diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-30 21:08:47 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-30 21:08:47 +0000 |
commit | c8f773a8593926f4f2dec6f446a3b3e59e9c9909 (patch) | |
tree | 4e5ea1d3b861ff99015f6112da567de7873868aa /app/policies | |
parent | 929b887e5391dea7cb53b88b77b9a35351c87d99 (diff) | |
download | gitlab-ce-c8f773a8593926f4f2dec6f446a3b3e59e9c9909.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/policies')
-rw-r--r-- | app/policies/base_policy.rb | 8 | ||||
-rw-r--r-- | app/policies/global_policy.rb | 7 |
2 files changed, 15 insertions, 0 deletions
diff --git a/app/policies/base_policy.rb b/app/policies/base_policy.rb index 3a16f7dc239..c93a19bdc3d 100644 --- a/app/policies/base_policy.rb +++ b/app/policies/base_policy.rb @@ -21,6 +21,14 @@ class BasePolicy < DeclarativePolicy::Base with_options scope: :user, score: 0 condition(:deactivated) { @user&.deactivated? } + desc "User email is unconfirmed or user account is locked" + with_options scope: :user, score: 0 + condition(:inactive) do + Feature.enabled?(:inactive_policy_condition, default_enabled: true) && + @user && + !@user&.active_for_authentication? + end + with_options scope: :user, score: 0 condition(:external_user) { @user.nil? || @user.external? } diff --git a/app/policies/global_policy.rb b/app/policies/global_policy.rb index 764d61a9e22..2bde7bcca08 100644 --- a/app/policies/global_policy.rb +++ b/app/policies/global_policy.rb @@ -36,6 +36,13 @@ class GlobalPolicy < BasePolicy enable :use_slash_commands end + rule { inactive }.policy do + prevent :log_in + prevent :access_api + prevent :access_git + prevent :use_slash_commands + end + rule { blocked | internal }.policy do prevent :log_in prevent :access_api |