There??™s nothing strange here. You just add the associated values, with select boxes for them. You also make sure that the captions for all fields are correct and descriptive. This is all there is to articles. Go ahead and create some now! In the next chapter we??™ll take a look at how to go about rendering the content created in this interface. First you have a more pressing concern: security, or the lack thereof. Some Security We??™ve neglected that this should be an administrative user interface, which means it should be protected. Of course, there is a model for users, and you??™ve added support for updating that, but there is no real protection yet. However, as you might remember, it??™s simple to fix that. So, create a new controller named AdminController. It should look like this: class AdminController < ApplicationController before_filter :authentication private def authentication unless session[:user_id] && User.find_by_id(session[:user_id]) flash[:notice] = "Please log in" CHAPTER 7 ?– A RAILS CMS 139 redirect_to(:controller => 'auth', :action => 'login', :into => url_for(params)) else @loggedin = true end end end As you can see, the code is more or less the same as the authentication parts for the Shoplet.