• Timothy Andrew's avatar
    Allow admins to sudo to blocked users. · 4dfdef2d
    Timothy Andrew authored
    - Currently, (for example) admins can't delete snippets for blocked users, which
      is an unexpected limitation.
    
    - We modify `authenticate!` to conduct the `access_api` policy check against the
      `initial_current_user`, instead of the user being impersonated.
    
    - Update CHANGELOG for !10842
    4dfdef2d
helpers_spec.rb 13.9 KB