Body:
I'm working on a User/Role/Action Authorization framework for Rails.

It's my first Open Source Rails project.

Basically it works like this:

There are AuthUsers. Each AuthUser has zero or more AuthRoles. Each AuthRole maps to zero or more AuthActions. AuthActions are named like the typical "controller/action/id" URLs seen in a typical Rails application.

Each mapping between a Role and an Action specifies if a Role is allowed to do a particular Action.

There are Action wildcards like "controller/*/#{owner}" which allows specifies any action in "controller" where the current user is the owner of the object acted upon.

There are "Slot" actions which may allow access to a particular slot in a object. For example "auth_user/edit/#{owner}/password" is allowed, but "auth_user/edit/#{!owner}/password" is not allowed.

there is a new template helper <% auth_link_to :controller => 'foo', :action => 'bar', %> which will show a link if the current user is allowed to access action "foo/bar".

This should be pretty flexible.

Please contact me if anybody is interested in this.

Thanks!
KS