diff options
Diffstat (limited to 'app/policies/namespaces/user_namespace_policy.rb')
-rw-r--r-- | app/policies/namespaces/user_namespace_policy.rb | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/app/policies/namespaces/user_namespace_policy.rb b/app/policies/namespaces/user_namespace_policy.rb new file mode 100644 index 00000000000..f8b285e5312 --- /dev/null +++ b/app/policies/namespaces/user_namespace_policy.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +module Namespaces + class UserNamespacePolicy < BasePolicy + rule { anonymous }.prevent_all + + condition(:personal_project, scope: :subject) { @subject.kind == 'user' } + condition(:can_create_personal_project, scope: :user) { @user.can_create_project? } + condition(:owner) { @subject.owner == @user } + + rule { owner | admin }.policy do + enable :owner_access + enable :create_projects + enable :admin_namespace + enable :read_namespace + enable :read_statistics + enable :create_jira_connect_subscription + enable :create_package_settings + enable :read_package_settings + end + + rule { personal_project & ~can_create_personal_project }.prevent :create_projects + + rule { (owner | admin) & can?(:create_projects) }.enable :transfer_projects + end +end + +Namespaces::UserNamespacePolicy.prepend_mod_with('Namespaces::UserNamespacePolicy') |