Fix limited user cannot view himself's profile (#21212)
backport #21210, fix #21206 If user and viewer are equal the method should return true. Also the common organization check was wrong as count can never be less then 0. Tests are on main branch.
This commit is contained in:
parent
a28677273b
commit
f663773200
1 changed files with 2 additions and 2 deletions
|
@ -1265,7 +1265,7 @@ func isUserVisibleToViewerCond(viewer *User) builder.Cond {
|
|||
|
||||
// IsUserVisibleToViewer check if viewer is able to see user profile
|
||||
func IsUserVisibleToViewer(ctx context.Context, u, viewer *User) bool {
|
||||
if viewer != nil && viewer.IsAdmin {
|
||||
if viewer != nil && (viewer.IsAdmin || viewer.ID == u.ID) {
|
||||
return true
|
||||
}
|
||||
|
||||
|
@ -1304,7 +1304,7 @@ func IsUserVisibleToViewer(ctx context.Context, u, viewer *User) bool {
|
|||
return false
|
||||
}
|
||||
|
||||
if count < 0 {
|
||||
if count == 0 {
|
||||
// No common organization
|
||||
return false
|
||||
}
|
||||
|
|
Reference in a new issue