If you want to use cancan :
Admit you add in your user controller a method admin_home :
def admin_home
@user = current_user
authorize! :admin_home
end
You need to specify in ability.rb file you want to restrict access to admin_home for standard users :
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
if user.admin?
#Authorize all actions
can :manage, User
else
#authorize only self modifications and restrict access to admin_home
can :manage, User, :id => user.id
cannot :admin_home, User
end
end
end
You can find great resources about cancan in official wiki like https://github.com/ryanb/cancan/wiki/Defining-Abilities and https://github.com/ryanb/cancan/wiki/Authorizing-controller-actions
Hope this help