Currently I have a User model that uses acts as taggable on to give users "roles". So I would have for instance a tag for Member, Admin, Moderator. Every user has a relationship for Reports. However, a Member should only be able to see their reports, a Moderator should be able to see their reports and any Member's reports, and finally the Admin should be able to see everything.
Currently I take care of this on each controller page that accesses reports through an if statement but this seems like an awful way of doing that will eventually lead to someone seeing reports they shouldn't. So this got me thinking would it be possible to set some sort of restriction on the Model's file to take care of this in one spot.
You can use the request_store gem and a before_filter in applicationController to make current_user accessible in model. But remember that request is not always there, so account for possible nils