Here at Elabs, we’ve been using CanCan for authorization in a number of applications. Ryan Bates managed to build an authorization system which is both simple and powerful. A step away from the bloated role based system available at the time, yet more sophisticated than simply tacking on methods on ActiveRecord models. Over time though we’ve come against a few grievances with CanCan. Ability files