As a system admin i want only authrised users to be able to add and delate packages and bookings

[jferreira]

Authentication & Devise is in (Authorization & Pundit)

[jferreira]

@rodger think this also was about the authorisation gem bit, so no hack deleting. As in use pundit. Should we use pundit? MIght be good to learn

[rogermutt]

@jferreira It's a good point. I need to re-read the Pundit stuff. My PR is divided between edit and destroy so we can choose NOT to use one of the two.

I suggest: We leave current implementation (providing testing works) and if time this arvo I can move it to Pundit. Let me know what you think.