role based authorization question

I am using the the authorization recipe outlined in Rails Recipes.Is it possible for one role, say ‘admin’, to have access to every action on every controller without explicitly having to create a Right for each?

I know this will not work as is, and to force it to do so would violate MVC, but is there some other way to accomplish having something like this in a controller:

if session[:user]

Applicant.find(session[:user]).roles.each{|r| loggedin=true if“admin”}

skip_before_filter :check_authentication, :check_authorization if loggedin



I store * as a wildcard for the action/controller columns, and query
for (rights.controller = controller_name OR rights.controller = '*')
AND <same for action> in my authorized() method.


Thanks Isak, It seemed so very obvious once I saw your suggestion. I works beautifully.

Thank You,