Don't disclose limited orgs to unauthenticated users

diff --git a/models/repo_list.go b/models/repo_list.go
index a08035ba71b07e84d9a3140c45620dfc8527847b..9d0fd6a324ea78902a5fb5b76d32fc40574d1d83 100644 (file)
--- a/models/repo_list.go
+++ b/models/repo_list.go
@@ -321,14 +321,18 @@ func accessibleRepositoryCondition(user *User) builder.Cond {
        var cond = builder.NewCond()
 
        if user == nil || !user.IsRestricted {
+               var orgVisibilityLimit = structs.VisibleTypePrivate
+               if user == nil {
+                       orgVisibilityLimit = structs.VisibleTypeLimited
+               }
                // 1. Be able to see all non-private repositories that either:
                cond = cond.Or(builder.And(
                        builder.Eq{"`repository`.is_private": false},
                        builder.Or(
                                //   A. Aren't in organisations  __OR__
                                builder.NotIn("`repository`.owner_id", builder.Select("id").From("`user`").Where(builder.Eq{"type": UserTypeOrganization})),
-                               //   B. Isn't a private organisation. (Limited is OK because we're logged in)
-                               builder.NotIn("`repository`.owner_id", builder.Select("id").From("`user`").Where(builder.Eq{"visibility": structs.VisibleTypePrivate})))))
+                               //   B. Isn't a private organisation. Limited is OK as long as we're logged in.
+                               builder.NotIn("`repository`.owner_id", builder.Select("id").From("`user`").Where(builder.Gte{"visibility": orgVisibilityLimit})))))
        }
 
        if user != nil {