Introducing role_fu...

I've recently had the joy of working on several projects whose user role and authorization logic seemed like an afterthought, so I thought I'd take a stab at building a simple Rails plugin to handle just that.

Role_fu provides a one-to-many roles association for model (including the generated migration) and a simple means of mapping roles to controller actions.

Roles can be declared either in a hierarchical fashion where one role inherits from another or non-hierarchically where each role is distinct and unrelated.  The plugin also provides boolean accessor methods for each row in the roles table.  In other words, if there's an "admin" role, then the user (or whatever model has_role_fu) will have the .admin? method.

Role/action authorizations can be easily configured on a per-controller basis.  All roles have access to an action unless otherwise configured.  If a role can access an action, then it's sub-roles can also access the action, unless the :only option is used which explicitly specifies authorized roles.

Want to redirect users without the proper roles to lemonparty.org?  It's easy.  Just override the authorization_denied method with the redirect and you're all set!

For installation instructions, more details, and some example code, check out the Github repo here.

Oh, and feel free to tell me what you like, what sucks, and what you think I should add/remove...