Support for permitted_attributes

[spiderbites]

Hey, thanks for the gem, I've been using it on a project and am really enjoying the design.

Wondering if you have any ideas about implementing pundit's permitted_attributes feature (https://github.com/elabs/pundit#strong-parameters) via a pundit-resources defined policy.

[NuckChorris]

If I'm not mistaken, this would be as simple as something like this:

module PunditResource
  def self.updatable_fields(context)
    policy.permitted_attributes
  end

  def self.creatable_fields(context)
    policy.permitted_attributess
  end
end

JSONAPI::Resources already provides hooks for this exact purpose. I'll send a PR in a couple weeks if nobody beats me to the punch