layout "admin"
# Make sure that a user logs in before doing any action here
- before_filter :authorize, :except => :login
+ before_filter :authorize, :only => :index
+
+ # Only managers can do the following actions
+ before_filter :manager, :only => [:add_user, :delete_user, :list_users]
def add_user
@user = User.new(params[:user])
def list_users
@all_users = User.find(:all)
end
+
end