Sign in through GitHub

Please read for an updated status on RailsCasts:

Learn more or hide this

Jamie Cobbett's Profile

GitHub User: jamiecobbett

Comments by Jamie Cobbett

Avatar

I wanted only Users with the admin attribute set to true to access resque-web.

Since we're using Devise, the current user is accessible like this:

ruby
request.env['warden'].user

So I made the below off the back of the example here:
http://www.scottw.com/securing-resque-server-rails-3

ruby
require 'resque/server'

class SecureResqueServer < Resque::Server
  before do
    redirect '/' unless request.env['warden'].user.admin
  end
end

If we were using Devise's "roles" (where each role has it's own table) we could simply do this in the routes file:

ruby
authenticate(:admin) do
  mount Resque::Server, :at => "/resque"
end