Protector is an ORM extension providing DSL for managing security restrictions on a field level. Check out how at README (https://github.com/inossidabile/protector) & why at my blog post – http://staal.io/blog/2013/06/04/the-protector/.
What motivated you to write this rather than to lean on the Rails idioms of setting up authorization-specific associations, and using routes and controllers to express which verbs are allowed?