I just found a very useful plugin role_requirement to manage roles in rails app.
RoleRequirement focuses on a simple approach to role-based authentication. RoleRequirement leverages the power of !Ruby to strike a marvelous balance between simplicity and flexibility.
* A user can have many roles or one role
* Full test helpers to make it easy to test your controllers.
* Squeaky clean implementation – don’t repeat yourself!
* Code generators: spend more time coding and less time wading through installation instructions.