There are a lot of role-based authorization plugins out there. They work great when you know in advance what the roles are going to be. For example, if I know I'm going to have administrators, super_users, and not_so_super_users.
What I really want is to be able to create custom roles and assign that role to a user. At this point, I am simply wanting to block access to controllers / actions based on a user's custom role. Roles will consist of permissions.
For example, Jane Doe can add and view widgets, but she can't delete or edit them. John Doe can add, view, and edit. The Boss can add, view, edit, and delete. I want to be able to check if the user is authorized to access a controller / action in one line:
user.is_authorized?
is_authorized (or whatever it is called) should be intelligent enough to determine if the user is authorized based on their assigned role and that role's permission set.
Am I making sense? Is there anything out there that does this?