Access controle realization

I implement ACL for my ROR app. I have access variable that stores rights for users.

It contain hashes with array value for each user.

First array element is controller name and second element - array with action's names.

access = {
           'user' => [
             ['drivers', ['show开发者_StackOverflow社区','delete','update']],
             ['index',   ['edit','destroy','view']]
           ],

           'administrator' => [
             ['users', ['show','edit','delete']],
             ['index', ['delete','index','show']]
           ]
         }

I want to check if user have access to particular controller and action

user       = 'administrator'
controller = 'index'
action     = 'delete'

I do it with

if access[user]
  access[user].each do |acc|
    if acc[0].include? controller 
      if acc[1].include? action
        puts "User '#{user}' have access to controller '#{controller}' and action '#{action}'"
      end
    end
  end
end

Maybe exists more elegant way to store similar data or better way to access it?

Instead of rolling it yourself, I would recommend a system like CanCan or Stonewall.

Both of those have methods that allow you to ask "Can this user do this thing on this object?".

Stonewall + StonewallActionProtection, a plugin of my own, can make access checks for CRUD operations automatic.

Here is a more elegant way : https://github.com/ezmobius/acl_system2