I have a pre-existing Rails site using Devise and am integrating Alchemy CMS to just show a few pages ("About", "Contact", etc.)
So I want to prevent most users from seeing the Alchemy admin area, even if they're logged in to my main site. My existing User object has an is_admin? method, and only those users should see the Alchemy CMS admin area too. But everyone should be able to see the regular pages, whether they are logged in or not (for guest users I just have a "guest" User object that I create in memory).
So my first thought was that this is something I could easily accomplish with alchemy_roles. But even if I just return ['member'] for non-admins, they can still see the admin area if they guess the URL.
So now I'm thinking that this is something I'd need to do via CanCan, but I'm not familiar enough with that gem or how Alchemy uses it. Can someone provide an example of how to do this? Preferably they would get redirected to root if they're not authorized, but just throwing some 500 error would work too.
Thanks!