summaryrefslogtreecommitdiff
path: root/app/finders/events_finder.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/finders/events_finder.rb')
-rw-r--r--app/finders/events_finder.rb6
1 files changed, 6 insertions, 0 deletions
diff --git a/app/finders/events_finder.rb b/app/finders/events_finder.rb
index 52612f1f8aa..004fbc4cd22 100644
--- a/app/finders/events_finder.rb
+++ b/app/finders/events_finder.rb
@@ -33,6 +33,8 @@ class EventsFinder
end
def execute
+ return Event.none if cannot_access_private_profile?
+
events = get_events
events = by_current_user_access(events)
@@ -103,6 +105,10 @@ class EventsFinder
end
# rubocop: enable CodeReuse/ActiveRecord
+ def cannot_access_private_profile?
+ source.is_a?(User) && !Ability.allowed?(current_user, :read_user_profile, source)
+ end
+
def sort(events)
return events unless params[:sort]
View Lorry Controller Status