Here at Elabs, we’ve been using CanCan for authorization in a number of applications. Ryan Bates managed to build an authorization system which is both simple and powerful. A step away from the bloated role based system available at the time, yet more sophisticated than simply tacking on methods on ActiveRecord models. Over time though we’ve come against a few grievances with CanCan. Ability files
![Simple authorization in Ruby on Rails apps](https://cdn-ak-scissors.b.st-hatena.com/image/square/518d04dea4eacdf8fb005e0aa55191773da87817/height=288;version=1;width=512/https%3A%2F%2Fwww.varvet.com%2Fimages%2Fog-varvet.jpg)