diff --git a/api/app/authorizers/project_authorizer.rb b/api/app/authorizers/project_authorizer.rb index 2c931ae3c4..a4fcf5569c 100644 --- a/api/app/authorizers/project_authorizer.rb +++ b/api/app/authorizers/project_authorizer.rb @@ -98,7 +98,8 @@ def drafts_readable_by?(user, _options = {}) has_any_role? user, *RoleName.draft_access end - def publicly_engageable_by?(_user, _options = {}) + def publicly_engageable_by?(user, _options = {}) + return false unless user&.trusted? || user&.established? !resource.disable_engagement? && !Settings.instance.general[:disable_engagement] end