The cache_digests gem (also included in Rails 4) will automatically add a digest to the fragment cache key based on the template. If a template changes the cache will auto-expire. But watch out for the gotchas!
Authorization can be difficult to implement and test because it often involves complex logic that exists throughout the entire app. Here I demonstrate how to test and implement authorization from scratch.
The strong_parameters gem is an improvement over attr_accessible to securely handle mass assignment even when you have complex authorization logic. The functionality will likely be added to Rails 4 so it is a good idea to learn how it works.