Skip to content

Commit

Permalink
[B] Ensure engage_publicly ability is false for unestablished users
Browse files Browse the repository at this point in the history
  • Loading branch information
@1aurend
1aurend committed Jan 23, 2025
1 parent d472d7b commit d3451ea
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion api/app/authorizers/project_authorizer.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,8 @@ def drafts_readable_by?(user, _options = {})
has_any_role? user, *RoleName.draft_access
end

def publicly_engageable_by?(_user, _options = {})
def publicly_engageable_by?(user, _options = {})
return false unless user&.trusted? || user&.established?
!resource.disable_engagement? && !Settings.instance.general[:disable_engagement]
end

Expand Down

0 comments on commit d3451ea

Please sign in to comment.