|
|
|
|
@ -321,14 +321,18 @@ func accessibleRepositoryCondition(user *User) builder.Cond {
|
|
|
|
|
var cond = builder.NewCond() |
|
|
|
|
|
|
|
|
|
if user == nil || !user.IsRestricted { |
|
|
|
|
var orgVisibilityLimit = structs.VisibleTypePrivate |
|
|
|
|
if user == nil { |
|
|
|
|
orgVisibilityLimit = structs.VisibleTypeLimited |
|
|
|
|
} |
|
|
|
|
// 1. Be able to see all non-private repositories that either:
|
|
|
|
|
cond = cond.Or(builder.And( |
|
|
|
|
builder.Eq{"`repository`.is_private": false}, |
|
|
|
|
builder.Or( |
|
|
|
|
// A. Aren't in organisations __OR__
|
|
|
|
|
builder.NotIn("`repository`.owner_id", builder.Select("id").From("`user`").Where(builder.Eq{"type": UserTypeOrganization})), |
|
|
|
|
// B. Isn't a private organisation. (Limited is OK because we're logged in)
|
|
|
|
|
builder.NotIn("`repository`.owner_id", builder.Select("id").From("`user`").Where(builder.Eq{"visibility": structs.VisibleTypePrivate}))))) |
|
|
|
|
// B. Isn't a private organisation. Limited is OK as long as we're logged in.
|
|
|
|
|
builder.NotIn("`repository`.owner_id", builder.Select("id").From("`user`").Where(builder.Gte{"visibility": orgVisibilityLimit}))))) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if user != nil { |
|
|
|
|
|
Manush Dodunekov
6 years ago