api keys: rework API key UI.
* Add an explanation of what an API key is and how to use it. * Make it possible for the site owner to view all API keys. * Remove the requirement to re-enter your password before you can view your API key (to be reworked). * Move the API key controller from maintenance/user/api_keys_controller.rb to a top level controller.
This commit is contained in:
evazion
17
app/policies/api_key_policy.rb
Normal file
17
app/policies/api_key_policy.rb
Normal file
@@ -0,0 +1,17 @@
|
||||
class ApiKeyPolicy < ApplicationPolicy
|
||||
def create?
|
||||
!user.is_anonymous?
|
||||
end
|
||||
|
||||
def index?
|
||||
!user.is_anonymous?
|
||||
end
|
||||
|
||||
def destroy?
|
||||
record.user == user
|
||||
end
|
||||
|
||||
def api_attributes
|
||||
super - [:key]
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user