From f0348be27e19b0dcd69dbe2842fc26639e5603fb Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Mon, 7 Oct 2024 21:12:14 +0200 Subject: [PATCH 01/22] refactor: calculate if only public should be shown in a single place next the the opts --- models/organization/org.go | 18 +++++++++++++----- models/organization/org_test.go | 4 +--- models/organization/org_user_test.go | 4 ++-- routers/api/v1/org/member.go | 18 +++++++++++------- routers/web/org/home.go | 4 +++- routers/web/org/members.go | 8 ++++---- services/context/org.go | 7 +++---- 7 files changed, 37 insertions(+), 26 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index b33d15d29c129..19b6f51e9b969 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -141,8 +141,9 @@ func (org *Organization) LoadTeams(ctx context.Context) ([]*Team, error) { } // GetMembers returns all members of organization. -func (org *Organization) GetMembers(ctx context.Context) (user_model.UserList, map[int64]bool, error) { +func (org *Organization) GetMembers(ctx context.Context, doer *user_model.User) (user_model.UserList, map[int64]bool, error) { return FindOrgMembers(ctx, &FindOrgMembersOpts{ + Doer: doer, OrgID: org.ID, }) } @@ -195,16 +196,22 @@ func (org *Organization) CanCreateRepo() bool { // FindOrgMembersOpts represensts find org members conditions type FindOrgMembersOpts struct { db.ListOptions - OrgID int64 - PublicOnly bool + Doer *user_model.User + IsMember bool + OrgID int64 +} + +func (opts FindOrgMembersOpts) PublicOnly() bool { + return opts.Doer == nil || !opts.IsMember && !opts.Doer.IsAdmin } // CountOrgMembers counts the organization's members func CountOrgMembers(ctx context.Context, opts *FindOrgMembersOpts) (int64, error) { sess := db.GetEngine(ctx).Where("org_id=?", opts.OrgID) - if opts.PublicOnly { + if opts.PublicOnly() { sess.And("is_public = ?", true) } + return sess.Count(new(OrgUser)) } @@ -525,9 +532,10 @@ func GetOrgsCanCreateRepoByUserID(ctx context.Context, userID int64) ([]*Organiz // GetOrgUsersByOrgID returns all organization-user relations by organization ID. func GetOrgUsersByOrgID(ctx context.Context, opts *FindOrgMembersOpts) ([]*OrgUser, error) { sess := db.GetEngine(ctx).Where("org_id=?", opts.OrgID) - if opts.PublicOnly { + if opts.PublicOnly() { sess.And("is_public = ?", true) } + if opts.ListOptions.PageSize > 0 { sess = db.SetSessionPagination(sess, opts) diff --git a/models/organization/org_test.go b/models/organization/org_test.go index 23ef22e2fbaa4..33821fb1ceb7f 100644 --- a/models/organization/org_test.go +++ b/models/organization/org_test.go @@ -103,7 +103,7 @@ func TestUser_GetTeams(t *testing.T) { func TestUser_GetMembers(t *testing.T) { assert.NoError(t, unittest.PrepareTestDatabase()) org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3}) - members, _, err := org.GetMembers(db.DefaultContext) + members, _, err := org.GetMembers(db.DefaultContext, &user_model.User{IsAdmin: true}) assert.NoError(t, err) if assert.Len(t, members, 3) { assert.Equal(t, int64(2), members[0].ID) @@ -213,7 +213,6 @@ func TestGetOrgUsersByOrgID(t *testing.T) { orgUsers, err := organization.GetOrgUsersByOrgID(db.DefaultContext, &organization.FindOrgMembersOpts{ ListOptions: db.ListOptions{}, OrgID: 3, - PublicOnly: false, }) assert.NoError(t, err) if assert.Len(t, orgUsers, 3) { @@ -240,7 +239,6 @@ func TestGetOrgUsersByOrgID(t *testing.T) { orgUsers, err = organization.GetOrgUsersByOrgID(db.DefaultContext, &organization.FindOrgMembersOpts{ ListOptions: db.ListOptions{}, OrgID: unittest.NonexistentID, - PublicOnly: false, }) assert.NoError(t, err) assert.Len(t, orgUsers, 0) diff --git a/models/organization/org_user_test.go b/models/organization/org_user_test.go index cf7acdf83ba79..55abb63203e86 100644 --- a/models/organization/org_user_test.go +++ b/models/organization/org_user_test.go @@ -94,7 +94,7 @@ func TestUserListIsPublicMember(t *testing.T) { func testUserListIsPublicMember(t *testing.T, orgID int64, expected map[int64]bool) { org, err := organization.GetOrgByID(db.DefaultContext, orgID) assert.NoError(t, err) - _, membersIsPublic, err := org.GetMembers(db.DefaultContext) + _, membersIsPublic, err := org.GetMembers(db.DefaultContext, &user_model.User{IsAdmin: true}) assert.NoError(t, err) assert.Equal(t, expected, membersIsPublic) } @@ -121,7 +121,7 @@ func TestUserListIsUserOrgOwner(t *testing.T) { func testUserListIsUserOrgOwner(t *testing.T, orgID int64, expected map[int64]bool) { org, err := organization.GetOrgByID(db.DefaultContext, orgID) assert.NoError(t, err) - members, _, err := org.GetMembers(db.DefaultContext) + members, _, err := org.GetMembers(db.DefaultContext, &user_model.User{IsAdmin: true}) assert.NoError(t, err) assert.Equal(t, expected, organization.IsUserOrgOwner(db.DefaultContext, members, orgID)) } diff --git a/routers/api/v1/org/member.go b/routers/api/v1/org/member.go index 9db9ad964b6bf..021526fc6f0fd 100644 --- a/routers/api/v1/org/member.go +++ b/routers/api/v1/org/member.go @@ -18,10 +18,11 @@ import ( ) // listMembers list an organization's members -func listMembers(ctx *context.APIContext, publicOnly bool) { +func listMembers(ctx *context.APIContext, isMember bool) { opts := &organization.FindOrgMembersOpts{ + Doer: