RailsCasts Pro episodes are now free!

Learn more or hide this

Jamie Cobbett's Profile

GitHub User: jamiecobbett

Comments by Jamie Cobbett

Avatar
Jamie Cobbett on #271 Resque 2011-10-20 10:14:10

I wanted only Users with the admin attribute set to true to access resque-web.

Since we're using Devise, the current user is accessible like this:

ruby 
request.env['warden'].user

So I made the below off the back of the example here:
http://www.scottw.com/securing-resque-server-rails-3

ruby 
require 'resque/server'

class SecureResqueServer < Resque::Server
  before do
    redirect '/' unless request.env['warden'].user.admin
  end
end

If we were using Devise's "roles" (where each role has it's own table) we could simply do this in the routes file:

ruby 
authenticate(:admin) do
  mount Resque::Server, :at => "/resque"
end