, name}
• Role_Functions {id, role_id, function_id}

I'm using RoR as web development environment.

Here,

I want to restrict a controller access based on a logged in user's role (role-base-authorization), How I do this? does it requires a new table?

Answer 1

You can use cancan gem. It's a cool gem.