Restricted users only see repos in orgs which their team was assigned to (#28025)

---
*Sponsored by Kithara Software GmbH*
This commit is contained in:
6543 2023-11-14 15:23:04 +01:00 committed by GitHub
parent d4d05f9f1b
commit 5ab3782f11
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -652,12 +652,12 @@ func AccessibleRepositoryCondition(user *user_model.User, unitType unit.Type) bu
userOrgTeamUnitRepoCond("`repository`.id", user.ID, unitType), userOrgTeamUnitRepoCond("`repository`.id", user.ID, unitType),
) )
} }
cond = cond.Or( // 4. Repositories that we directly own
// 4. Repositories that we directly own cond = cond.Or(builder.Eq{"`repository`.owner_id": user.ID})
builder.Eq{"`repository`.owner_id": user.ID}, if !user.IsRestricted {
// 5. Be able to see all public repos in private organizations that we are an org_user of // 5. Be able to see all public repos in private organizations that we are an org_user of
userOrgPublicRepoCond(user.ID), cond = cond.Or(userOrgPublicRepoCond(user.ID))
) }
} }
return cond return cond