From 2c6cb412cf8cfdefd642c865af24ac75f0c835c4 Mon Sep 17 00:00:00 2001 From: Gusted Date: Thu, 7 Jul 2022 01:18:51 +0200 Subject: [PATCH] Store read access in access for team repo's (#20275) - Backport #20275 - Currently when a Team has read access to a organization's non-private repository, their access(in the `access` table) won't be stored in the database. This cause issues for code that rely on read access being stored, like retrieving all users who have read permission to that repository(even though this is confusing as this doesn't include all registered users). So from now-on if we see that the repository is owned by a organization don't increase the `minMode` to write permission. - Resolves #20083 --- models/perm/access/access.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/models/perm/access/access.go b/models/perm/access/access.go index 7647519025977..0e5e4ff2bb5d2 100644 --- a/models/perm/access/access.go +++ b/models/perm/access/access.go @@ -86,7 +86,13 @@ func updateUserAccess(accessMap map[int64]*userAccess, user *user_model.User, mo // FIXME: do cross-comparison so reduce deletions and additions to the minimum? func refreshAccesses(ctx context.Context, repo *repo_model.Repository, accessMap map[int64]*userAccess) (err error) { minMode := perm.AccessModeRead - if !repo.IsPrivate { + if err := repo.GetOwner(ctx); err != nil { + return fmt.Errorf("GetOwner: %v", err) + } + + // If the repo isn't private and isn't owned by a organization, + // increase the minMode to Write. + if !repo.IsPrivate && !repo.Owner.IsOrganization() { minMode = perm.AccessModeWrite }