summaryrefslogtreecommitdiff
path: root/app/policies
diff options
context:
space:
mode:
authorTimothy Andrew <mail@timothyandrew.net>2017-02-17 20:28:12 +0530
committerTimothy Andrew <mail@timothyandrew.net>2017-02-24 16:50:20 +0530
commit6fdb17cbbe5dc70d18f50e9d131ab70407976a71 (patch)
tree79541d2bab89273fdf0b1d99cee7a3dfe94b0d8b /app/policies
parentf2ed82fa8486875660b80dd061827ac8b86d00b6 (diff)
downloadgitlab-ce-6fdb17cbbe5dc70d18f50e9d131ab70407976a71.tar.gz
Don't allow deleting a ghost user.
- Add a `destroy_user` ability. This didn't exist before, and was implicit in other abilities (only admins could access the admin area, so only they could destroy all users; a user can only access their own account page, and so can destroy only themselves). - Grant this ability to admins, and when the current user is trying to destroy themselves. Disallow destroying ghost users in all cases. - Modify the `Users::DestroyService` to check this ability. Also check it in views to decide whether or not to show the "Delete User" button. - Add a short summary of the Ghost User to the bio.
Diffstat (limited to 'app/policies')
-rw-r--r--app/policies/user_policy.rb8
1 files changed, 8 insertions, 0 deletions
diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb
index 03a2499e263..229846e368c 100644
--- a/app/policies/user_policy.rb
+++ b/app/policies/user_policy.rb
@@ -3,6 +3,14 @@ class UserPolicy < BasePolicy
def rules
can! :read_user if @user || !restricted_public_level?
+
+ if @user
+ if @user.admin? || @subject == @user
+ can! :destroy_user
+ end
+
+ cannot! :destroy_user if @subject.ghost?
+ end
end
def restricted_public_level?