Simple privilege solution for Rails.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
app releasing 2.0.0 Apr 23, 2011
config/locales releasing 2.0.0 Apr 23, 2011
lib fix for rails 3.1 new mass assignment convention Sep 9, 2011
test releasing 2.0.0 Apr 23, 2011
.gitignore releasing 2.0.0 Apr 23, 2011
.travis.yml make sure .travis.yml includes language: ruby Feb 19, 2012
Gemfile releasing 2.0.0 Apr 23, 2011
MIT-LICENSE releasing 2.0.0 Apr 23, 2011 warning typo Jan 18, 2015
Rakefile releasing 2.0.0 Apr 23, 2011
VERSION.yml updating gem specs Aug 29, 2011
acts_as_privilege.gemspec fix project's homepage url May 23, 2014
init.rb Releasing gem v1.2.0 Apr 12, 2010

Acts as privilege

⚠️ This gem is outdated. Please do not use it.

Acts as privilege is a plugin for Ruby on Rails that provides the capabilities to restrict controller actions to privileged resources.

This ACL-based security model is designed as a role-based access control, where each role can be a group of users.


Gem Version Build Status


General library that does only one thing, without any feature.


Include the gem in your Gemfile:

gem 'acts_as_privilege'

And run the bundle command. Or as a plugin:

rails plugin install git://

Then, generate files and apply the migration:

rails generate privileges model
rake db:migrate

At this point, Privilege model can be populated with:

rest_actions = %w(index show new create edit update destroy)
controllers = {
  groups:   rest_actions,
  users:    rest_actions,
  articles: rest_actions,
  comments: rest_actions }

Privilege.transaction do
  controllers.each_pair do |controller, actions|
    actions.each do |action|
      Privilege.create! route: [controller, action].join('#')


First, let's run commands:

rails generate privileges group
rake db:migrate

Second, let's add this in Group model:

# app/models/group.rb
class Group < ActiveRecord::Base

  has_many :users

Now, check the current user capability to destroy articles:'articles#destroy') # => false

And add a form helper that generates the field to manage group privileges:

form_for @group do |f|
  privileges_field f

Copyright (c) 2009-2011 Cyril Wack, released under the MIT license