From 439e071acf8d7a38b78888915422490a2a462f8a Mon Sep 17 00:00:00 2001 From: Giteabot Date: Tue, 14 Nov 2023 23:44:38 +0800 Subject: [PATCH] Restricted users only see repos in orgs which their team was assigned to (#28025) (#28050) Backport #28025 by @6543 --- *Sponsored by Kithara Software GmbH* Co-authored-by: 6543 --- models/repo/repo_list.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/models/repo/repo_list.go b/models/repo/repo_list.go index 83ba02e3165..8d00b07c6e0 100644 --- a/models/repo/repo_list.go +++ b/models/repo/repo_list.go @@ -637,12 +637,12 @@ func AccessibleRepositoryCondition(user *user_model.User, unitType unit.Type) bu userOrgTeamUnitRepoCond("`repository`.id", user.ID, unitType), ) } - cond = cond.Or( - // 4. Repositories that we directly own - builder.Eq{"`repository`.owner_id": user.ID}, + // 4. Repositories that we directly own + cond = cond.Or(builder.Eq{"`repository`.owner_id": user.ID}) + if !user.IsRestricted { // 5. Be able to see all public repos in private organizations that we are an org_user of - userOrgPublicRepoCond(user.ID), - ) + cond = cond.Or(userOrgPublicRepoCond(user.ID)) + } } return cond