Summary: Libraries for Authorization controls in Ruby on Rails are not nearly is prolific as they are with Authorization. The one I typically use is Cancan. The thing I like about Cancan is that it provides fairly granular model level controls. You have to do the checks—Rails won't do them for you—but they are fairly straightforward. The other thing I like about it is that it provides some Controller level controls through a before filter you can include that will pull up the model, load the object, and check permissions before loading the Controller action. Ideally, a good Authorization library allows this level of control at all three levels of your application.
