gitlab-org--gitlab-foss/app/policies/global_policy.rb

51 lines
1.1 KiB
Ruby
Raw Normal View History

2016-08-16 19:29:19 -04:00
class GlobalPolicy < BasePolicy
desc "User is blocked"
with_options scope: :user, score: 0
condition(:blocked) { @user.blocked? }
desc "User is an internal user"
with_options scope: :user, score: 0
condition(:internal) { @user.internal? }
2016-08-30 14:14:07 -04:00
desc "User's access has been locked"
with_options scope: :user, score: 0
condition(:access_locked) { @user.access_locked? }
rule { anonymous }.policy do
prevent :log_in
prevent :access_api
prevent :access_git
prevent :receive_notifications
prevent :use_quick_actions
prevent :create_group
end
rule { default }.policy do
enable :log_in
enable :access_api
enable :access_git
enable :receive_notifications
enable :use_quick_actions
end
rule { blocked | internal }.policy do
prevent :log_in
prevent :access_api
prevent :access_git
prevent :receive_notifications
prevent :use_quick_actions
end
rule { can_create_group }.policy do
enable :create_group
end
rule { access_locked }.policy do
prevent :log_in
2016-08-16 19:29:19 -04:00
end
rule { ~(anonymous & restricted_public_level) }.policy do
enable :read_users_list
2016-08-16 19:29:19 -04:00
end
end