User authorization in controller actions

user.rb

class User < ActiveRecord::Base

  # - Instance Methods -
  def is_admin?
    self.role.eql? 'admin'
  end

end

user_controller.rb

class UserController < ApplicationController

  before_filter :authorize_user!

  def index
  end

  def edit
  end

  def show
  end

  # ...

  private

  def authorize_user!
    redirect = true
    if current_user
      if current_user.is_admin?
        redirect = false
      else
        flash[ :error ] = 'Unauthorized access!'
        redirect = true
      end
    end
    redirect_to root_path if redirect
  end
end