ctx.Doer, + IsMember: isMember, OrgID: ctx.Org.Organization.ID, - PublicOnly: publicOnly, ListOptions: utils.GetListOptions(ctx), } @@ -73,16 +74,19 @@ func ListMembers(ctx *context.APIContext) { // "404": // "$ref": "#/responses/notFound" - publicOnly := true + var ( + isMember bool + err error + ) + if ctx.Doer != nil { - isMember, err := ctx.Org.Organization.IsOrgMember(ctx, ctx.Doer.ID) + isMember, err = ctx.Org.Organization.IsOrgMember(ctx, ctx.Doer.ID) if err != nil { ctx.Error(http.StatusInternalServerError, "IsOrgMember", err) return } - publicOnly = !isMember && !ctx.Doer.IsAdmin } - listMembers(ctx, publicOnly) + listMembers(ctx, isMember) } // ListPublicMembers list an organization's public members @@ -112,7 +116,7 @@ func ListPublicMembers(ctx *context.APIContext) { // "404": // "$ref": "#/responses/notFound" - listMembers(ctx, true) + listMembers(ctx, false) } // IsMember check if a user is a member of an organization diff --git a/routers/web/org/home.go b/routers/web/org/home.go index 069bd549c1a2f..986088faebebb 100644 --- a/routers/web/org/home.go +++ b/routers/web/org/home.go @@ -95,10 +95,12 @@ func home(ctx *context.Context, viewRepositories bool) { } opts := &organization.FindOrgMembersOpts{ + Doer: ctx.Doer, OrgID: org.ID, - PublicOnly: ctx.Org.PublicMemberOnly, + IsMember: ctx.Org.IsMember, ListOptions: db.ListOptions{Page: 1, PageSize: 25}, } + members, _, err := organization.FindOrgMembers(ctx, opts) if err != nil { ctx.ServerError("FindOrgMembers", err) diff --git a/routers/web/org/members.go b/routers/web/org/members.go index 8ff75b0651112..5f39d45325918 100644 --- a/routers/web/org/members.go +++ b/routers/web/org/members.go @@ -34,8 +34,8 @@ func Members(ctx *context.Context) { } opts := &organization.FindOrgMembersOpts{ - OrgID: org.ID, - PublicOnly: true, + Doer: ctx.Doer, + OrgID: org.ID, } if ctx.Doer != nil { @@ -44,9 +44,9 @@ func Members(ctx *context.Context) { ctx.Error(http.StatusInternalServerError, "IsOrgMember") return } - opts.PublicOnly = !isMember && !ctx.Doer.IsAdmin + opts.IsMember = isMember } - ctx.Data["PublicOnly"] = opts.PublicOnly + ctx.Data["PublicOnly"] = opts.PublicOnly() total, err := organization.CountOrgMembers(ctx, opts) if err != nil { diff --git a/services/context/org.go b/services/context/org.go index 7eba80ff96b1f..4500e595e1121 100644 --- a/services/context/org.go +++ b/services/context/org.go @@ -26,7 +26,6 @@ type Organization struct { Organization *organization.Organization OrgLink string CanCreateOrgRepo bool - PublicMemberOnly bool // Only display public members Team *organization.Team Teams []*organization.Team @@ -176,10 +175,10 @@ func HandleOrgAssignment(ctx *Context, args ...bool) { ctx.Data["OrgLink"] = ctx.Org.OrgLink // Member - ctx.Org.PublicMemberOnly = ctx.Doer == nil || !ctx.Org.IsMember && !ctx.Doer.IsAdmin opts := &organization.FindOrgMembersOpts{ - OrgID: org.ID, - PublicOnly: ctx.Org.PublicMemberOnly, + Doer: ctx.Doer, + OrgID: org.ID, + IsMember: ctx.Org.IsMember, } ctx.Data["NumMembers"], err = organization.CountOrgMembers(ctx, opts) if err != nil { From 3fd5962cc87a1cf1820c0c942da0fcd1ca06d7a9 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Mon, 7 Oct 2024 21:41:20 +0200 Subject: [PATCH 02/22] create addTeamMatesOnlyFilter() --- models/organization/org.go | 32 +++++++++++++++++++++++++++++--- 1 file changed, 29 insertions(+), 3 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index 19b6f51e9b969..07e689669f65a 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -22,6 +22,7 @@ import ( "code.gitea.io/gitea/modules/util" "xorm.io/builder" + "xorm.io/xorm" ) // ________ .__ __ .__ @@ -205,12 +206,27 @@ func (opts FindOrgMembersOpts) PublicOnly() bool { return opts.Doer == nil || !opts.IsMember && !opts.Doer.IsAdmin } +func (opts FindOrgMembersOpts) addTeamMatesOnlyFilter(ctx context.Context, sess *xorm.Session) error { + if opts.Doer != nil && opts.IsMember && opts.Doer.IsRestricted { + teamMates := builder.Select("DISTINCT team_user.uid"). + From("team_user"). + Where(builder.In("team_user.team_id", userTeamIDbuilder(opts.OrgID, opts.Doer.ID))). + And(builder.Eq{"team_user.org_id": opts.OrgID}) + + sess.In("org_user.uid", teamMates) + } + return nil +} + // CountOrgMembers counts the organization's members func CountOrgMembers(ctx context.Context, opts *FindOrgMembersOpts) (int64, error) { sess := db.GetEngine(ctx).Where("org_id=?", opts.OrgID) if opts.PublicOnly() { sess.And("is_public = ?", true) } + if err := opts.addTeamMatesOnlyFilter(ctx, sess); err != nil { + return 0, err + } return sess.Count(new(OrgUser)) } @@ -535,6 +551,9 @@ func GetOrgUsersByOrgID(ctx context.Context, opts *FindOrgMembersOpts) ([]*OrgUs if opts.PublicOnly() { sess.And("is_public = ?", true) } + if err := opts.addTeamMatesOnlyFilter(ctx, sess); err != nil { + return nil, err + } if opts.ListOptions.PageSize > 0 { sess = db.SetSessionPagination(sess, opts) @@ -658,12 +677,19 @@ func (org *Organization) getUserTeamIDs(ctx context.Context, userID int64) ([]in return teamIDs, db.GetEngine(ctx). Table("team"). Cols("team.id"). - Where("`team_user`.org_id = ?", org.ID). - Join("INNER", "team_user", "`team_user`.team_id = team.id"). - And("`team_user`.uid = ?", userID). + Where(userTeamIDbuilder(org.ID, userID)). Find(&teamIDs) } +func userTeamIDbuilder(orgID, userID int64) *builder.Builder { + return builder.Select("team.id").From("team"). + InnerJoin("team_user", "team_user.team_id = team.id"). + Where(builder.Eq{ + "team_user.org_id": orgID, + "team_user.uid": userID, + }) +} + // TeamsWithAccessToRepo returns all teams that have given access level to the repository. func (org *Organization) TeamsWithAccessToRepo(ctx context.Context, repoID int64, mode perm.AccessMode) ([]*Team, error) { return GetTeamsWithAccessToRepo(ctx, org.ID, repoID, mode) From 4bcec1e3d06bcaca54870f3e69e75bb7bbb25d5c Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Thu, 10 Oct 2024 17:24:48 +0200 Subject: [PATCH 03/22] cleanup --- models/organization/org.go | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index 07e689669f65a..54896e8d05d6f 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -22,7 +22,6 @@ import ( "code.gitea.io/gitea/modules/util" "xorm.io/builder" - "xorm.io/xorm" ) // ________ .__ __ .__ @@ -206,27 +205,12 @@ func (opts FindOrgMembersOpts) PublicOnly() bool { return opts.Doer == nil || !opts.IsMember && !opts.Doer.IsAdmin } -func (opts FindOrgMembersOpts) addTeamMatesOnlyFilter(ctx context.Context, sess *xorm.Session) error { - if opts.Doer != nil && opts.IsMember && opts.Doer.IsRestricted { - teamMates := builder.Select("DISTINCT team_user.uid"). - From("team_user"). - Where(builder.In("team_user.team_id", userTeamIDbuilder(opts.OrgID, opts.Doer.ID))). - And(builder.Eq{"team_user.org_id": opts.OrgID}) - - sess.In("org_user.uid", teamMates) - } - return nil -} - // CountOrgMembers counts the organization's members func CountOrgMembers(ctx context.Context, opts *FindOrgMembersOpts) (int64, error) { sess := db.GetEngine(ctx).Where("org_id=?", opts.OrgID) if opts.PublicOnly() { sess.And("is_public = ?", true) } - if err := opts.addTeamMatesOnlyFilter(ctx, sess); err != nil { - return 0, err - } return sess.Count(new(OrgUser)) } @@ -551,9 +535,6 @@ func GetOrgUsersByOrgID(ctx context.Context, opts *FindOrgMembersOpts) ([]*OrgUs if opts.PublicOnly() { sess.And("is_public = ?", true) } - if err := opts.addTeamMatesOnlyFilter(ctx, sess); err != nil { - return nil, err - } if opts.ListOptions.PageSize > 0 { sess = db.SetSessionPagination(sess, opts) From 317176e3ede1ddd7161972d5fe6705f400df1690 Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Thu, 10 Oct 2024 17:44:46 +0200 Subject: [PATCH 04/22] jup --- models/organization/org.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/models/organization/org.go b/models/organization/org.go index 54896e8d05d6f..cfd718aa6a79f 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -658,7 +658,7 @@ func (org *Organization) getUserTeamIDs(ctx context.Context, userID int64) ([]in return teamIDs, db.GetEngine(ctx). Table("team"). Cols("team.id"). - Where(userTeamIDbuilder(org.ID, userID)). + Where(builder.In("team.id", userTeamIDbuilder(org.ID, userID))). Find(&teamIDs) } From 77f71790df78f9667f0b9df15ffddf734de141c2 Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Thu, 10 Oct 2024 17:54:32 +0200 Subject: [PATCH 05/22] Revert "cleanup" This reverts commit 4bcec1e3d06bcaca54870f3e69e75bb7bbb25d5c. --- models/organization/org.go | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/models/organization/org.go b/models/organization/org.go index cfd718aa6a79f..e13b4c77c5804 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -22,6 +22,7 @@ import ( "code.gitea.io/gitea/modules/util" "xorm.io/builder" + "xorm.io/xorm" ) // ________ .__ __ .__ @@ -205,12 +206,27 @@ func (opts FindOrgMembersOpts) PublicOnly() bool { return opts.Doer == nil || !opts.IsMember && !opts.Doer.IsAdmin } +func (opts FindOrgMembersOpts) addTeamMatesOnlyFilter(ctx context.Context, sess *xorm.Session) error { + if opts.Doer != nil && opts.IsMember && opts.Doer.IsRestricted { + teamMates := builder.Select("DISTINCT team_user.uid"). + From("team_user"). + Where(builder.In("team_user.team_id", userTeamIDbuilder(opts.OrgID, opts.Doer.ID))). + And(builder.Eq{"team_user.org_id": opts.OrgID}) + + sess.In("org_user.uid", teamMates) + } + return nil +} + // CountOrgMembers counts the organization's members func CountOrgMembers(ctx context.Context, opts *FindOrgMembersOpts) (int64, error) { sess := db.GetEngine(ctx).Where("org_id=?", opts.OrgID) if opts.PublicOnly() { sess.And("is_public = ?", true) } + if err := opts.addTeamMatesOnlyFilter(ctx, sess); err != nil { + return 0, err + } return sess.Count(new(OrgUser)) } @@ -535,6 +551,9 @@ func GetOrgUsersByOrgID(ctx context.Context, opts *FindOrgMembersOpts) ([]*OrgUs if opts.PublicOnly() { sess.And("is_public = ?", true) } + if err := opts.addTeamMatesOnlyFilter(ctx, sess); err != nil { + return nil, err + } if opts.ListOptions.PageSize > 0 { sess = db.SetSessionPagination(sess, opts) From 4f38f65a29949936eaa3e4b24662666c72c658a9 Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Fri, 11 Oct 2024 17:57:19 +0200 Subject: [PATCH 06/22] no builder for now --- models/organization/org.go | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index cfd718aa6a79f..19b6f51e9b969 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -658,19 +658,12 @@ func (org *Organization) getUserTeamIDs(ctx context.Context, userID int64) ([]in return teamIDs, db.GetEngine(ctx). Table("team"). Cols("team.id"). - Where(builder.In("team.id", userTeamIDbuilder(org.ID, userID))). + Where("`team_user`.org_id = ?", org.ID). + Join("INNER", "team_user", "`team_user`.team_id = team.id"). + And("`team_user`.uid = ?", userID). Find(&teamIDs) } -func userTeamIDbuilder(orgID, userID int64) *builder.Builder { - return builder.Select("team.id").From("team"). - InnerJoin("team_user", "team_user.team_id = team.id"). - Where(builder.Eq{ - "team_user.org_id": orgID, - "team_user.uid": userID, - }) -} - // TeamsWithAccessToRepo returns all teams that have given access level to the repository. func (org *Organization) TeamsWithAccessToRepo(ctx context.Context, repoID int64, mode perm.AccessMode) ([]*Team, error) { return GetTeamsWithAccessToRepo(ctx, org.ID, repoID, mode) From e79ef77fdd5c6898746fa04c31c51737cfe4d1c9 Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Fri, 11 Oct 2024 18:15:00 +0200 Subject: [PATCH 07/22] Revert "no builder for now" This reverts commit 4f38f65a29949936eaa3e4b24662666c72c658a9. --- models/organization/org.go | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index 19b6f51e9b969..cfd718aa6a79f 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -658,12 +658,19 @@ func (org *Organization) getUserTeamIDs(ctx context.Context, userID int64) ([]in return teamIDs, db.GetEngine(ctx). Table("team"). Cols("team.id"). - Where("`team_user`.org_id = ?", org.ID). - Join("INNER", "team_user", "`team_user`.team_id = team.id"). - And("`team_user`.uid = ?", userID). + Where(builder.In("team.id", userTeamIDbuilder(org.ID, userID))). Find(&teamIDs) } +func userTeamIDbuilder(orgID, userID int64) *builder.Builder { + return builder.Select("team.id").From("team"). + InnerJoin("team_user", "team_user.team_id = team.id"). + Where(builder.Eq{ + "team_user.org_id": orgID, + "team_user.uid": userID, + }) +} + // TeamsWithAccessToRepo returns all teams that have given access level to the repository. func (org *Organization) TeamsWithAccessToRepo(ctx context.Context, repoID int64, mode perm.AccessMode) ([]*Team, error) { return GetTeamsWithAccessToRepo(ctx, org.ID, repoID, mode) From 23f8b3b7042db6daac4ec4ee258e42f9aef4f256 Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Fri, 11 Oct 2024 18:18:03 +0200 Subject: [PATCH 08/22] fix --- models/organization/org_test.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/models/organization/org_test.go b/models/organization/org_test.go index 33821fb1ceb7f..80dfc623ec3cf 100644 --- a/models/organization/org_test.go +++ b/models/organization/org_test.go @@ -211,6 +211,7 @@ func TestGetOrgUsersByOrgID(t *testing.T) { assert.NoError(t, unittest.PrepareTestDatabase()) orgUsers, err := organization.GetOrgUsersByOrgID(db.DefaultContext, &organization.FindOrgMembersOpts{ + Doer: &user_model.User{IsActive: true}, ListOptions: db.ListOptions{}, OrgID: 3, }) @@ -234,6 +235,13 @@ func TestGetOrgUsersByOrgID(t *testing.T) { UID: 28, IsPublic: true, }, *orgUsers[2]) + + orgUsers, err = organization.GetOrgUsersByOrgID(db.DefaultContext, &organization.FindOrgMembersOpts{ + ListOptions: db.ListOptions{}, + OrgID: 3, + }) + assert.NoError(t, err) + assert.Len(t, orgUsers, 2) } orgUsers, err = organization.GetOrgUsersByOrgID(db.DefaultContext, &organization.FindOrgMembersOpts{ From 695db86f40d9d92741a68b43ed14e75032125076 Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Fri, 11 Oct 2024 19:31:10 +0200 Subject: [PATCH 09/22] fix test ... --- models/organization/org.go | 2 +- models/organization/org_test.go | 62 ++++++++++++++++----------------- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index cfd718aa6a79f..8e3c3b6589f3e 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -202,7 +202,7 @@ type FindOrgMembersOpts struct { } func (opts FindOrgMembersOpts) PublicOnly() bool { - return opts.Doer == nil || !opts.IsMember && !opts.Doer.IsAdmin + return opts.Doer == nil || !(opts.IsMember || opts.Doer.IsAdmin) } // CountOrgMembers counts the organization's members diff --git a/models/organization/org_test.go b/models/organization/org_test.go index 80dfc623ec3cf..5442c37ccc94c 100644 --- a/models/organization/org_test.go +++ b/models/organization/org_test.go @@ -4,6 +4,7 @@ package organization_test import ( + "sort" "testing" "code.gitea.io/gitea/models/db" @@ -210,39 +211,38 @@ func TestFindOrgs(t *testing.T) { func TestGetOrgUsersByOrgID(t *testing.T) { assert.NoError(t, unittest.PrepareTestDatabase()) - orgUsers, err := organization.GetOrgUsersByOrgID(db.DefaultContext, &organization.FindOrgMembersOpts{ - Doer: &user_model.User{IsActive: true}, - ListOptions: db.ListOptions{}, - OrgID: 3, + opts := &organization.FindOrgMembersOpts{ + Doer: &user_model.User{IsAdmin: true}, + OrgID: 3, + } + assert.False(t, opts.PublicOnly()) + orgUsers, err := organization.GetOrgUsersByOrgID(db.DefaultContext, opts) + assert.NoError(t, err) + sort.Slice(orgUsers, func(i, j int) bool { + return orgUsers[i].ID < orgUsers[j].ID }) + assert.EqualValues(t, []*organization.OrgUser{{ + ID: 1, + OrgID: 3, + UID: 2, + IsPublic: true, + }, { + ID: 2, + OrgID: 3, + UID: 4, + IsPublic: