CanTango is an advanced Authorization, Access Control or Permissions system. CanTango builds on CanCan, hence its name. CanTango is designed to be highly configurable, flexible and powerful.
Don't use cantango, don't even consider using it!
Cantango is very unstable and it is by no means can be considered production-ready.
Even if it was stable, it would still recommend against using it because during four months of heavy development in the summer of 2011 it eventually became a very over-engineered project.
Cantango is abandoned by both of its authors: Kristian Mandrup and Stanislaw Pankevich.
Think twice, if you do really need so complex role system for your Rails app! If you do, think twice again and consider implementing this complexity using just classic CanCan approach.
We are currently heading towards CanTango 1.0 which will include a lot of changes, improvements, be more stable (well tested) and will feature a more modular design (separation into sub-projects/gems).
Role system of your choice, including use of Role groups
See Recent features and Design ideas to read about recent features and plans for further developments. Feel free to suggest your own ideas for improving the framework!