I've got a rails application, backed by MySQL. It's using a row-level permissions model. i.e. I have a few columns (permission1, permission2, permission3) on a table called projects and I need to check if the user who has details of the permissions they can access in their session can see the data queried from the projects table and filter it out if they don't.
I could probably do this on a case by case basis, but I'm looking for something generic so that (i) it works for other tables I might add the permissions model to later and (ii) so if I run a Projects.all somewhere and forget to add the appropriate where clause I don't accidentally show data to a user who doesn't have permission to view it.
Previously I've used a modified JDBC driver in a Java webapp, but I don't know what the equivalent solution should be with rails + MySQL.
