It does not provide authentication capability, nor it's own User model, but instead is meant to work with other authentication plugins such as acts_as_authenticated or restful_authentication. You will need a User model, and the 'current_user' method to be implemented at the controller level using an include.
Badges relies on the following domain model: A Privilege represents a particular named capability that is checked for authorization. Roles have a set of Privileges. Privileges can belong to more than one Role. Users can have one or more Roles. Users can have a role in general, or a role on an authorizable object, or on a Class of authorizable objects.
Badges enforces authorization by checking if a user has a particular privilege. Users get privileges by having roles, as each role comes with a certain set of privileges. Since what privileges a role has is stored in the database, it is easy to create new roles with different levels of privilege without needing to change any code, or to change existing roles while the application is running. There is an included UI for updating roles and privileges.
Authorization can be checked at all layers of the application: view, controller, and model.
View:
You have the privilege to 'Are you sure?', :method => :delete %> the project!
Controller:
class FooController < ApplicationController
need to have 'manage foos' privilege to create, update or destroy privilege_required 'manage foos', :on=>Some::Foo :only => [:create, :update, :destroy] endModel:
