|
|
|
@ -353,11 +353,12 @@ func accessibleRepositoryCondition(user *User) builder.Cond { |
|
|
|
|
// 1. Be able to see all non-private repositories that either:
|
|
|
|
|
cond = cond.Or(builder.And( |
|
|
|
|
builder.Eq{"`repository`.is_private": false}, |
|
|
|
|
builder.Or( |
|
|
|
|
// A. Aren't in organisations __OR__
|
|
|
|
|
builder.NotIn("`repository`.owner_id", builder.Select("id").From("`user`").Where(builder.Eq{"type": UserTypeOrganization})), |
|
|
|
|
// B. Isn't a private organisation. Limited is OK as long as we're logged in.
|
|
|
|
|
builder.NotIn("`repository`.owner_id", builder.Select("id").From("`user`").Where(builder.In("visibility", orgVisibilityLimit)))))) |
|
|
|
|
// 2. Aren't in an private organisation or limited organisation if we're not logged in
|
|
|
|
|
builder.NotIn("`repository`.owner_id", builder.Select("id").From("`user`").Where( |
|
|
|
|
builder.And( |
|
|
|
|
builder.Eq{"type": UserTypeOrganization}, |
|
|
|
|
builder.In("visibility", orgVisibilityLimit)), |
|
|
|
|
)))) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if user != nil { |
|
|
|
|