summaryrefslogtreecommitdiff
path: root/app/policies/user_policy.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/policies/user_policy.rb')
-rw-r--r--app/policies/user_policy.rb6
1 files changed, 6 insertions, 0 deletions
diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb
index ee219f0a0d0..8499e45e846 100644
--- a/app/policies/user_policy.rb
+++ b/app/policies/user_policy.rb
@@ -5,6 +5,9 @@ class UserPolicy < BasePolicy
desc "This is the ghost user"
condition(:subject_ghost, scope: :subject, score: 0) { @subject.ghost? }
+ desc "The profile is private"
+ condition(:private_profile, scope: :subject, score: 0) { @subject.private_profile? }
+
rule { ~restricted_public_level }.enable :read_user
rule { ~anonymous }.enable :read_user
@@ -12,4 +15,7 @@ class UserPolicy < BasePolicy
enable :destroy_user
enable :update_user
end
+
+ rule { default }.enable :read_user_profile
+ rule { private_profile & ~(user_is_self | admin) }.prevent :read_user_profile
end
View Lorry Controller Status