pundit (and rolify?)

John Quarto-vonTivadar
guy,  i have a burning question w.r.t. authorization: I've read the various wikis for Pundit and for Rolify, but here's my perhaps too-basic question:   If instead of  flat "roles" per se, I instead want to do something based on the subscription plan someone has subscribed to -- perhaps bronze, silver, gold -- how would I write a Policy that encompasses the idea that "Silver is everything a Silver can do specifically, plus anything a Bronze can do"?  Ditto with Gold, though the moment GOld "inherits" Silver permissions, it would mean it also inherits Bronze permissions.    So far I don't see how to handle this in a hierarchial way.  Yet if I just write them out separately what happens if I end up with , say, a dozen different plans? (I'm gonna want some hierarchy!).  thanks for any thoughts
Donn Felker
Hey John, you can have the parent policy have a few methods that check for plans. Then you can other methods say say "isSilver" or 'isGold', or "isTier(:gold)?" that are called in the child policies. That method would call into the isSilver || isGold/etc. Therefore all of your logic is stored in the one policy that determines what a "gold" vs "silver" membership is.
You’re not receiving notifications from this thread.
© 2021 GoRails, LLC