false, + }, { + ID: 9, + OrgID: 3, + UID: 28, + IsPublic: true, + }}, orgUsers) + + opts = &organization.FindOrgMembersOpts{OrgID: 3} + assert.True(t, opts.PublicOnly()) + orgUsers, err = organization.GetOrgUsersByOrgID(db.DefaultContext, opts) assert.NoError(t, err) - if assert.Len(t, orgUsers, 3) { - assert.Equal(t, organization.OrgUser{ - ID: orgUsers[0].ID, - OrgID: 3, - UID: 2, - IsPublic: true, - }, *orgUsers[0]) - assert.Equal(t, organization.OrgUser{ - ID: orgUsers[1].ID, - OrgID: 3, - UID: 4, - IsPublic: false, - }, *orgUsers[1]) - assert.Equal(t, organization.OrgUser{ - ID: orgUsers[2].ID, - OrgID: 3, - UID: 28, - IsPublic: true, - }, *orgUsers[2]) - - orgUsers, err = organization.GetOrgUsersByOrgID(db.DefaultContext, &organization.FindOrgMembersOpts{ - ListOptions: db.ListOptions{}, - OrgID: 3, - }) - assert.NoError(t, err) - assert.Len(t, orgUsers, 2) - } + assert.Len(t, orgUsers, 2) orgUsers, err = organization.GetOrgUsersByOrgID(db.DefaultContext, &organization.FindOrgMembersOpts{ ListOptions: db.ListOptions{}, From 3af5ae7ade0b78313e8dbee1130be0b266f6ac8c Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Mon, 14 Oct 2024 17:53:33 +0200 Subject: [PATCH 10/22] try with less eslect --- models/organization/org.go | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index 8e3c3b6589f3e..96b4f1eb3fb75 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -656,9 +656,7 @@ func (org *Organization) getUserTeams(ctx context.Context, userID int64, cols .. func (org *Organization) getUserTeamIDs(ctx context.Context, userID int64) ([]int64, error) { teamIDs := make([]int64, 0, org.NumTeams) return teamIDs, db.GetEngine(ctx). - Table("team"). - Cols("team.id"). - Where(builder.In("team.id", userTeamIDbuilder(org.ID, userID))). + Where(userTeamIDbuilder(org.ID, userID)). Find(&teamIDs) } From 6a2638240dabbc60b12cce44a678bf5f690b133e Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Mon, 14 Oct 2024 18:03:48 +0200 Subject: [PATCH 11/22] rename func to getUserTeamIDsQueryBuilder --- models/organization/org.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index 96b4f1eb3fb75..a8fb94618e5fb 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -656,11 +656,11 @@ func (org *Organization) getUserTeams(ctx context.Context, userID int64, cols .. func (org *Organization) getUserTeamIDs(ctx context.Context, userID int64) ([]int64, error) { teamIDs := make([]int64, 0, org.NumTeams) return teamIDs, db.GetEngine(ctx). - Where(userTeamIDbuilder(org.ID, userID)). + Where(getUserTeamIDsQueryBuilder(org.ID, userID)). Find(&teamIDs) } -func userTeamIDbuilder(orgID, userID int64) *builder.Builder { +func getUserTeamIDsQueryBuilder(orgID, userID int64) *builder.Builder { return builder.Select("team.id").From("team"). InnerJoin("team_user", "team_user.team_id = team.id"). Where(builder.Eq{ From efcb63db0033a10007f0351b60a07f4bbf28782a Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Mon, 14 Oct 2024 18:16:10 +0200 Subject: [PATCH 12/22] Revert "try with less eslect" This reverts commit 3af5ae7ade0b78313e8dbee1130be0b266f6ac8c. because of error: "Unsupported condition type" --- models/organization/org.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/models/organization/org.go b/models/organization/org.go index a8fb94618e5fb..fdb1b93d65a8f 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -656,7 +656,9 @@ func (org *Organization) getUserTeams(ctx context.Context, userID int64, cols .. func (org *Organization) getUserTeamIDs(ctx context.Context, userID int64) ([]int64, error) { teamIDs := make([]int64, 0, org.NumTeams) return teamIDs, db.GetEngine(ctx). - Where(getUserTeamIDsQueryBuilder(org.ID, userID)). + Table("team"). + Cols("team.id"). + Where(builder.In("team.id", getUserTeamIDsQueryBuilder(org.ID, userID))). Find(&teamIDs) } From 5e3b1af5e79dc0fac9d3a01525b92ca54229acb2 Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Tue, 15 Oct 2024 14:14:18 +0200 Subject: [PATCH 13/22] adopt changes --- models/organization/org.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/models/organization/org.go b/models/organization/org.go index 644028f0f60ad..de9e462a93c54 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -210,7 +210,7 @@ func (opts FindOrgMembersOpts) addTeamMatesOnlyFilter(ctx context.Context, sess if opts.Doer != nil && opts.IsMember && opts.Doer.IsRestricted { teamMates := builder.Select("DISTINCT team_user.uid"). From("team_user"). - Where(builder.In("team_user.team_id", userTeamIDbuilder(opts.OrgID, opts.Doer.ID))). + Where(builder.In("team_user.team_id", getUserTeamIDsQueryBuilder(opts.OrgID, opts.Doer.ID))). And(builder.Eq{"team_user.org_id": opts.OrgID}) sess.In("org_user.uid", teamMates) From db7a59a88e04bf3f7692c1954acf85f68eb2dacc Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Tue, 15 Oct 2024 14:41:17 +0200 Subject: [PATCH 14/22] fix lint and better func wording --- models/organization/org.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index de9e462a93c54..f59e9dc5f46fd 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -206,7 +206,7 @@ func (opts FindOrgMembersOpts) PublicOnly() bool { return opts.Doer == nil || !(opts.IsMember || opts.Doer.IsAdmin) } -func (opts FindOrgMembersOpts) addTeamMatesOnlyFilter(ctx context.Context, sess *xorm.Session) error { +func (opts FindOrgMembersOpts) applyTeamMatesOnlyFilter(sess *xorm.Session) error { if opts.Doer != nil && opts.IsMember && opts.Doer.IsRestricted { teamMates := builder.Select("DISTINCT team_user.uid"). From("team_user"). @@ -224,7 +224,7 @@ func CountOrgMembers(ctx context.Context, opts *FindOrgMembersOpts) (int64, erro if opts.PublicOnly() { sess.And("is_public = ?", true) } - if err := opts.addTeamMatesOnlyFilter(ctx, sess); err != nil { + if err := opts.applyTeamMatesOnlyFilter(sess); err != nil { return 0, err } @@ -551,7 +551,7 @@ func GetOrgUsersByOrgID(ctx context.Context, opts *FindOrgMembersOpts) ([]*OrgUs if opts.PublicOnly() { sess.And("is_public = ?", true) } - if err := opts.addTeamMatesOnlyFilter(ctx, sess); err != nil { + if err := opts.applyTeamMatesOnlyFilter(sess); err != nil { return nil, err } From 5128b0bce2eb1b983e5b719c70b5b060778de5e5 Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Tue, 15 Oct 2024 14:54:18 +0200 Subject: [PATCH 15/22] fix lint2 err --- models/organization/org.go | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index f59e9dc5f46fd..3467aae349313 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -206,7 +206,7 @@ func (opts FindOrgMembersOpts) PublicOnly() bool { return opts.Doer == nil || !(opts.IsMember || opts.Doer.IsAdmin) } -func (opts FindOrgMembersOpts) applyTeamMatesOnlyFilter(sess *xorm.Session) error { +func (opts FindOrgMembersOpts) applyTeamMatesOnlyFilter(sess *xorm.Session) { if opts.Doer != nil && opts.IsMember && opts.Doer.IsRestricted { teamMates := builder.Select("DISTINCT team_user.uid"). From("team_user"). @@ -224,9 +224,7 @@ func CountOrgMembers(ctx context.Context, opts *FindOrgMembersOpts) (int64, erro if opts.PublicOnly() { sess.And("is_public = ?", true) } - if err := opts.applyTeamMatesOnlyFilter(sess); err != nil { - return 0, err - } + opts.applyTeamMatesOnlyFilter(sess) return sess.Count(new(OrgUser)) } @@ -551,9 +549,7 @@ func GetOrgUsersByOrgID(ctx context.Context, opts *FindOrgMembersOpts) ([]*OrgUs if opts.PublicOnly() { sess.And("is_public = ?", true) } - if err := opts.applyTeamMatesOnlyFilter(sess); err != nil { - return nil, err - } + opts.applyTeamMatesOnlyFilter(sess) if opts.ListOptions.PageSize > 0 { sess = db.SetSessionPagination(sess, opts) From 679680d12dd322655a58c4efaf2ecc76996b1aa7 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Tue, 15 Oct 2024 14:58:01 +0200 Subject: [PATCH 16/22] no return --- models/organization/org.go | 1 - 1 file changed, 1 deletion(-) diff --git a/models/organization/org.go b/models/organization/org.go index 3467aae349313..7f55957389f69 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -215,7 +215,6 @@ func (opts FindOrgMembersOpts) applyTeamMatesOnlyFilter(sess *xorm.Session) { sess.In("org_user.uid", teamMates) } - return nil } // CountOrgMembers counts the organization's members From 7bb645eaa959b43a878afdbb3057df47a29cfac4 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Wed, 23 Oct 2024 01:17:13 +0200 Subject: [PATCH 17/22] not needed here and dublicated on related pull --- models/organization/org.go | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index fdb1b93d65a8f..c2490145bf1b0 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -658,19 +658,12 @@ func (org *Organization) getUserTeamIDs(ctx context.Context, userID int64) ([]in return teamIDs, db.GetEngine(ctx). Table("team"). Cols("team.id"). - Where(builder.In("team.id", getUserTeamIDsQueryBuilder(org.ID, userID))). + Where("`team_user`.org_id = ?", org.ID). + Join("INNER", "team_user", "`team_user`.team_id = team.id"). + And("`team_user`.uid = ?", userID). Find(&teamIDs) } -func getUserTeamIDsQueryBuilder(orgID, userID int64) *builder.Builder { - return builder.Select("team.id").From("team"). - InnerJoin("team_user", "team_user.team_id = team.id"). - Where(builder.Eq{ - "team_user.org_id": orgID, - "team_user.uid": userID, - }) -} - // TeamsWithAccessToRepo returns all teams that have given access level to the repository. func (org *Organization) TeamsWithAccessToRepo(ctx context.Context, repoID int64, mode perm.AccessMode) ([]*Team, error) { return GetTeamsWithAccessToRepo(ctx, org.ID, repoID, mode) From 8780d12df415290ff27b0da820988e7834aca5b7 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Wed, 23 Oct 2024 01:19:59 +0200 Subject: [PATCH 18/22] add dedicated func getUserTeamIDsQueryBuilder(orgID, userID int64) *builder.Builder { return builder.Select("team.id").From("team"). InnerJoin("team_user", "team_user.team_id = team.id"). Where(builder.Eq{ "team_user.org_id": orgID, "team_user.uid": userID, }) } --- models/organization/org.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/models/organization/org.go b/models/organization/org.go index 6ae85bea9aae0..628a87b9361e7 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -678,6 +678,15 @@ func (org *Organization) getUserTeamIDs(ctx context.Context, userID int64) ([]in Find(&teamIDs) } +func getUserTeamIDsQueryBuilder(orgID, userID int64) *builder.Builder { + return builder.Select("team.id").From("team"). + InnerJoin("team_user", "team_user.team_id = team.id"). + Where(builder.Eq{ + "team_user.org_id": orgID, + "team_user.uid": userID, + }) +} + // TeamsWithAccessToRepo returns all teams that have given access level to the repository. func (org *Organization) TeamsWithAccessToRepo(ctx context.Context, repoID int64, mode perm.AccessMode) ([]*Team, error) { return GetTeamsWithAccessToRepo(ctx, org.ID, repoID, mode) From 80ee5a2c8706aada9d06cfdcbedb6e24e9b47ab2 Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Mon, 11 Nov 2024 15:53:49 +0100 Subject: [PATCH 19/22] still have public members visible while restricted user is loged in ... --- models/organization/org.go | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index cbda5d1edd1f4..9175f69d088b1 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -206,6 +206,7 @@ func (opts FindOrgMembersOpts) PublicOnly() bool { return opts.Doer == nil || !(opts.IsDoerMember || opts.Doer.IsAdmin) } +// applyTeamMatesOnlyFilter make sure restricted users only see public team members and there own team mates func (opts FindOrgMembersOpts) applyTeamMatesOnlyFilter(sess *xorm.Session) { if opts.Doer != nil && opts.IsDoerMember && opts.Doer.IsRestricted { teamMates := builder.Select("DISTINCT team_user.uid"). @@ -213,7 +214,7 @@ func (opts FindOrgMembersOpts) applyTeamMatesOnlyFilter(sess *xorm.Session) { Where(builder.In("team_user.team_id", getUserTeamIDsQueryBuilder(opts.OrgID, opts.Doer.ID))). And(builder.Eq{"team_user.org_id": opts.OrgID}) - sess.In("org_user.uid", teamMates) + sess.And("is_public = ?", true).Or(sess.In("org_user.uid", teamMates)) } } @@ -221,9 +222,10 @@ func (opts FindOrgMembersOpts) applyTeamMatesOnlyFilter(sess *xorm.Session) { func CountOrgMembers(ctx context.Context, opts *FindOrgMembersOpts) (int64, error) { sess := db.GetEngine(ctx).Where("org_id=?", opts.OrgID) if opts.PublicOnly() { - sess.And("is_public = ?", true) + sess = sess.And("is_public = ?", true) + } else { + opts.applyTeamMatesOnlyFilter(sess) } - opts.applyTeamMatesOnlyFilter(sess) return sess.Count(new(OrgUser)) } @@ -546,9 +548,10 @@ func GetOrgsCanCreateRepoByUserID(ctx context.Context, userID int64) ([]*Organiz func GetOrgUsersByOrgID(ctx context.Context, opts *FindOrgMembersOpts) ([]*OrgUser, error) { sess := db.GetEngine(ctx).Where("org_id=?", opts.OrgID) if opts.PublicOnly() { - sess.And("is_public = ?", true) + sess = sess.And("is_public = ?", true) + } else { + opts.applyTeamMatesOnlyFilter(sess) } - opts.applyTeamMatesOnlyFilter(sess) if opts.ListOptions.PageSize > 0 { sess = db.SetSessionPagination(sess, opts) From 1ce2980ce9ca7043387a87648b044d59da9aef02 Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Mon, 11 Nov 2024 16:27:52 +0100 Subject: [PATCH 20/22] cover by tests --- models/organization/org.go | 5 ++- models/organization/org_test.go | 77 +++++++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+), 1 deletion(-) diff --git a/models/organization/org.go b/models/organization/org.go index 9175f69d088b1..6231f1eeedf58 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -214,7 +214,10 @@ func (opts FindOrgMembersOpts) applyTeamMatesOnlyFilter(sess *xorm.Session) { Where(builder.In("team_user.team_id", getUserTeamIDsQueryBuilder(opts.OrgID, opts.Doer.ID))). And(builder.Eq{"team_user.org_id": opts.OrgID}) - sess.And("is_public = ?", true).Or(sess.In("org_user.uid", teamMates)) + sess.And( + builder.In("org_user.uid", teamMates). + Or(builder.Eq{"org_user.is_public": true}), + ) } } diff --git a/models/organization/org_test.go b/models/organization/org_test.go index 5442c37ccc94c..e89b1473fc546 100644 --- a/models/organization/org_test.go +++ b/models/organization/org_test.go @@ -4,6 +4,7 @@ package organization_test import ( + "slices" "sort" "testing" @@ -181,6 +182,82 @@ func TestIsPublicMembership(t *testing.T) { test(unittest.NonexistentID, unittest.NonexistentID, false) } +func TestRestrictedUserOrgMembers(t *testing.T) { + assert.NoError(t, unittest.PrepareTestDatabase()) + + restrictedUser := unittest.AssertExistsAndLoadBean(t, &user_model.User{ + ID: 29, + IsRestricted: true, + }) + if !assert.True(t, restrictedUser.IsRestricted) { + return // ensure fixtures return restricted user + } + + testCases := []struct { + name string + opts *organization.FindOrgMembersOpts + expectedUIDs []int64 + expectedLen int + }{ + { + name: "restricted user sees public members and teammates", + opts: &organization.FindOrgMembersOpts{ + OrgID: 17, // org17 where user29 is in team9 + Doer: restrictedUser, + IsDoerMember: true, + }, + expectedUIDs: []int64{2, 15, 29}, // Public members (2) + teammates in team9 (15, 20, 29) + expectedLen: 3, + }, + { + name: "restricted user sees only public members when not member", + opts: &organization.FindOrgMembersOpts{ + OrgID: 3, // org3 where user29 is not a member + Doer: restrictedUser, + }, + expectedUIDs: []int64{2, 28}, // Only public members + expectedLen: 2, + }, + { + name: "non logged in only shows public members", + opts: &organization.FindOrgMembersOpts{ + OrgID: 3, + }, + expectedUIDs: []int64{2, 28}, // Only public members + expectedLen: 2, + }, + { + name: "non restricted user sees all members", + opts: &organization.FindOrgMembersOpts{ + OrgID: 17, + Doer: unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 15}), + IsDoerMember: