set PrivateView in fo

2024-06-01 19:06:52 +02:00 · 2024-02-29 21:41:11 +01:00 · 2024-02-29 21:41:11 +01:00 · 3094cc6736
commit 3094cc6736
parent d85fd31161
5 changed files with 69 additions and 31 deletions
--- a/models/activities/action.go
+++ b/models/activities/action.go
@ -139,20 +139,21 @@ func (at ActionType) InActions(actions ...string) bool {
 // repository. It implemented interface base.Actioner so that can be
 // used in template render.
 type Action struct {
-	ID          int64 `xorm:"pk autoincr"`
-	UserID      int64 `xorm:"INDEX"` // Receiver user id.
-	OpType      ActionType
-	ActUserID   int64            // Action user id.
-	ActUser     *user_model.User `xorm:"-"`
-	RepoID      int64
-	Repo        *repo_model.Repository `xorm:"-"`
-	CommentID   int64                  `xorm:"INDEX"`
-	Comment     *issues_model.Comment  `xorm:"-"`
-	IsDeleted   bool                   `xorm:"NOT NULL DEFAULT false"`
-	RefName     string
-	IsPrivate   bool               `xorm:"NOT NULL DEFAULT false"`
-	Content     string             `xorm:"TEXT"`
-	CreatedUnix timeutil.TimeStamp `xorm:"created"`
+	ID            int64 `xorm:"pk autoincr"`
+	UserID        int64 `xorm:"INDEX"` // Receiver user id.
+	OpType        ActionType
+	ActUserID     int64            // Action user id.
+	ActUser       *user_model.User `xorm:"-"`
+	RepoID        int64
+	Repo          *repo_model.Repository `xorm:"-"`
+	CommentID     int64                  `xorm:"INDEX"`
+	Comment       *issues_model.Comment  `xorm:"-"`
+	IsDeleted     bool                   `xorm:"NOT NULL DEFAULT false"`
+	RefName       string
+	IsPrivate     bool               `xorm:"NOT NULL DEFAULT false"`
+	IsPrivateView bool               `xorm:"-"`
+	Content       string             `xorm:"TEXT"`
+	CreatedUnix   timeutil.TimeStamp `xorm:"created"`
 }

 func init() {
@ -453,16 +454,34 @@ func GetFeeds(ctx context.Context, opts GetFeedsOptions) (ActionList, int64, err
 	opts.SetDefaultValues()
 	sess = db.SetSessionPagination(sess, &opts)

-	actions := make([]*Action, 0, opts.PageSize)
+	actions := make(ActionList, 0, opts.PageSize)
 	count, err := sess.Desc("`action`.created_unix").FindAndCount(&actions)
 	if err != nil {
 		return nil, 0, fmt.Errorf("FindAndCount: %w", err)
 	}

-	if err := ActionList(actions).loadAttributes(ctx); err != nil {
+	if err := actions.loadAttributes(ctx); err != nil {
 		return nil, 0, fmt.Errorf("LoadAttributes: %w", err)
 	}

+	isOrgMemberMap := make(map[int64]bool, 0)
+	canActorViewAction := false
+	if opts.Actor != nil && opts.RequestedUser != nil {
+		canActorViewAction = !opts.Actor.IsAdmin && opts.Actor.ID != opts.RequestedUser.ID
+		isOrgMemberMap, err = organization.IsOrganizationsMember(ctx, actions.GetOrgIds(), opts.Actor.ID)
+		if err != nil {
+			return nil, 0, err
+		}
+	}
+
+	for _, action := range actions {
+		action.IsPrivateView = canActorViewAction && action.IsPrivate
+
+		if action.IsPrivateView && action.Repo.Owner.IsOrganization() {
+			action.IsPrivateView = !isOrgMemberMap[action.Repo.Owner.ID]
+		}
+	}
+
 	return actions, count, nil
 }

@ -519,7 +538,7 @@ func activityQueryCondition(ctx context.Context, opts GetFeedsOptions) (builder.

 	includePrivateRepos := opts.RequestedUser != nil && opts.RequestedUser.ActionsVisibility.ShowAll()
 	// check readable repositories by doer/actor
-	if !includePrivateRepos && !opts.Actor.IsAdmin {
+	if !includePrivateRepos && (opts.Actor == nil || !opts.Actor.IsAdmin) {
 		cond = cond.And(builder.In("repo_id", repo_model.AccessibleRepoIDsQuery(opts.Actor)))
 	}

