app/policies/personal_access_token_policy.rb


1
2
3
4
5
6
7
8
9
10

# frozen_string_literal: true

class PersonalAccessTokenPolicy < BasePolicy
  condition(:is_owner) { user && subject.user_id == user.id }

  rule { (is_owner | admin) & ~blocked }.policy do
    enable :read_token
    enable :revoke_token
  end
end