diff options
author | Rhenium <rhenium@rhe.jp> | 2014-03-01 15:16:41 +0900 |
---|---|---|
committer | Rhenium <rhenium@rhe.jp> | 2014-03-01 15:16:41 +0900 |
commit | 86d7aef89e7c7e864dda1100d0e90e73c72f512a (patch) | |
tree | ef29b1432545f2124fb583660397147453d15403 /app | |
parent | 3f09e4c1f4296466e48d777c5c42ca2577c3260e (diff) | |
download | aclog-86d7aef89e7c7e864dda1100d0e90e73c72f512a.tar.gz |
fix behaviors around inactivated accounts
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/application_controller.rb | 7 | ||||
-rw-r--r-- | app/models/user.rb | 2 |
2 files changed, 6 insertions, 3 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index fb738a0..66eb4ca 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -21,11 +21,14 @@ class ApplicationController < ActionController::Base end def authorized_to_show_user?(user) - !user.protected? || (logged_in? && current_user.permitted_to_see?(user)) + !user.protected? || + (logged_in? && current_user.permitted_to_see?(user)) end def authorized_to_show_user_best?(user) - (!user.private? || current_user == user) && authorized_to_show_user?(user) + user.registered? && + (!user.private? || current_user == user) && + authorized_to_show_user?(user) end def authorize_to_show_user!(user) diff --git a/app/models/user.rb b/app/models/user.rb index 49ed7cd..de499fd 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -52,7 +52,7 @@ class User < ActiveRecord::Base end def registered? - !!account + !!account && account.active? end def permitted_to_see?(user) |