I have been using acl9 by applying acts_as_authorization_subject to
User class and acts_as_authorization_role to Role class. I had
everything work without applying acts_as_authorization_object to any
of the object classes on which permissions were being managed. As I
realize now, this all works until you realize that your roles aren't
getting deleted when the authorizable objects are deleted in system.
This is not just a minor cleanup issue. It may cause some headache
when you perform 'left outer joins' that involve roles_users and roles
tables with such stray rows in it.
I wonder, why acl9 doesn't automatically apply
acts_as_authorization_object to all activerecord models in the
system.. It doesn't hurt any object that doesn't need it but will make
sure proper cleanup happens all the time.
Any suggestion?