From 771c9d4ba87a388dc306c58139d11bf510680c98 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Thu, 8 Jul 2021 05:31:28 +0200
Subject: Add ability to skip sign-in token authentication for specific users
 (#16427)

Remove "active within last two weeks" exception for sign in token requirement

Change admin reset password to lock access until the password is reset
---
 app/policies/user_policy.rb | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'app/policies/user_policy.rb')

diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb
index d832bff75..6695a0ddf 100644
--- a/app/policies/user_policy.rb
+++ b/app/policies/user_policy.rb
@@ -13,6 +13,14 @@ class UserPolicy < ApplicationPolicy
     admin? && !record.staff?
   end
 
+  def disable_sign_in_token_auth?
+    staff?
+  end
+
+  def enable_sign_in_token_auth?
+    staff?
+  end
+
   def confirm?
     staff? && !record.confirmed?
   end
-- 
cgit