Rails uses MVC.
Its important to correctly partition what each section does.
Views and Controllers should NEVER make decisions.
Models should make decisions, and controllers and views should ask models for permission.
For instance, if you have a a User model and some other model like, for instance something that remembers it position and is owned by a user, the view can ask the model whether it allowed to alter the object before it puts the user interface to allow movement.
in the view…
<% if moveable_thing.editable_by?(logged_in_user) >
… interface to move the object …
< end %>
Well, thats ok, BUT, it embeds a decision in the view.
What decision? well, whether an editable object is moveable of course. Later on, a user may be able to edit the contents of the object but not its position, and to make that change you have to now scan all controllers and views.
Better by far…
<% if moveable_thing.movable_by?(logged_in_user) %>
Now, we have removed ALL decision making from the view.
If this means we have to do silly things in the model like….
def editable_by?(user)
…
end
def moveable_by?(user)
editable_by?(user)
end
then, so be it, its a small price to pay.