Skip to content

Commit cf97e65

Browse files
6543zeripath
6543
and
zeripath
authored
Ensure public repositories in private organizations are visible and fix admin organizations list (#11465) (#11475)
Partial Backport of #11465 Co-authored-by: zeripath <art27@cantab.net>
1 parent 42a46cf commit cf97e65

File tree

1 file changed

+25
-4
lines changed

1 file changed

+25
-4
lines changed

models/repo_list.go

Lines changed: 25 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -214,14 +214,35 @@ func SearchRepositoryCondition(opts *SearchRepoOptions) builder.Cond {
214214
}
215215

216216
if opts.Collaborate != util.OptionalBoolFalse {
217+
// A Collaboration is:
217218
collaborateCond := builder.And(
219+
// 1. Repository we don't own
220+
builder.Neq{"owner_id": opts.OwnerID},
221+
// 2. But we can see because of:
218222
builder.Or(
219-
builder.Expr("repository.id IN (SELECT repo_id FROM `access` WHERE access.user_id = ?)", opts.OwnerID),
220-
builder.In("id", builder.Select("`team_repo`.repo_id").
223+
// A. We have access
224+
builder.In("`repository`.id",
225+
builder.Select("`access`.repo_id").
226+
From("access").
227+
Where(builder.Eq{"`access`.user_id": opts.OwnerID})),
228+
// B. We are in a team for
229+
builder.In("`repository`.id", builder.Select("`team_repo`.repo_id").
221230
From("team_repo").
222231
Where(builder.Eq{"`team_user`.uid": opts.OwnerID}).
223-
Join("INNER", "team_user", "`team_user`.team_id = `team_repo`.team_id"))),
224-
builder.Neq{"owner_id": opts.OwnerID})
232+
Join("INNER", "team_user", "`team_user`.team_id = `team_repo`.team_id")),
233+
// C. Public repositories in private organizations that we are member of
234+
builder.And(
235+
builder.Eq{"`repository`.is_private": false},
236+
builder.In("`repository`.owner_id",
237+
builder.Select("`org_user`.org_id").
238+
From("org_user").
239+
Join("INNER", "`user`", "`user`.id = `org_user`.org_id").
240+
Where(builder.Eq{
241+
"`org_user`.uid": opts.OwnerID,
242+
"`user`.type": UserTypeOrganization,
243+
"`user`.visibility": structs.VisibleTypePrivate,
244+
})))),
245+
)
225246
if !opts.Private {
226247
collaborateCond = collaborateCond.And(builder.Expr("owner_id NOT IN (SELECT org_id FROM org_user WHERE org_user.uid = ? AND org_user.is_public = ?)", opts.OwnerID, false))
227248
}

0 commit comments

Comments
 (0)