debian-mirror-gitlab/app/policies/user_policy.rb
2018-10-15 14:42:47 +05:30

15 lines
463 B
Ruby

class UserPolicy < BasePolicy
desc "The current user is the user in question"
condition(:user_is_self, score: 0) { @subject == @user }
desc "This is the ghost user"
condition(:subject_ghost, scope: :subject, score: 0) { @subject.ghost? }
rule { ~restricted_public_level }.enable :read_user
rule { ~anonymous }.enable :read_user
rule { ~subject_ghost & (user_is_self | admin) }.policy do
enable :destroy_user
enable :update_user
end
end