37061f95a6
* Add an explanation of what an API key is and how to use it. * Make it possible for the site owner to view all API keys. * Remove the requirement to re-enter your password before you can view your API key (to be reworked). * Move the API key controller from maintenance/user/api_keys_controller.rb to a top level controller.
18 lines
224 B
Ruby
18 lines
224 B
Ruby
class ApiKeyPolicy < ApplicationPolicy
|
|
def create?
|
|
!user.is_anonymous?
|
|
end
|
|
|
|
def index?
|
|
!user.is_anonymous?
|
|
end
|
|
|
|
def destroy?
|
|
record.user == user
|
|
end
|
|
|
|
def api_attributes
|
|
super - [:key]
|
|
end
|
|
end
|