debian-mirror-gitlab/app/policies/personal_access_token_policy.rb

11 lines
274 B
Ruby
Raw Normal View History

2020-10-24 23:57:45 +05:30
# frozen_string_literal: true
class PersonalAccessTokenPolicy < BasePolicy
2021-08-04 16:29:09 +05:30
condition(:is_owner) { user && subject.user_id == user.id && !subject.impersonation }
2020-10-24 23:57:45 +05:30
rule { (is_owner | admin) & ~blocked }.policy do
enable :read_token
enable :revoke_token
end
end