Check out the role-based authentication plugin.
Or you can put something together yourself pretty easy. Just create a
model called Role, add a has_one to your user model. The Role model
(heh) will hold info about permissions.
Keep up to date with Rails on Twitter and This Week in Rails
Policies: Conduct, License, Maintenance, Security, Trademarks