fix behaviors around inactivated accounts

1 files changed, 5 insertions, 2 deletions

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index fb738a0..66eb4ca 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -21,11 +21,14 @@ class ApplicationController < ActionController::Base
   end
 
   def authorized_to_show_user?(user)
-    !user.protected? || (logged_in? && current_user.permitted_to_see?(user))
+    !user.protected? ||
+      (logged_in? && current_user.permitted_to_see?(user))
   end
 
   def authorized_to_show_user_best?(user)
-    (!user.private? || current_user == user) && authorized_to_show_user?(user)
+    user.registered? &&
+      (!user.private? || current_user == user) &&
+        authorized_to_show_user?(user)
   end
 
   def authorize_to_show_user!(user)