cant 0.2.0
include Cant ------------ class User; include Cant::Embeddable; end class AuthorizationMiddleware; include Cant::Embeddable; end declare rules ------------- User.cant do |action=:update, post| not post.user == self if Post === resource and action == :update end AuthorizationMiddleware.cant do |env| not env['user'] == env['post'].user if env.path =~ /^\posts/ and env.method == 'PUT' end verify ------ user.cant? :update, post user.die_if_cant! :update, post control ------- rescue_from Cant::AccessDenied do |error| flash[:error] = error.message redirect_to request.referer end