Is it possible to load pundit policies from a database?

Question

Is it possible to load pundit policies from a database?

I like the simplicity of Pundit pearls, and I would like to make policies dynamic by storing them in a database.

Basically, I'm looking for a way to change policies without having to redeploy the application.

+4

ruby authorization rubygems pundit

LukasMac Dec 02 '16 at 10:06

source share

1 answer

Nick Roz · Answer 1 · 2018-02-05T16:45:43+0000

1st way

The Pundit policy is pure ruby code, so if you do not want to store the code inside the database and evaluate it dynamically, I would say that the answer is no. It's not safe. However, you can give him pleasure.

Second way

But nothing prevents you from creating a model that stores the rules in plain json and compares them using Pundit, for example:

class PostPolicy < ApplicationPolicy
  def update?
    access_setting = PolicySetting.find_by(key: self.class_name)
    user.role.in?(access_setting['roles'])
  end
end

, .

. , ( , ) .

4-

DSL

5-

- json-logic-ruby

Is it possible to load pundit policies from a database?

More articles: