Allow all members of private orgs to see public repos (#11442)

* Allow all members of private orgs to see public repos

Fix #10144

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/repo_list.go

Co-authored-by: Lauris BH <lauris@nix.lv>
This commit is contained in:
zeripath 2020-05-17 09:22:17 +01:00 committed by GitHub
parent a0d35fb6ad
commit c642cd0676
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -401,21 +401,26 @@ func accessibleRepositoryCondition(user *User) builder.Cond {
} }
if user != nil { if user != nil {
// 2. Be able to see all repositories that we have access to cond = cond.Or(
cond = cond.Or(builder.Or( // 2. Be able to see all repositories that we have access to
builder.In("`repository`.id", builder.Select("repo_id"). builder.In("`repository`.id", builder.Select("repo_id").
From("`access`"). From("`access`").
Where(builder.And( Where(builder.And(
builder.Eq{"user_id": user.ID}, builder.Eq{"user_id": user.ID},
builder.Gt{"mode": int(AccessModeNone)}))), builder.Gt{"mode": int(AccessModeNone)}))),
builder.In("`repository`.id", builder.Select("id"). // 3. Repositories that we directly own
From("`repository`"). builder.Eq{"`repository`.owner_id": user.ID},
Where(builder.Eq{"owner_id": user.ID})))) // 4. Be able to see all repositories that we are in a team
// 3. Be able to see all repositories that we are in a team builder.In("`repository`.id", builder.Select("`team_repo`.repo_id").
cond = cond.Or(builder.In("`repository`.id", builder.Select("`team_repo`.repo_id"). From("team_repo").
From("team_repo"). Where(builder.Eq{"`team_user`.uid": user.ID}).
Where(builder.Eq{"`team_user`.uid": user.ID}). Join("INNER", "team_user", "`team_user`.team_id = `team_repo`.team_id")),
Join("INNER", "team_user", "`team_user`.team_id = `team_repo`.team_id"))) // 5. Be able to see all public repos in private organizations that we are an org_user of
builder.And(builder.Eq{"`repository`.is_private": false},
builder.In("`repository`.owner_id",
builder.Select("`org_user`.org_id").
From("org_user").
Where(builder.Eq{"`org_user`.uid": user.ID}))))
} }
return cond return cond