From a0a77c9401c6ba89e9b24b609d455a7ab7303136 Mon Sep 17 00:00:00 2001 From: zeripath Date: Sat, 10 Oct 2020 20:48:20 +0100 Subject: [PATCH] Fix deadlock when deleting team user (#13093) Backport #13092 `models.getUserRepoPermission(...)` calls `HasOrgVisible` which uses `models.x` potentially outside of the transaction `e` provided as an argument to `getUserRepoPermission`. This PR switches to use `hasOrgVisible(e, ...)`. Fix #12983 Signed-off-by: Andrew Thornton --- models/repo_permission.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/models/repo_permission.go b/models/repo_permission.go index 2061f9770d..7768bb6257 100644 --- a/models/repo_permission.go +++ b/models/repo_permission.go @@ -178,7 +178,7 @@ func getUserRepoPermission(e Engine, repo *Repository, user *User) (perm Permiss // Prevent strangers from checking out public repo of private orginization // Allow user if they are collaborator of a repo within a private orginization but not a member of the orginization itself - if repo.Owner.IsOrganization() && !HasOrgVisible(repo.Owner, user) && !isCollaborator { + if repo.Owner.IsOrganization() && !hasOrgVisible(e, repo.Owner, user) && !isCollaborator { perm.AccessMode = AccessModeNone return } -- 2.39.5