From 4f267ef64343f790ecbe23299effbc806f77ef6d Mon Sep 17 00:00:00 2001 From: a1012112796 <1012112796@qq.com> Date: Fri, 15 Jul 2022 22:21:54 +0800 Subject: [PATCH] Allow access to the Public Organization Member lists with minimal permissions (#20330) Examining Organization membership should not necessarily require sign-in if the organization is public and the members are public. Therefore we should adjust `/org/{org}/members` to not require login. Fix #7501 Signed-off-by: a1012112796 <1012112796@qq.com> Co-authored-by: zeripath --- modules/context/org.go | 15 +++++++++++++++ routers/web/org/home.go | 5 ----- routers/web/web.go | 7 ++++++- templates/org/home.tmpl | 8 +++----- 4 files changed, 24 insertions(+), 11 deletions(-) diff --git a/modules/context/org.go b/modules/context/org.go index 9f4ce485e5..d020befa40 100644 --- a/modules/context/org.go +++ b/modules/context/org.go @@ -12,6 +12,7 @@ import ( "code.gitea.io/gitea/models/perm" user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/structs" ) // Organization contains organization context @@ -69,6 +70,20 @@ func HandleOrgAssignment(ctx *Context, args ...bool) { return } org := ctx.Org.Organization + + // Handle Visibility + if org.Visibility != structs.VisibleTypePublic && !ctx.IsSigned { + // We must be signed in to see limited or private organizations + ctx.NotFound("OrgAssignment", err) + return + } + + if org.Visibility == structs.VisibleTypePrivate { + requireMember = true + } else if ctx.IsSigned && ctx.Doer.IsRestricted { + requireMember = true + } + ctx.ContextUser = org.AsUser() ctx.Data["Org"] = org diff --git a/routers/web/org/home.go b/routers/web/org/home.go index d565a0c242..63243a391f 100644 --- a/routers/web/org/home.go +++ b/routers/web/org/home.go @@ -39,11 +39,6 @@ func Home(ctx *context.Context) { org := ctx.Org.Organization - if !organization.HasOrgOrUserVisible(ctx, org.AsUser(), ctx.Doer) { - ctx.NotFound("HasOrgOrUserVisible", nil) - return - } - ctx.Data["PageIsUserProfile"] = true ctx.Data["Title"] = org.DisplayName() if len(org.Description) != 0 { diff --git a/routers/web/web.go b/routers/web/web.go index ae273d99e4..fbece620b1 100644 --- a/routers/web/web.go +++ b/routers/web/web.go @@ -610,6 +610,12 @@ func RegisterRoutes(m *web.Route) { } // ***** START: Organization ***** + m.Group("/org", func() { + m.Group("/{org}", func() { + m.Get("/members", org.Members) + }, context.OrgAssignment()) + }, ignSignIn) + m.Group("/org", func() { m.Group("", func() { m.Get("/create", org.Create) @@ -625,7 +631,6 @@ func RegisterRoutes(m *web.Route) { m.Get("/pulls/{team}", user.Pulls) m.Get("/milestones", reqMilestonesDashboardPageEnabled, user.Milestones) m.Get("/milestones/{team}", reqMilestonesDashboardPageEnabled, user.Milestones) - m.Get("/members", org.Members) m.Post("/members/action/{action}", org.MembersAction) m.Get("/teams", org.Teams) }, context.OrgAssignment(true, false, true)) diff --git a/templates/org/home.tmpl b/templates/org/home.tmpl index 06a9a36803..3ff86259d5 100644 --- a/templates/org/home.tmpl +++ b/templates/org/home.tmpl @@ -41,11 +41,9 @@ {{end}}

{{.locale.Tr "org.people"}} - {{if .IsOrganizationMember}} - - {{end}} +

{{$isMember := .IsOrganizationMember}}