require_role on a per action basis

I am working on an app that has three roles (user, admin, business). I have the situation where all three roles interact with the same controller, but have access to different actions. Some actions are authorized for 2 roles (admin, business), and others are only authorized for one role (administrator).

Does anyone know if there is a commonly used pattern for security on a per action basis?

What I would like to do is be able to map which roles are authorized to call which actions and be able to call a :before_filter in my controller.

In my head I'm thinking of something like

before_filter :authorize_action => :except [:public_action1, :public_action2]

Thanks for any input.

Consider restful_authentication and rolerequirement

Thanks for the links. Very appreciated. I will take a look at these *very* common tasks.

Marnen Laibow-Koser wrote: