diff options
author | Rhenium <rhenium@rhe.jp> | 2014-03-01 15:16:41 +0900 |
---|---|---|
committer | Rhenium <rhenium@rhe.jp> | 2014-03-01 15:16:41 +0900 |
commit | 86d7aef89e7c7e864dda1100d0e90e73c72f512a (patch) | |
tree | ef29b1432545f2124fb583660397147453d15403 /app/controllers/application_controller.rb | |
parent | 3f09e4c1f4296466e48d777c5c42ca2577c3260e (diff) | |
download | aclog-86d7aef89e7c7e864dda1100d0e90e73c72f512a.tar.gz |
fix behaviors around inactivated accounts
Diffstat (limited to 'app/controllers/application_controller.rb')
-rw-r--r-- | app/controllers/application_controller.rb | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index fb738a0..66eb4ca 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -21,11 +21,14 @@ class ApplicationController < ActionController::Base end def authorized_to_show_user?(user) - !user.protected? || (logged_in? && current_user.permitted_to_see?(user)) + !user.protected? || + (logged_in? && current_user.permitted_to_see?(user)) end def authorized_to_show_user_best?(user) - (!user.private? || current_user == user) && authorized_to_show_user?(user) + user.registered? && + (!user.private? || current_user == user) && + authorized_to_show_user?(user) end def authorize_to_show_user!(user) |