mirror of
https://github.com/go-gitea/gitea
synced 2024-09-27 00:37:49 +02:00
Merge 046151ef90
into 55d5a74bb3
This commit is contained in:
commit
8006acca6d
@ -236,10 +236,17 @@ func PublicizeMember(ctx *context.APIContext) {
|
||||
if ctx.Written() {
|
||||
return
|
||||
}
|
||||
if userToPublicize.ID != ctx.Doer.ID {
|
||||
if userToPublicize.ID != ctx.Doer.ID && !ctx.Doer.IsAdmin {
|
||||
isOwner, err := ctx.Org.Organization.IsOwnedBy(ctx, ctx.Doer.ID)
|
||||
if err != nil {
|
||||
ctx.Error(http.StatusInternalServerError, "IsOwnedBy", err)
|
||||
return
|
||||
}
|
||||
if !isOwner {
|
||||
ctx.Error(http.StatusForbidden, "", "Cannot publicize another member")
|
||||
return
|
||||
}
|
||||
}
|
||||
err := organization.ChangeOrgUserStatus(ctx, ctx.Org.Organization.ID, userToPublicize.ID, true)
|
||||
if err != nil {
|
||||
ctx.Error(http.StatusInternalServerError, "ChangeOrgUserStatus", err)
|
||||
@ -278,10 +285,17 @@ func ConcealMember(ctx *context.APIContext) {
|
||||
if ctx.Written() {
|
||||
return
|
||||
}
|
||||
if userToConceal.ID != ctx.Doer.ID {
|
||||
if userToConceal.ID != ctx.Doer.ID && !ctx.Doer.IsAdmin {
|
||||
isOwner, err := ctx.Org.Organization.IsOwnedBy(ctx, ctx.Doer.ID)
|
||||
if err != nil {
|
||||
ctx.Error(http.StatusInternalServerError, "IsOwnedBy", err)
|
||||
return
|
||||
}
|
||||
if !isOwner {
|
||||
ctx.Error(http.StatusForbidden, "", "Cannot conceal another member")
|
||||
return
|
||||
}
|
||||
}
|
||||
err := organization.ChangeOrgUserStatus(ctx, ctx.Org.Organization.ID, userToConceal.ID, false)
|
||||
if err != nil {
|
||||
ctx.Error(http.StatusInternalServerError, "ChangeOrgUserStatus", err)
|
||||
|
Loading…
Reference in New Issue
Block a user