I'm working on a Rails app using CanCan for RBAC and I only have 3 roles and maybe I'll add 1 or 2 more somewhere down the track.

In the past I've always had roles as their own entity, joined to users via a m2m link-table. With so few, and static, roles, that seems like overkill. So I'm thinking of simply adding boolean columns to my Users table for each role. I could also use a bitmask (like the CanCan example does) but I'm not too keen on storing multiple values in a single column.

So my question is, what's the best thing to do in this situation: bitmasks, multiple boolean columns, or a properly normalized m2m relationship?