true, + }, + expectedUIDs: []int64{2, 15, 18, 29}, // All members + expectedLen: 3, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + count, err := organization.CountOrgMembers(db.DefaultContext, tc.opts) + assert.NoError(t, err) + assert.Equal(t, int64(tc.expectedLen), count) + + members, err := organization.GetOrgUsersByOrgID(db.DefaultContext, tc.opts) + assert.NoError(t, err) + assert.Len(t, members, tc.expectedLen) + + memberUIDs := make([]int64, 0, len(members)) + for _, member := range members { + memberUIDs = append(memberUIDs, member.UID) + } + slices.Sort(memberUIDs) + assert.EqualValues(t, tc.expectedUIDs, memberUIDs) + }) + } +} + func TestFindOrgs(t *testing.T) { assert.NoError(t, unittest.PrepareTestDatabase()) From 2ab1083b33910f99eb588c27483d9cd13ac70a14 Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Mon, 11 Nov 2024 16:50:43 +0100 Subject: [PATCH 21/22] fix & enhance test --- models/organization/org_test.go | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/models/organization/org_test.go b/models/organization/org_test.go index e89b1473fc546..88cb35813999a 100644 --- a/models/organization/org_test.go +++ b/models/organization/org_test.go @@ -197,7 +197,6 @@ func TestRestrictedUserOrgMembers(t *testing.T) { name string opts *organization.FindOrgMembersOpts expectedUIDs []int64 - expectedLen int }{ { name: "restricted user sees public members and teammates", @@ -206,8 +205,7 @@ func TestRestrictedUserOrgMembers(t *testing.T) { Doer: restrictedUser, IsDoerMember: true, }, - expectedUIDs: []int64{2, 15, 29}, // Public members (2) + teammates in team9 (15, 20, 29) - expectedLen: 3, + expectedUIDs: []int64{2, 15, 29}, // Public members (2) + teammates in team9 (15, 29) // note: user 20 is team_user but not org_user }, { name: "restricted user sees only public members when not member", @@ -216,7 +214,6 @@ func TestRestrictedUserOrgMembers(t *testing.T) { Doer: restrictedUser, }, expectedUIDs: []int64{2, 28}, // Only public members - expectedLen: 2, }, { name: "non logged in only shows public members", @@ -224,7 +221,6 @@ func TestRestrictedUserOrgMembers(t *testing.T) { OrgID: 3, }, expectedUIDs: []int64{2, 28}, // Only public members - expectedLen: 2, }, { name: "non restricted user sees all members", @@ -234,7 +230,6 @@ func TestRestrictedUserOrgMembers(t *testing.T) { IsDoerMember: true, }, expectedUIDs: []int64{2, 15, 18, 29}, // All members - expectedLen: 3, }, } @@ -242,12 +237,10 @@ func TestRestrictedUserOrgMembers(t *testing.T) { t.Run(tc.name, func(t *testing.T) { count, err := organization.CountOrgMembers(db.DefaultContext, tc.opts) assert.NoError(t, err) - assert.Equal(t, int64(tc.expectedLen), count) + assert.Equal(t, len(tc.expectedUIDs), count) members, err := organization.GetOrgUsersByOrgID(db.DefaultContext, tc.opts) assert.NoError(t, err) - assert.Len(t, members, tc.expectedLen) - memberUIDs := make([]int64, 0, len(members)) for _, member := range members { memberUIDs = append(memberUIDs, member.UID) From 60ad5ed7c8018290948f6f686794fd391389f062 Mon Sep 17 00:00:00 2001 From: "m.huber" Date: Mon, 11 Nov 2024 16:57:38 +0100 Subject: [PATCH 22/22] fix fixtures inconsistency --- models/fixtures/org_user.yml | 6 ++++++ models/fixtures/user.yml | 2 +- models/organization/org_test.go | 6 +++--- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/models/fixtures/org_user.yml b/models/fixtures/org_user.yml index cf21b84aa9fc5..73a3e9dba9bd0 100644 --- a/models/fixtures/org_user.yml +++ b/models/fixtures/org_user.yml @@ -129,3 +129,9 @@ uid: 2 org_id: 35 is_public: true + +- + id: 23 + uid: 20 + org_id: 17 + is_public: false diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml index c0296deec55bd..1044e487f8146 100644 --- a/models/fixtures/user.yml +++ b/models/fixtures/user.yml @@ -623,7 +623,7 @@ num_stars: 0 num_repos: 2 num_teams: 3 - num_members: 4 + num_members: 5 visibility: 0 repo_admin_change_team_access: false theme: "" diff --git a/models/organization/org_test.go b/models/organization/org_test.go index 88cb35813999a..c614aaacf56e5 100644 --- a/models/organization/org_test.go +++ b/models/organization/org_test.go @@ -205,7 +205,7 @@ func TestRestrictedUserOrgMembers(t *testing.T) { Doer: restrictedUser, IsDoerMember: true, }, - expectedUIDs: []int64{2, 15, 29}, // Public members (2) + teammates in team9 (15, 29) // note: user 20 is team_user but not org_user + expectedUIDs: []int64{2, 15, 20, 29}, // Public members (2) + teammates in team9 (15, 20, 29) }, { name: "restricted user sees only public members when not member", @@ -229,7 +229,7 @@ func TestRestrictedUserOrgMembers(t *testing.T) { Doer: unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 15}), IsDoerMember: true, }, - expectedUIDs: []int64{2, 15, 18, 29}, // All members + expectedUIDs: []int64{2, 15, 18, 20, 29}, // All members }, } @@ -237,7 +237,7 @@ func TestRestrictedUserOrgMembers(t *testing.T) { t.Run(tc.name, func(t *testing.T) { count, err := organization.CountOrgMembers(db.DefaultContext, tc.opts) assert.NoError(t, err) - assert.Equal(t, len(tc.expectedUIDs), count) + assert.EqualValues(t, len(tc.expectedUIDs), count) members, err := organization.GetOrgUsersByOrgID(db.DefaultContext, tc.opts) assert.NoError(t, err)