What is the advantage of doing this manually vs using a gem like pundit or cancancan?

You don't get the benefit of having attributes limited on a per user basis with Pundit or Cancancan. This would pair nicely with either of those.

Amazing approach !! I started to learn de implementation of pundit last week and still working on ... now i can dive in more deep steps

Great episode, please create more like this , and I think this could be a good series of "cancancan"  

  David Kimura   i was thinking to extend/upgrade the permissions being not "linked" directly to a user but to a "user-profile" ... something like: "user.profile.permissions" have you did this before ? any suggestion ?

Yea, I’ve implemented something like this before with that approach

can i store this permissions in db instead of initializers ? 

  almokhtar  Technically yes. However, since these permissions are highly derivative based on the application code, it doesn't make much sense to have it in the database. For example, if you add a new attribute to a user model, there will be a database change for sure, but also there will be application code change to consume this new attribute. It makes sense to keep the permission list with the code since that's where it is ultimately tied to.