simple roles

app/controllers/application_controller.rb

@@ -4,6 +4,7 @@ class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
   before_filter :require_login
   respond_to :html, :json
+  helper :access
 
   private
 

app/helpers/access_helper.rb

@@ -0,0 +1,13 @@
+module AccessHelper
+  def can_create_user? user
+    user && user.admin?
+  end
+
+  def can_edit_user? user
+    user && user.admin?
+  end
+
+  def can_page? user
+    user && (user.admin? || user.staff?)
+  end
+end

app/views/layouts/_navigation.html.haml

@@ -3,5 +3,6 @@
   %li{ class: active_controller('parents') }= link_to 'Parents', list_parents_path
   %li{ class: active_controller('children') }= link_to 'Children', list_children_path
   %li{ class: active_controller('pages') }= link_to 'Pages', list_pages_path
-  %li{ class: active_controller('staff') }= link_to 'Staff', list_staff_path
+  - if can_edit_user? current_user
-  %li{ class: active_controller('users') }= link_to 'Users', list_users_path
+    %li{ class: active_controller('staff') }= link_to 'Staff', list_staff_path
+    %li{ class: active_controller('users') }= link_to 'Users', list_users_path