Users, Roles and Permissions


I’m currently working on a text-based roleplay browser game, and i’m trying to figure out what the best approach would be in order to create a system that allows me to assign roles to a user, and permissions based upon the role a user has.
I’ve been thinking about creating a model User, which has_many :roles, and with the Role model which has_many :permissions.
The Permission Model would then just be a set of boolean that signal what he can/can’t do.

I’m aware that there is the authorizable plugin, which delivers a nice system, but I’m just trying to build something on my own to get the feeling for rails & ruby again. I believe that the above mentioned system would work, but I’m a bit curious on the dynamic side of it. What I’d actually like to know, if it is possible to store the controller & actions automaticly as properties of the Permission object, or if this has to be done manually for each one I create?

ALso, I’m relatively new to the entire RoR concept, although I already had a first working experience with it, so I’m open to ideas & suggestions as well.

Why not try “Hobo”, a rails extension. It includes a pretty decent permission based system using roles… that u can set declaratively for your application. Hobo also include a host of other realy cool features.

I’m aware of Hobo etc.
The idea behind this whole question line is more theoretical then coding/practical implementation.

I’m just trying to figure out from analasys point of view what the best approach would be to implement a dynamic system for roles/permissions on users.