Allow site admin to check /api/v1/orgs endpoints (#10867)

Fix #9950

Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
zeripath 2020-03-28 19:45:55 +00:00 committed by GitHub
parent 052bff0cff
commit 48890ce546
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions

View file

@ -69,7 +69,7 @@ func ListMembers(ctx *context.APIContext) {
ctx.Error(http.StatusInternalServerError, "IsOrgMember", err) ctx.Error(http.StatusInternalServerError, "IsOrgMember", err)
return return
} }
publicOnly = !isMember publicOnly = !isMember && !ctx.User.IsAdmin
} }
listMembers(ctx, publicOnly) listMembers(ctx, publicOnly)
} }

View file

@ -320,7 +320,7 @@ func GetTeamMembers(ctx *context.APIContext) {
if err != nil { if err != nil {
ctx.Error(http.StatusInternalServerError, "IsOrganizationMember", err) ctx.Error(http.StatusInternalServerError, "IsOrganizationMember", err)
return return
} else if !isMember { } else if !isMember && !ctx.User.IsAdmin {
ctx.NotFound() ctx.NotFound()
return return
} }