pundit: convert passwords to pundit.

2020-03-19 18:59:53 -05:00
parent 62835ac9fc
commit 83eae1bf11
2 changed files with 12 additions and 14 deletions
--- a/app/policies/password_policy.rb
+++ b/app/policies/password_policy.rb
@@ -0,0 +1,9 @@
+class PasswordPolicy < ApplicationPolicy
+  def update?
+    record.id == user.id || user.is_admin?
+  end
+
+  def permitted_attributes
+    [:signed_user_id, :old_password, :password, :password_confirmation]
+  end
+end