There’s a relatively new player in the town of role-based access control for Rails - acl9 by Oleg Dashevskii. This article shows how easy it is to replace acl9’s default database-based role checks with your own dynamic ones, and to allow your object to allow or deny users with any roles using any conditions without updating database roles all the time. And it does it in a true BDD fashion with RSpec examples. Read the article