debian-mirror-gitlab/app/policies/user_policy.rb

# frozen_string_literal: true

class UserPolicy < BasePolicy
  desc "The current user is the user in question"
  condition(:user_is_self, score: 0) { @subject == @user }

  desc "This is the ghost user"
  condition(:subject_ghost, scope: :subject, score: 0) { @subject.ghost? }

  desc "The profile is private"
  condition(:private_profile, scope: :subject, score: 0) { @subject.private_profile? }

  desc "The user is blocked"
  condition(:blocked_user, scope: :subject, score: 0) { @subject.blocked? }

  rule { ~restricted_public_level }.enable :read_user
  rule { ~anonymous }.enable :read_user

  rule { ~subject_ghost & (user_is_self | admin) }.policy do
    enable :destroy_user
    enable :update_user
    enable :update_user_status
    enable :read_user_personal_access_tokens
  end

  rule { default }.enable :read_user_profile
  rule { (private_profile | blocked_user) & ~(user_is_self | admin) }.prevent :read_user_profile
  rule { user_is_self | admin }.enable :disable_two_factor
end

UserPolicy.prepend_if_ee('EE::UserPolicy')
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`# frozen_string_literal: true`

New upstream version 8.12.1+dfsg1 2016-09-29 09:46:39 +05:30			`class UserPolicy < BasePolicy`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`desc "The current user is the user in question"`
			`condition(:user_is_self, score: 0) { @subject == @user }`
New upstream version 8.12.1+dfsg1 2016-09-29 09:46:39 +05:30
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`desc "This is the ghost user"`
			`condition(:subject_ghost, scope: :subject, score: 0) { @subject.ghost? }`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`desc "The profile is private"`
			`condition(:private_profile, scope: :subject, score: 0) { @subject.private_profile? }`

New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`desc "The user is blocked"`
			`condition(:blocked_user, scope: :subject, score: 0) { @subject.blocked? }`

New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`rule { ~restricted_public_level }.enable :read_user`
			`rule { ~anonymous }.enable :read_user`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 10.8.7+dfsg 2018-10-15 14:42:47 +05:30			`rule { ~subject_ghost & (user_is_self \| admin) }.policy do`
			`enable :destroy_user`
			`enable :update_user`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`enable :update_user_status`
New upstream version 13.3.8 2020-10-24 23:57:45 +05:30			`enable :read_user_personal_access_tokens`
New upstream version 10.8.7+dfsg 2018-10-15 14:42:47 +05:30			`end`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30
			`rule { default }.enable :read_user_profile`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`rule { (private_profile \| blocked_user) & ~(user_is_self \| admin) }.prevent :read_user_profile`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`rule { user_is_self \| admin }.enable :disable_two_factor`
New upstream version 8.12.1+dfsg1 2016-09-29 09:46:39 +05:30			`end`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30
			`UserPolicy.prepend_if_ee('EE::UserPolicy')`