diff options
author | Timothy Andrew <mail@timothyandrew.net> | 2017-02-17 17:58:12 +0300 |
---|---|---|
committer | Timothy Andrew <mail@timothyandrew.net> | 2017-02-24 14:20:20 +0300 |
commit | 6fdb17cbbe5dc70d18f50e9d131ab70407976a71 (patch) | |
tree | 79541d2bab89273fdf0b1d99cee7a3dfe94b0d8b /app/services/users | |
parent | f2ed82fa8486875660b80dd061827ac8b86d00b6 (diff) |
Don't allow deleting a ghost user.
- Add a `destroy_user` ability. This didn't exist before, and was implicit in
other abilities (only admins could access the admin area, so only they could
destroy all users; a user can only access their own account page, and so can
destroy only themselves).
- Grant this ability to admins, and when the current user is trying to destroy
themselves. Disallow destroying ghost users in all cases.
- Modify the `Users::DestroyService` to check this ability. Also check it in
views to decide whether or not to show the "Delete User" button.
- Add a short summary of the Ghost User to the bio.
Diffstat (limited to 'app/services/users')
-rw-r--r-- | app/services/users/destroy_service.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/services/users/destroy_service.rb b/app/services/users/destroy_service.rb index 523279944ae..833da5bc5d1 100644 --- a/app/services/users/destroy_service.rb +++ b/app/services/users/destroy_service.rb @@ -7,7 +7,7 @@ module Users end def execute(user, options = {}) - unless current_user.admin? || current_user == user + unless Ability.allowed?(current_user, :destroy_user, user) raise Gitlab::Access::AccessDeniedError, "#{current_user} tried to destroy user #{user}!" end |