LogicalAuthorization allows authorization in a finely grained framework, including ACLs and database based permissions, designed to slide into your project seamlessly. You should be able to add logical_authz to your Gemfile and add needs_authorization to your base controller class and be done.