There are a few very good authorization gems, like cancan and declarative_authorization. But here's a problem: authorization rules are seperated in class, but i need to place them in table or maybe some yaml config file to change them in admin panel eventually. Perfectly, if i can either change permissons for user groups and for individual users in admin panel. Are there any solutions?
You can do that with Cancan.
Like explain on this wiki page : http://github.com/ryanb/cancan/wiki/Role-Based-Authorization
You just need define your role in database like you want. After you need check in your Ability model if your user has his role or not. You can change his permission directly from the database.