summaryrefslogtreecommitdiff
path: root/app/policies/namespaces/user_namespace_policy.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/policies/namespaces/user_namespace_policy.rb')
-rw-r--r--app/policies/namespaces/user_namespace_policy.rb28
1 files changed, 28 insertions, 0 deletions
diff --git a/app/policies/namespaces/user_namespace_policy.rb b/app/policies/namespaces/user_namespace_policy.rb
new file mode 100644
index 00000000000..f8b285e5312
--- /dev/null
+++ b/app/policies/namespaces/user_namespace_policy.rb
@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module Namespaces
+ class UserNamespacePolicy < BasePolicy
+ rule { anonymous }.prevent_all
+
+ condition(:personal_project, scope: :subject) { @subject.kind == 'user' }
+ condition(:can_create_personal_project, scope: :user) { @user.can_create_project? }
+ condition(:owner) { @subject.owner == @user }
+
+ rule { owner | admin }.policy do
+ enable :owner_access
+ enable :create_projects
+ enable :admin_namespace
+ enable :read_namespace
+ enable :read_statistics
+ enable :create_jira_connect_subscription
+ enable :create_package_settings
+ enable :read_package_settings
+ end
+
+ rule { personal_project & ~can_create_personal_project }.prevent :create_projects
+
+ rule { (owner | admin) & can?(:create_projects) }.enable :transfer_projects
+ end
+end
+
+Namespaces::UserNamespacePolicy.prepend_mod_with('Namespaces::UserNamespacePolicy')
View Lorry Controller Status