--- a/models/activities/action_list.go
+++ b/models/activities/action_list.go
@ -52,6 +52,16 @@ func (actions ActionList) getRepoIDs() []int64 {
 	return repoIDs.Values()
 }

+func (actions ActionList) GetOrgIds() []int64 {
+	orgIDs := make(container.Set[int64], len(actions))
+	for _, action := range actions {
+		if action.Repo.Owner.IsOrganization() {
+			orgIDs.Add(action.Repo.Owner.ID)
+		}
+	}
+	return orgIDs.Values()
+}
+
 func (actions ActionList) loadRepositories(ctx context.Context) error {
 	if len(actions) == 0 {
 		return nil
--- a/models/organization/org_user.go
+++ b/models/organization/org_user.go
@ -77,6 +77,27 @@ func IsOrganizationMember(ctx context.Context, orgID, uid int64) (bool, error) {
 		Exist()
 }

+// IsOrganizationsMember returns a map with key of orgID and value is true if given user is member of organization.
+func IsOrganizationsMember(ctx context.Context, orgIDs []int64, uid int64) (map[int64]bool, error) {
+	var orgUsers []*OrgUser
+
+	err := db.GetEngine(ctx).
+		Where("uid=?", uid).
+		And(builder.In("org_id", orgIDs)).
+		Table("org_user").
+		Find(&orgUsers)
+	if err != nil {
+		return nil, err
+	}
+
+	memberMap := make(map[int64]bool, len(orgIDs))
+	for _, orgUser := range orgUsers {
+		memberMap[orgUser.OrgID] = true
+	}
+
+	return memberMap, nil
+}
+
 // IsPublicMembership returns true if the given user's membership of given org is public.
 func IsPublicMembership(ctx context.Context, orgID, uid int64) (bool, error) {
 	return db.GetEngine(ctx).
--- a/modules/templates/helper.go
+++ b/modules/templates/helper.go
@ -13,7 +13,6 @@ import (
 	"strings"
 	"time"

-	"code.gitea.io/gitea/models/organization"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/markup"
@ -177,9 +176,6 @@ func NewFuncMap() template.FuncMap {

 		"FilenameIsImage": FilenameIsImage,
 		"TabSizeClass":    TabSizeClass,
-
-		// org
-		"IsOrganizationMember": organization.IsOrganizationMember,
 	}
 }

--- a/templates/user/dashboard/feeds.tmpl
+++ b/templates/user/dashboard/feeds.tmpl
@ -1,19 +1,11 @@
 <div id="activity-feed" class="flex-list">
 	{{range .Feeds}}
-		{{$isPrivateView := and (not $.IsAdmin) .IsPrivate (ne $.ContextUser.ID $.SignedUserID)}}
-		{{if $isPrivateView}}
-			{{$isOrganizationMember := $.IsOrganizationMember}}
-			{{if eq $isOrganizationMember nil}}
-				{{$isOrganizationMember = IsOrganizationMember ctx .Repo.Owner.ID $.SignedUserID}}
-			{{end}}
-			{{$isPrivateView = and $isPrivateView (not $isOrganizationMember)}}
-		{{end}}
 		<div class="flex-item">
 			<div class="flex-item-leading">
 				{{ctx.AvatarUtils.AvatarByAction .}}
 			</div>
 			<div class="flex-item-main gt-gap-3">
-				{{if $isPrivateView}}
+				{{if .IsPrivateView}}
 					<div>
 						{{if gt .ActUser.ID 0}}
 							<a href="{{AppSubUrl}}/{{(.GetActUserName ctx) | PathEscape}}" title="{{.GetDisplayNameTitle ctx}}">{{.GetDisplayName ctx}}</a>
@ -146,7 +138,7 @@
 				{{end}}
 			</div>
 			<div class="flex-item-trailing">
-				{{if $isPrivateView}}
+				{{if .IsPrivateView}}
 					{{svg "octicon-lock" 32 "text grey gt-mr-2"}}
 				{{else}}
 					{{svg (printf "octicon-%s" (ActionIcon .GetOpType)) 32 "text grey gt-mr-2"}}