removed json and forced authorization for dmptemplates

removed json and forced authentication on guidance_groups

removed all json responces from guidances controller and forced authorization

removed authorization from home-controller as some users will not be logged in when request fielded

forced auth on organisations_controller. TODO: re-check parent, children, and templates after AJAX removed

modified organisations

added auth to home controller

removed verify_authorized out to individual controllers

forced all actions to be authenticated through pundit

removed unused actions and json from users controller

updated efficiency of update_user_permissions

more merge conflicts

added ability to grant permissions to other users

fixed a bug where users' api_tokens would display if they had none

overhaul of performance of users admin-index

added new permissions to api

added docs to new function

finished changes to update_user_permissions

made changed to user.rb

made changes to update user permissions

added debug to update_user_permissions

turns out we do user user_org_roles to determine organisation, re-added

fixed bug in can_<do permission>? functions

updated the organisation_id = (new) in user model, was causing seed to fail

updated funciton to ensure no dupelicates

added functionality to port users from old auth structure to new

ensured users loose roles upon org changing and added depricated tags to roles

removed initalizer for rollify

updated documentation syntax for some models

removed cancancan and rollify