BigW Consortium Gitlab

global_policy.rb 1.13 KB
Newer Older
1
class GlobalPolicy < BasePolicy
2 3 4
  desc "User is blocked"
  with_options scope: :user, score: 0
  condition(:blocked) { @user.blocked? }
5

6 7 8
  desc "User is an internal user"
  with_options scope: :user, score: 0
  condition(:internal) { @user.internal? }
9

10 11 12
  desc "User's access has been locked"
  with_options scope: :user, score: 0
  condition(:access_locked) { @user.access_locked? }
13

14 15 16 17 18 19 20 21
  rule { anonymous }.policy do
    prevent :log_in
    prevent :access_api
    prevent :access_git
    prevent :receive_notifications
    prevent :use_quick_actions
    prevent :create_group
  end
22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44

  rule { default }.policy do
    enable :log_in
    enable :access_api
    enable :access_git
    enable :receive_notifications
    enable :use_quick_actions
  end

  rule { blocked | internal }.policy do
    prevent :log_in
    prevent :access_api
    prevent :access_git
    prevent :receive_notifications
    prevent :use_quick_actions
  end

  rule { can_create_group }.policy do
    enable :create_group
  end

  rule { access_locked }.policy do
    prevent :log_in
45
  end
46

47
  rule { ~(anonymous & restricted_public_level) }.policy do
48
    enable :read_users_list
49 50
  end
end