Currently, I have 3 models
Users and Groups have a HABTM relationship and Groups and Permissions
have a HABTM relationship.
For purposes of authorization, I need to know if a user belongs to a
particular group that has a particlar permission to determine if they
can perform an operation.
What's the best way to go about this?