Goldberg CMS

The Goldberg plugin is an example of a high level generator that includes both authorization and authentication. It's like a framework built on top of the Rails framework, but actually sits beside it because you continue to develop your Rails app as usual, Goldberg does not interfere. You don't have to write any Goldberg-specific code in your application or use its API.

You define Roles (which can be has subgroup hierarchy), and assign permissions to the roles. A permssion is a controller/action that the role may access. Then you assign users to roles.

Goldberg installs as application-wide before-filters (if not exactly, at least conceptually) that examines the routed controller/action against its database of permissions ("credentials") for the current logged in user. Credentials are stored in the current session minimizing the need for database access between page loads.

That's just the beginning. Goldberg also provides a little hierarchical page manager (approaching a CMS) for static content; a menu manager for redirecting to pages or any arbitrary controller/action; and a theme system for dynamically re-skinning your application. It does not impose a specific markup on you, however. Finally there is an API for custom access control within your application.