Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class ApplicationController < ActionController::Base
- include Pundit
- protect_from_forgery with: :exception
- before_action :configure_permitted_parameters, if: :devise_controller?
- helper_method :current_user_can_edit?
- rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
- private
- def configure_permitted_parameters
- devise_parameter_sanitizer.permit(
- :account_update,
- keys: [:password, :password_confirmation, :current_password]
- )
- end
- def current_user_can_edit?(model)
- user_signed_in? && (model.user == current_user || (model.try(:event).present? && model.event.user == current_user))
- end
- def pundit_user
- OpenStruct.new(user: current_user, cookies: cookies)
- end
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement