2016-09-29 09:46:39 +05:30
|
|
|
class UserPolicy < BasePolicy
|
|
|
|
include Gitlab::CurrentSettings
|
|
|
|
|
|
|
|
def rules
|
|
|
|
can! :read_user if @user || !restricted_public_level?
|
2017-08-17 22:00:37 +05:30
|
|
|
|
|
|
|
if @user
|
|
|
|
if @user.admin? || @subject == @user
|
|
|
|
can! :destroy_user
|
|
|
|
end
|
|
|
|
|
|
|
|
cannot! :destroy_user if @subject.ghost?
|
|
|
|
end
|
2016-09-29 09:46:39 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
def restricted_public_level?
|
|
|
|
current_application_settings.restricted_visibility_levels.include?(Gitlab::VisibilityLevel::PUBLIC)
|
|
|
|
end
|
|
|
|
end
|