JeanMertz · April 11, 2012 12:27
diff --git a/application_controller.rb b/application_controller.rb
  def verify_backend_access
    # Redirect guest users to login page.
    if ! user_signed_in?
      redirect_to new_user_session_url(subdomain: subdomain_account.name), notice: 'Not logged in!'

    # Redirect users with `Client` roles to signup page.
    elsif ! current_user.has_backend_access?
      redirect_to new_user_registration_url(subdomain: app_subdomain), notice: 'No access, please sign up!'

    # Redirect users without access to this account to their own account page.
    elsif request.subdomain == app_subdomain || ! current_user.has_backend_access?(account: subdomain_account)
      redirect_to dashboard_url(subdomain: current_account.name), notice: 'Not your account mister!'
    end
  end
  before_filter :verify_backend_access
diff --git a/devise.rb b/devise.rb
    config.to_prepare do
      Devise::SessionsController.skip_filter :verify_backend_access
      Devise::RegistrationsController.skip_filter :verify_backend_access, only: [:new, :create]
    end
	def verify_backend_access
	# Redirect guest users to login page.
	if ! user_signed_in?
	redirect_to new_user_session_url(subdomain: subdomain_account.name), notice: 'Not logged in!'

	# Redirect users with `Client` roles to signup page.
	elsif ! current_user.has_backend_access?
	redirect_to new_user_registration_url(subdomain: app_subdomain), notice: 'No access, please sign up!'

	# Redirect users without access to this account to their own account page.
	elsif request.subdomain == app_subdomain \|\| ! current_user.has_backend_access?(account: subdomain_account)
	redirect_to dashboard_url(subdomain: current_account.name), notice: 'Not your account mister!'
	end
	end
	before_filter :verify_backend_access
	config.to_prepare do
	Devise::SessionsController.skip_filter :verify_backend_access
	Devise::RegistrationsController.skip_filter :verify_backend_access, only: [:new, :create]
	end