fix behaviors around inactivated accounts

2 files changed, 6 insertions, 3 deletions

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index fb738a0..66eb4ca 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -21,11 +21,14 @@ class ApplicationController < ActionController::Base
   end
 
   def authorized_to_show_user?(user)
-    !user.protected? || (logged_in? && current_user.permitted_to_see?(user))
+    !user.protected? ||
+      (logged_in? && current_user.permitted_to_see?(user))
   end
 
   def authorized_to_show_user_best?(user)
-    (!user.private? || current_user == user) && authorized_to_show_user?(user)
+    user.registered? &&
+      (!user.private? || current_user == user) &&
+        authorized_to_show_user?(user)
   end
 
   def authorize_to_show_user!(user)
diff --git a/app/models/user.rb b/app/models/user.rb
index 49ed7cd..de499fd 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -52,7 +52,7 @@ class User < ActiveRecord::Base
   end
 
   def registered?
-    !!account
+    !!account && account.active?
   end
 
   def permitted_to_see?(user)