convert all the policies to DeclarativePolicy

1 files changed, 13 insertions, 12 deletions

diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb
index 229846e368c..0181ddf85e0 100644
--- a/app/policies/user_policy.rb
+++ b/app/policies/user_policy.rb
@@ -1,19 +1,20 @@
 class UserPolicy < BasePolicy
   include Gitlab::CurrentSettings
 
-  def rules
-    can! :read_user if @user || !restricted_public_level?
+  desc "The application is restricted from public visibility"
+  condition(:restricted_public_level, scope: :global) do
+    current_application_settings.restricted_visibility_levels.include?(Gitlab::VisibilityLevel::PUBLIC)
+  end
 
-    if @user
-      if @user.admin? || @subject == @user
-        can! :destroy_user
-      end
+  desc "The current user is the user in question"
+  condition(:user_is_self, score: 0) { @subject == @user }
 
-      cannot! :destroy_user if @subject.ghost?
-    end
-  end
+  desc "This is the ghost user"
+  condition(:subject_ghost, scope: :subject, score: 0) { @subject.ghost? }
 
-  def restricted_public_level?
-    current_application_settings.restricted_visibility_levels.include?(Gitlab::VisibilityLevel::PUBLIC)
-  end
+  rule { ~restricted_public_level }.enable :read_user
+  rule { ~anonymous }.enable :read_user
+
+  rule { user_is_self | admin }.enable :destroy_user
+  rule { subject_ghost }.prevent :destroy_user
 end