Skip to content

Allow access to the Public Organization Member lists with minimal permissions #20330

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 11 commits into from
Jul 15, 2022
+24 −11
Merged

Allow access to the Public Organization Member lists with minimal permissions #20330

Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
cdff2f0
not request login for view public org members
a1012112796 Jul 12, 2022
d880a25
Merge branch 'main' into fix-ui-public-org
6543 Jul 12, 2022
4444bc1
Merge branch 'main' into fix-ui-public-org
a1012112796 Jul 13, 2022
0bd9cb3
Merge branch 'main' into fix-ui-public-org
wxiaoguang Jul 13, 2022
ab95622
Merge branch 'main' into fix-ui-public-org
wxiaoguang Jul 13, 2022
be0c1f9
Merge branch 'main' into fix-ui-public-org
a1012112796 Jul 14, 2022
3cc3ce9
fix permisson check
a1012112796 Jul 14, 2022
0c08884
Merge branch 'main' into fix-ui-public-org
wxiaoguang Jul 14, 2022
b75f7f1
Merge branch 'main' into fix-ui-public-org
wxiaoguang Jul 15, 2022
974721a
Merge branch 'main' into fix-ui-public-org
zeripath Jul 15, 2022
068061e
Merge branch 'main' into fix-ui-public-org
zeripath Jul 15, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions modules/context/org.go
View file
Original file line number Diff line number Diff line change
@@ -12,6 +12,7 @@ import (
"code.gitea.io/gitea/models/perm"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/structs"
)

// Organization contains organization context
@@ -69,6 +70,20 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
return
}
org := ctx.Org.Organization

// Handle Visibility
if org.Visibility != structs.VisibleTypePublic && !ctx.IsSigned {
// We must be signed in to see limited or private organizations
ctx.NotFound("OrgAssignment", err)
return
}

if org.Visibility == structs.VisibleTypePrivate {
requireMember = true
} else if ctx.IsSigned && ctx.Doer.IsRestricted {
requireMember = true
}

ctx.ContextUser = org.AsUser()
ctx.Data["Org"] = org

5 changes: 0 additions & 5 deletions routers/web/org/home.go
View file
Original file line number Diff line number Diff line change
@@ -39,11 +39,6 @@ func Home(ctx *context.Context) {

org := ctx.Org.Organization

if !organization.HasOrgOrUserVisible(ctx, org.AsUser(), ctx.Doer) {
ctx.NotFound("HasOrgOrUserVisible", nil)
return
}

ctx.Data["PageIsUserProfile"] = true
ctx.Data["Title"] = org.DisplayName()
if len(org.Description) != 0 {
7 changes: 6 additions & 1 deletion routers/web/web.go
View file
Original file line number Diff line number Diff line change
@@ -610,6 +610,12 @@ func RegisterRoutes(m *web.Route) {
}

// ***** START: Organization *****
m.Group("/org", func() {
m.Group("/{org}", func() {
m.Get("/members", org.Members)
}, context.OrgAssignment())
}, ignSignIn)

m.Group("/org", func() {
m.Group("", func() {
m.Get("/create", org.Create)
@@ -625,7 +631,6 @@ func RegisterRoutes(m *web.Route) {
m.Get("/pulls/{team}", user.Pulls)
m.Get("/milestones", reqMilestonesDashboardPageEnabled, user.Milestones)
m.Get("/milestones/{team}", reqMilestonesDashboardPageEnabled, user.Milestones)
m.Get("/members", org.Members)
m.Post("/members/action/{action}", org.MembersAction)
m.Get("/teams", org.Teams)
}, context.OrgAssignment(true, false, true))
8 changes: 3 additions & 5 deletions templates/org/home.tmpl
View file
Original file line number Diff line number Diff line change
@@ -41,11 +41,9 @@
{{end}}
<h4 class="ui top attached header df">
<strong class="f1">{{.locale.Tr "org.people"}}</strong>
{{if .IsOrganizationMember}}
<div class="ui">
<a class="text grey dif ac" href="{{.OrgLink}}/members"><span>{{.Org.NumMembers}}</span> {{svg "octicon-chevron-right"}}</a>
</div>
{{end}}
<div class="ui">
<a class="text grey dif ac" href="{{.OrgLink}}/members"><span>{{.MembersTotal}}</span> {{svg "octicon-chevron-right"}}</a>
</div>
</h4>
<div class="ui attached segment members">
{{$isMember := .IsOrganizationMember}}