jobs: hide job arguments and errors from non-admins.

These can sometimes contain sensitive information, such as IP addresses
or what files a user is trying to upload.

app/policies/background_job_policy.rb

@@ -9,8 +9,18 @@ class BackgroundJobPolicy < ApplicationPolicy
     user.is_admin?
   end
 
+  def can_see_params?
+    user.is_admin?
+  end
+
   alias_method :cancel?, :update?
   alias_method :destroy?, :update?
   alias_method :retry?, :update?
   alias_method :run?, :update?
+
+  def api_attributes
+    attributes = super
+    attributes -= [:serialized_params] unless can_see_params?
+    attributes
+  end
 end