Ensure views only link to those actions allowed for current user

app/views/code_harbor_links/index.html.slim

@@ -9,10 +9,10 @@ h1 = CodeHarborLink.model_name.human(count: 2)
     tbody
       - @code_harbor_links.each do |code_harbor_link|
         tr
-          td = link_to(code_harbor_link.oauth2token, code_harbor_link)
-          td = link_to(t('shared.show'), code_harbor_link)
-          td = link_to(t('shared.edit'), edit_code_harbor_link_path(code_harbor_link))
-          td = link_to(t('shared.destroy'), code_harbor_link, data: {confirm: t('shared.confirm_destroy')}, method: :delete)
+          td = link_to_if(policy(code_harbor_link).show?, code_harbor_link.oauth2token, code_harbor_link)
+          td = link_to(t('shared.show'), code_harbor_link) if policy(code_harbor_link).show?
+          td = link_to(t('shared.edit'), edit_code_harbor_link_path(code_harbor_link)) if policy(code_harbor_link).edit?
+          td = link_to(t('shared.destroy'), code_harbor_link, data: {confirm: t('shared.confirm_destroy')}, method: :delete) if policy(code_harbor_link).destroy?
 
 = render('shared/pagination', collection: @code_harbor_links)
 p = render('shared/new_button', model: CodeHarborLink)

app/views/code_harbor_links/show.html.slim

@@ -1,6 +1,6 @@
 h1
   = @code_harbor_link
-  = render('shared/edit_button', object: @code_harbor_link) if policy(@code_harbor_link).edit?
+  = render('shared/edit_button', object: @code_harbor_link)
 
 - %w[oauth2token].each do |attribute|
   = row(label: "code_harbor_link.#{attribute}") do