Check the authorization in a before filter in your controllers. AAA provides #authorized? as a hook for this.
before_filter :login_required, :only => [:new, :create, :update, :edit, :destroy]
def authorized? @item.editable_by? current_user end
class Item < AR::Base def editable_by?(user) user && user.id == user_id # sample, replace with your own logic end end