I need help figuring out the best way to do this.
Im using declarative authorization gem.
I have 4 roles, admin, master, junior, subscriber.
When it comes to new users:
I want the admins to be able to create any kind of user they wish.
But I also want masters to be able to create users with master, junior or subscriber roles.
So whats the best way to make this secure?.
I need help on both sides, view and model/controller logic...
The view should display all 4 roles to the admin in the colletion_select but just the other 3 options to the masters....
The rest of the users dont have access to get to that view thanks to declarative auhorization.
And on the model/controller logic I want it to validate that the user being created is not an admin role if the user creating it is not an admin... dont know how to do that either....Please help.