How to setup your Rails app for using the declarative_authorization gem

application_controller.rb

class ApplicationController < ActionController::Base
  protect_from_forgery

  before_filter :set_current_user

  protected

  # neccessary for declarative_authorization model permissions
  def set_current_user
    # current_user should be defined somewhere as the logged in used
    Authorization.current_user = current_user
  end
end

authorization_rules.rb

authorization do
  role :guest do
    has_permission_on :users, :to => :create
  end
  role :user do
    includes :guest
    has_permission_on :users, :to => :manage do
      if_attribute :id => is {user.id}
    end
  end
end

privileges do
  privilege :manage, :includes => [:create, :read, :update, :delete]
  privilege :read,   :includes => [:index, :show]
  privilege :create, :includes => :new
  privilege :update, :includes => :edit
  privilege :delete, :includes => :destroy
end

Gemfile

source 'http://rubygems.org'

gem 'rails', '3.0.3'

...

gem 'declarative_authorization'
group :development do
  # for the graphical overview over your rules
  # available at /authorization_rules
  # you will also need to install dot/graphviz for the graph generation
  gem 'ruby_parser'
end

spec_helper.rb

# This file is copied to spec/ when you run 'rails generate rspec:install'
ENV["RAILS_ENV"] ||= 'test'
require File.expand_path("../../config/environment", __FILE__)
require 'rspec/rails'

...

require 'declarative_authorization/maintenance'
include Authorization::TestHelper

...

RSpec.configure do |config|
  ...
end