Ask A Question


You’re not receiving notifications from this thread.

Dynamic Authorization Roles with Pundit Discussion

Well this couldn't have come at a better time! Thanks Chris!!! I'll be hiding the UI for creating and editing roles and providing at a higher price plan, there's a lot of value in this


This approach is very interesting and I would like to understand and use it in a larger scale.
Also, eagerly waiting for the Rolify video as promised :)

So, the thing I don't fully understand here is, how to approach it when I need to add dynamic permissions for other models, too. Let's say PostCategory as video talks about Posts (and there will naturally be many many more).

How would I then scale configuration on the roles?
Adding flat attributes, where in this case i would say post_category_read, post_category_create in addition to the ones for Post, or maybe a nested JSON, where i would have post: { read, create, etc. }, post_category : {read, create, etc...} - if nesting is even possible, not sure right now.

Or maybe creating a separate attributes on Role altogether. Like post_permissions, post_category_permissions, etc...

Maybe I got it all wrong in the first place. I am a bit scared going this way and realizing it doesn't scale in a good way. Thanks for any tips


Any reason to use store_attributes instead of activerecord-typedstore ?
I just saw the video on that one and was wondering differences, advantages, etc-


Hi Chris,

I was just wondering about what approach to use if I want to toggle permissions of a user directly from rails views. e.g When I create a user, I want to be able to set their role and permissions from the view. Using your example above, how can I set the permissions when creating the role from the view?

Thank you


Looking forward to your rolify/pundit episode.

Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 78,890+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more.

    © 2023 GoRails, LLC. All rights reserved.