users: allow site owner to reset passwords of other users.

2020-12-13 19:07:19 -06:00
parent d8b51e3f02
commit 86bba56eda
3 changed files with 20 additions and 2 deletions
--- a/app/policies/password_policy.rb
+++ b/app/policies/password_policy.rb
@@ -1,5 +1,5 @@
 class PasswordPolicy < ApplicationPolicy
  def update?
-    record.id == user.id || user.is_admin?
+    record.id == user.id || user.is_owner?
  end
 end