Fix panic when view profile without signin
Also fix that no matter who, still able to see organizations with private membership.
This commit is contained in:
parent
f38d5e57dd
commit
aa12135b97
2 changed files with 10 additions and 12 deletions
|
@ -254,27 +254,25 @@ func IsPublicMembership(orgId, uid int64) bool {
|
||||||
return has
|
return has
|
||||||
}
|
}
|
||||||
|
|
||||||
func getOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) {
|
func getOrgsByUserID(sess *xorm.Session, userID int64, showAll bool) ([]*User, error) {
|
||||||
orgs := make([]*User, 0, 10)
|
orgs := make([]*User, 0, 10)
|
||||||
return orgs, sess.Where("`org_user`.uid=?", userID).
|
if !showAll {
|
||||||
|
sess.And("`org_user`.is_public=?", true)
|
||||||
|
}
|
||||||
|
return orgs, sess.And("`org_user`.uid=?", userID).
|
||||||
Join("INNER", "`org_user`", "`org_user`.org_id=`user`.id").Find(&orgs)
|
Join("INNER", "`org_user`", "`org_user`.org_id=`user`.id").Find(&orgs)
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetOrgsByUserID returns a list of organizations that the given user ID
|
// GetOrgsByUserID returns a list of organizations that the given user ID
|
||||||
// has joined.
|
// has joined.
|
||||||
func GetOrgsByUserID(userID int64) ([]*User, error) {
|
func GetOrgsByUserID(userID int64, showAll bool) ([]*User, error) {
|
||||||
sess := x.NewSession()
|
return getOrgsByUserID(x.NewSession(), userID, showAll)
|
||||||
return getOrgsByUserID(sess, userID)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetOrgsByUserIDDesc returns a list of organizations that the given user ID
|
// GetOrgsByUserIDDesc returns a list of organizations that the given user ID
|
||||||
// has joined, ordered descending by the given condition.
|
// has joined, ordered descending by the given condition.
|
||||||
func GetOrgsByUserIDDesc(userID int64, desc string, all bool) ([]*User, error) {
|
func GetOrgsByUserIDDesc(userID int64, desc string, showAll bool) ([]*User, error) {
|
||||||
sess := x.NewSession()
|
return getOrgsByUserID(x.NewSession().Desc(desc), userID, showAll)
|
||||||
if !all {
|
|
||||||
sess.And("`org_user`.is_public=?", true)
|
|
||||||
}
|
|
||||||
return getOrgsByUserID(sess.Desc(desc), userID)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func getOwnedOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) {
|
func getOwnedOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) {
|
||||||
|
|
|
@ -75,7 +75,7 @@ func Profile(ctx *middleware.Context) {
|
||||||
ctx.Data["PageIsUserProfile"] = true
|
ctx.Data["PageIsUserProfile"] = true
|
||||||
ctx.Data["Owner"] = u
|
ctx.Data["Owner"] = u
|
||||||
|
|
||||||
orgs, err := models.GetOrgsByUserIDDesc(u.Id, "updated", ctx.User.IsAdmin || ctx.User.Id == u.Id)
|
orgs, err := models.GetOrgsByUserID(u.Id, ctx.IsSigned && (ctx.User.IsAdmin || ctx.User.Id == u.Id))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ctx.Handle(500, "GetOrgsByUserIDDesc", err)
|
ctx.Handle(500, "GetOrgsByUserIDDesc", err)
|
||||||
return
|
return
|
||||||
|
|
Reference in a new issue