summaryrefslogtreecommitdiff
path: root/app/serializers/member_user_entity.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/serializers/member_user_entity.rb')
-rw-r--r--app/serializers/member_user_entity.rb14
1 files changed, 13 insertions, 1 deletions
diff --git a/app/serializers/member_user_entity.rb b/app/serializers/member_user_entity.rb
index b3d8efc9143..6a01c5bb297 100644
--- a/app/serializers/member_user_entity.rb
+++ b/app/serializers/member_user_entity.rb
@@ -16,7 +16,7 @@ class MemberUserEntity < UserEntity
user.blocked?
end
- expose :two_factor_enabled do |user|
+ expose :two_factor_enabled, if: -> (user) { current_user_can_manage_members? || current_user?(user) } do |user|
user.two_factor_enabled?
end
@@ -25,6 +25,18 @@ class MemberUserEntity < UserEntity
user.status.emoji
end
end
+
+ private
+
+ def current_user_can_manage_members?
+ return false unless options[:source]
+
+ Ability.allowed?(options[:current_user], :"admin_#{options[:source].to_ability_name}_member", options[:source])
+ end
+
+ def current_user?(user)
+ options[:current_user] == user
+ end
end
MemberUserEntity.prepend_mod_with('MemberUserEntity')
View Lorry Controller Status