From 5ab3782f111dfc10378fce403ea5934c4585c2a9 Mon Sep 17 00:00:00 2001 From: 6543 Date: Tue, 14 Nov 2023 15:23:04 +0100 Subject: [PATCH] Restricted users only see repos in orgs which their team was assigned to (#28025) --- *Sponsored by Kithara Software GmbH* --- models/repo/repo_list.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/models/repo/repo_list.go b/models/repo/repo_list.go index 1668c23c7..533ca5251 100644 --- a/models/repo/repo_list.go +++ b/models/repo/repo_list.go @@ -652,12 +652,12 @@ func AccessibleRepositoryCondition(user *user_model.User, unitType unit.Type) bu userOrgTeamUnitRepoCond("`repository`.id", user.ID, unitType), ) } - cond = cond.Or( - // 4. Repositories that we directly own - builder.Eq{"`repository`.owner_id": user.ID}, + // 4. Repositories that we directly own + cond = cond.Or(builder.Eq{"`repository`.owner_id": user.ID}) + if !user.IsRestricted { // 5. Be able to see all public repos in private organizations that we are an org_user of - userOrgPublicRepoCond(user.ID), - ) + cond = cond.Or(userOrgPublicRepoCond(user.ID)) + } } return cond