add pundir style authorization

app/controllers/application_controller.rb

@@ -1,9 +1,13 @@
 class ApplicationController < ActionController::Base
   before_action :configure_permitted_parameters, if: :devise_controller?
 
-   protected
+  include Pundit::Authorization
 
-   def configure_permitted_parameters
+  alias :current_user :current_member #for pundit
+
+  protected
+
+  def configure_permitted_parameters
      devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
-   end
+  end
 end

app/controllers/teachers_controller.rb

@@ -17,6 +17,7 @@ class TeachersController < ApplicationController
 
   # GET /teachers/1/edit
   def edit
+    authorize @teacher
   end
 
   # POST /teachers
@@ -33,6 +34,7 @@ class TeachersController < ApplicationController
 
   # PATCH/PUT /teachers/1
   def update
+    authorize @teacher
     if @teacher.update(teacher_params)
       redirect_to @teacher, notice: "Teacher Profile was updated."
     else
@@ -42,6 +44,7 @@ class TeachersController < ApplicationController
 
   # DELETE /teachers/1
   def destroy
+    authorize @teacher
     @teacher.destroy
     redirect_to teachers_url, notice: "Teacher was successfully destroyed."
   end