Allow access to the Public Organization Member lists with minimal permissions (#20330)

author a1012112796 <1012112796@qq.com>

Fri, 15 Jul 2022 14:21:54 +0000 (22:21 +0800)

committer GitHub <noreply@github.com>

Fri, 15 Jul 2022 14:21:54 +0000 (15:21 +0100)
author a1012112796 <1012112796@qq.com>
Fri, 15 Jul 2022 14:21:54 +0000 (22:21 +0800)
committer GitHub <noreply@github.com>
Fri, 15 Jul 2022 14:21:54 +0000 (15:21 +0100)
diff --git a/modules/context/org.go b/modules/context/org.go

index 9f4ce485e5ee72815994c30683210892e46fb093..d020befa40165e21c9c1ce482cd5971e222052c7 100644 (file)
--- a/modules/context/org.go
+++ b/modules/context/org.go
@@ -12,6 +12,7 @@ import (
         "code.gitea.io/gitea/models/perm"
         user_model "code.gitea.io/gitea/models/user"
         "code.gitea.io/gitea/modules/setting"
+       "code.gitea.io/gitea/modules/structs"
  )
  
  // Organization contains organization context
@@ -69,6 +70,20 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
                 return
         }
         org := ctx.Org.Organization
+
+       // Handle Visibility
+       if org.Visibility != structs.VisibleTypePublic && !ctx.IsSigned {
+               // We must be signed in to see limited or private organizations
+               ctx.NotFound("OrgAssignment", err)
+               return
+       }
+
+       if org.Visibility == structs.VisibleTypePrivate {
+               requireMember = true
+       } else if ctx.IsSigned && ctx.Doer.IsRestricted {
+               requireMember = true
+       }
+
         ctx.ContextUser = org.AsUser()
         ctx.Data["Org"] = org
  
diff --git a/routers/web/org/home.go b/routers/web/org/home.go

index d565a0c242404371f6cbd76f61e0d93181b2d845..63243a391f0e6d0cfc26a97980deb6f2892166a5 100644 (file)
--- a/routers/web/org/home.go
+++ b/routers/web/org/home.go
@@ -39,11 +39,6 @@ func Home(ctx *context.Context) {
  
         org := ctx.Org.Organization
  
-       if !organization.HasOrgOrUserVisible(ctx, org.AsUser(), ctx.Doer) {
-               ctx.NotFound("HasOrgOrUserVisible", nil)
-               return
-       }
-
         ctx.Data["PageIsUserProfile"] = true
         ctx.Data["Title"] = org.DisplayName()
         if len(org.Description) != 0 {
diff --git a/routers/web/web.go b/routers/web/web.go

index ae273d99e4ffd9586715b6eb5c36833bf64d7a7f..fbece620b1c3fd4ea615db75b5bee229830dea72 100644 (file)
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -610,6 +610,12 @@ func RegisterRoutes(m *web.Route) {
         }
  
         // ***** START: Organization *****
+       m.Group("/org", func() {
+               m.Group("/{org}", func() {
+                       m.Get("/members", org.Members)
+               }, context.OrgAssignment())
+       }, ignSignIn)
+
         m.Group("/org", func() {
                 m.Group("", func() {
                         m.Get("/create", org.Create)
@@ -625,7 +631,6 @@ func RegisterRoutes(m *web.Route) {
                         m.Get("/pulls/{team}", user.Pulls)
                         m.Get("/milestones", reqMilestonesDashboardPageEnabled, user.Milestones)
                         m.Get("/milestones/{team}", reqMilestonesDashboardPageEnabled, user.Milestones)
-                       m.Get("/members", org.Members)
                         m.Post("/members/action/{action}", org.MembersAction)
                         m.Get("/teams", org.Teams)
                 }, context.OrgAssignment(true, false, true))
diff --git a/templates/org/home.tmpl b/templates/org/home.tmpl

index 06a9a368035402a3c7a68111079d067cebacf6d5..3ff86259d53f230761d1c9494784a3c9d746ed84 100644 (file)
--- a/templates/org/home.tmpl
+++ b/templates/org/home.tmpl
@@ -41,11 +41,9 @@
                                 {{end}}
                                 <h4 class="ui top attached header df">
                                         <strong class="f1">{{.locale.Tr "org.people"}}</strong>
-                                       {{if .IsOrganizationMember}}
-                                               <div class="ui">
-                                                       <a class="text grey dif ac" href="{{.OrgLink}}/members"><span>{{.Org.NumMembers}}</span> {{svg "octicon-chevron-right"}}</a>
-                                               </div>
-                                       {{end}}
+                                       <div class="ui">
+                                               <a class="text grey dif ac" href="{{.OrgLink}}/members"><span>{{.MembersTotal}}</span> {{svg "octicon-chevron-right"}}</a>
+                                       </div>
                                 </h4>
                                 <div class="ui attached segment members">
                                         {{$isMember := .IsOrganizationMember}}
author	a1012112796 <1012112796@qq.com>
	Fri, 15 Jul 2022 14:21:54 +0000 (22:21 +0800)
committer	GitHub <noreply@github.com>
	Fri, 15 Jul 2022 14:21:54 +0000 (15:21 +0100)
modules/context/org.go		patch \| blob \| history
routers/web/org/home.go		patch \| blob \| history
routers/web/web.go		patch \| blob \| history
templates/org/home.tmpl		patch \| blob \| history