2016-08-18 12:59:17 -04:00
|
|
|
class UserPolicy < BasePolicy
|
|
|
|
include Gitlab::CurrentSettings
|
|
|
|
|
|
|
|
def rules
|
|
|
|
can! :read_user if @user || !restricted_public_level?
|
2017-02-17 09:58:12 -05:00
|
|
|
|
|
|
|
if @user
|
|
|
|
if @user.admin? || @subject == @user
|
|
|
|
can! :destroy_user
|
|
|
|
end
|
|
|
|
|
|
|
|
cannot! :destroy_user if @subject.ghost?
|
|
|
|
end
|
2016-08-18 12:59:17 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def restricted_public_level?
|
|
|
|
current_application_settings.restricted_visibility_levels.include?(Gitlab::VisibilityLevel::PUBLIC)
|
|
|
|
end
|
|
|
|
end
|