diff options
Diffstat (limited to 'app/policies/user_policy.rb')
-rw-r--r-- | app/policies/user_policy.rb | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb index ee219f0a0d0..8499e45e846 100644 --- a/app/policies/user_policy.rb +++ b/app/policies/user_policy.rb @@ -5,6 +5,9 @@ class UserPolicy < BasePolicy desc "This is the ghost user" condition(:subject_ghost, scope: :subject, score: 0) { @subject.ghost? } + desc "The profile is private" + condition(:private_profile, scope: :subject, score: 0) { @subject.private_profile? } + rule { ~restricted_public_level }.enable :read_user rule { ~anonymous }.enable :read_user @@ -12,4 +15,7 @@ class UserPolicy < BasePolicy enable :destroy_user enable :update_user end + + rule { default }.enable :read_user_profile + rule { private_profile & ~(user_is_self | admin) }.prevent :read_user_profile end |