class ApplicationController < ActionController::Base include Pundit protec

1. class ApplicationController < ActionController::Base
2.   include Pundit
3.   protect_from_forgery with: :exception
4.   before_action :configure_permitted_parameters, if: :devise_controller?
5.   helper_method :current_user_can_edit?
6.   rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
7.  
8.   private
9.  
10.   def configure_permitted_parameters
11.     devise_parameter_sanitizer.permit(
12.       :account_update,
13.       keys: [:password, :password_confirmation, :current_password]
14.     )
15.   end
16.  
17.   def current_user_can_edit?(model)
18.     user_signed_in? && (model.user == current_user || (model.try(:event).present? && model.event.user == current_user))
19.   end
20.  
21.   def pundit_user
22.     OpenStruct.new(user: current_user, cookies: cookies)
23.   end
24. end