MarcoBuster/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-01-30 23:27:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow admins and org owners to change org member public status

Browse Source
This commit is contained in:
Tomáš Ženčák 2023-11-29 13:09:09 +01:00
parent b348424c64
commit d718e3f68c
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
routers/api/v1/org/member.go
View File

@ -9,6 +9,7 @@ import (
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/models/organization"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/setting"
api "code.gitea.io/gitea/modules/structs"
@ -236,7 +237,7 @@ func PublicizeMember(ctx *context.APIContext) {
if ctx.Written() {
return
}
if userToPublicize.ID != ctx.Doer.ID {
if userToPublicize.ID != ctx.Doer.ID && !ctx.Doer.IsAdmin && !organization.IsUserOrgOwner(ctx, []*user_model.User{ctx.Doer}, ctx.Org.Organization.ID)[ctx.Doer.ID] {
ctx.Error(http.StatusForbidden, "", "Cannot publicize another member")
return
}
@ -278,7 +279,7 @@ func ConcealMember(ctx *context.APIContext) {
if ctx.Written() {
return
}
if userToConceal.ID != ctx.Doer.ID {
if userToConceal.ID != ctx.Doer.ID && !ctx.Doer.IsAdmin && !organization.IsUserOrgOwner(ctx, []*user_model.User{ctx.Doer}, ctx.Org.Organization.ID)[ctx.Doer.ID] {
ctx.Error(http.StatusForbidden, "", "Cannot conceal another member")
return
}