pundit: convert ip addresses to pundit.

app/controllers/ip_addresses_controller.rb

@@ -1,9 +1,8 @@
 class IpAddressesController < ApplicationController
   respond_to :html, :xml, :json
-  before_action :moderator_only
 
   def index
-    @ip_addresses = IpAddress.visible(CurrentUser.user).paginated_search(params)
+    @ip_addresses = authorize IpAddress.visible(CurrentUser.user).paginated_search(params)
 
     if search_params[:group_by] == "ip_addr"
       @ip_addresses = @ip_addresses.group_by_ip_addr(search_params[:ipv4_masklen], search_params[:ipv6_masklen])

app/controllers/moderator/ip_addrs_controller.rb

@@ -1,9 +1,9 @@
 module Moderator
   class IpAddrsController < ApplicationController
-    before_action :moderator_only
     respond_to :html, :json
 
     def index
+      authorize IpAddress
       @search = IpAddrSearch.new(params[:search])
       @results = @search.execute
       respond_with(@results)

app/policies/ip_address_policy.rb

@@ -0,0 +1,5 @@
+class IpAddressPolicy < ApplicationPolicy
+  def index?
+    user.is_moderator?
+  end
+end

app/views/users/_statistics.html.erb

@@ -10,7 +10,7 @@
         <th>Join Date</th>
         <td><%= presenter.join_date %></td>
       </tr>
-      <% if CurrentUser.is_moderator? %>
+      <% if policy(IpAddress).show? %>
         <tr>
           <th>Last IP</th>
           <td>

test/functional/ip_addresses_controller_test.rb

@@ -34,6 +34,11 @@ class IpAddressesControllerTest < ActionDispatch::IntegrationTest
         get_auth ip_addresses_path(search: { user_id: @user.id, group_by: "ip_addr" }), @mod
         assert_response :success
       end
+
+      should "not allow non-moderators to view IP addresses" do
+        get_auth ip_addresses_path, @user
+        assert_response 403
+      end
     end
   end
 end