Немного поиграл с Ability

app/controllers/users_controller.rb

@@ -1,6 +1,8 @@
 class UsersController < ApplicationController
-  skip_before_filter :require_login, :only => [:index, :new, :create, :activate]
+  skip_before_filter :require_login, :only => [ :new, :create, :activate]
+
   load_and_authorize_resource
+  skip_authorize_resource :only => [ :new, :create, :activate ]
 
   # GET /users
   # GET /users.xml
@@ -45,6 +47,7 @@ def edit
   # POST /users.xml
   def create
     @user = User.new(params[:user])
+    @user.roles = 'user'
 
     respond_to do |format|
       if @user.save

app/models/ability.rb

@@ -8,8 +8,11 @@ def initialize(user)
 
     if user.role? :admin
       can :manage, :all
-    else
+    elsif user.role? :user
       can :manage, User, :id => user.id
+      can :read, :all
+    else
+      can :read, :all
     end
 
     # The first argument to `can` is the action you are giving the user permission to do.

app/views/user_sessions/edit.html.erb

@@ -3,4 +3,4 @@
 <%= render 'form' %>
 
 <%= link_to 'Show', @user_session %> |
-<%= link_to 'Back', user_sessions_path %>
+<%= link_to 'Back', root_path %>

app/views/user_sessions/new.html.erb

@@ -6,4 +6,4 @@
 <h1>Forgot Password?</h1>
 <%= render 'forgot_password_form' %>
 
-<%= link_to 'Back', user_sessions_path %>
+<%= link_to 'Back', root_path %>

app/views/users/index.html.erb

@@ -12,13 +12,17 @@
 <% @users.each do |user| %>
   <tr>
     <td><%= user.email %></td>
-    <td><%= link_to 'Show', user %></td>
-    <td><%= link_to 'Edit', edit_user_path(user) %></td>
-    <td><%= link_to 'Destroy', user, :confirm => 'Are you sure?', :method => :delete %></td>
+    <td><% if can? :read, User %>
+      <%= link_to 'Show', user %>
+    <% end %></td>
+    <td><% if can? :update, User %>
+      <%= link_to 'Edit', edit_user_path(user) %>
+    <% end %></td>
+    <td><% if can? :destroy, User %>
+      <%= link_to 'Destroy', user, :confirm => 'Are you sure?', :method => :delete %>
+    <% end %></td>
   </tr>
 <% end %>
 </table>
 
 <br />
-
-<%= link_to 'New User', new_user_path %>

db/seeds.rb

@@ -13,3 +13,7 @@
 user = User.create  :email => 'user@test.com', :password => 'user', :password_confirmation => 'user'
 user.roles = 'user'
 user.save
+
+test = User.create  :email => 'test@test.com', :password => 'test', :password_confirmation => 'test'
+test.roles = 'user'
+test.save