Alright - the application I’m working on has a few different types of
users: directors, performers, watchers, uberusers.

Right now - I’m using single table inheritance to handle all types of
users and I’m able to use model objects in the core (which is
nice)…Director.find(:all), Performer.find(:all), etc.

Here’s the rub: I want to be able to authorize certain actions based on
user type.

I’ve seen Chad F.'s model for users|roles|rights, but he has the
good fortune of having a roles_users table and a roles_rights table. In
this case, I don’t want to really introduce a ‘roles’ table because then
I lose the convenience of the single table inheritance (assuming I
remove ‘type’ from my table and cook up one table for each type of user

  • ewww - and rely on roles_users); or I end up duplicating concepts.

So - I’m wondering if anyone has cooked up any authorization schemes
based on ‘type’ in a single table inheritance model.