diff options
| author | Zettat123 <zettat123@gmail.com> | 2023-05-10 12:14:58 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-05-10 04:14:58 +0000 |
| commit | 29637b03b2976580613550aef878cc31139c3abf (patch) | |
| tree | 776d5ea15d0ea3e93d9746dfd9be6a0f2871ce43 /models/activities | |
| parent | 8030614386b5d3fa02dc294446a344d274b04a26 (diff) | |
| download | gitea-29637b03b2976580613550aef878cc31139c3abf.tar.gz gitea-29637b03b2976580613550aef878cc31139c3abf.zip | |
Fix commits pushed with deploy keys not shown in dashboard (#24521)
Fix #21324
In the current logic, if the `Actor` user is not an admin user, all
activities from private organizations won't be shown even if the `Actor`
user is a member of the organization.
As mentioned in the issue, when using deploy key to make a commit and
push, the activity's `act_user_id` will be the id of the organization so
the activity won't be shown to non-admin users because the visibility of
the organization is private.
https://github.com/go-gitea/gitea/blob/55a57177600028ba8e4a480a08f1ee4d69d219d6/models/activities/action.go#L490-L503
This PR improves this logic so the activities of private organizations
can be shown.
Diffstat (limited to 'models/activities')
| -rw-r--r-- | models/activities/action.go | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/models/activities/action.go b/models/activities/action.go index f75ab55982..33e476e34d 100644 --- a/models/activities/action.go +++ b/models/activities/action.go @@ -494,12 +494,27 @@ func activityQueryCondition(opts GetFeedsOptions) (builder.Cond, error) { ).From("`user`"), )) } else if !opts.Actor.IsAdmin { - cond = cond.And(builder.In("act_user_id", - builder.Select("`user`.id").Where( - builder.Eq{"keep_activity_private": false}. - And(builder.In("visibility", structs.VisibleTypePublic, structs.VisibleTypeLimited))). - Or(builder.Eq{"id": opts.Actor.ID}).From("`user`"), - )) + uidCond := builder.Select("`user`.id").From("`user`").Where( + builder.Eq{"keep_activity_private": false}. + And(builder.In("visibility", structs.VisibleTypePublic, structs.VisibleTypeLimited))). + Or(builder.Eq{"id": opts.Actor.ID}) + + if opts.RequestedUser != nil { + if opts.RequestedUser.IsOrganization() { + // An organization can always see the activities whose `act_user_id` is the same as its id. + uidCond = uidCond.Or(builder.Eq{"id": opts.RequestedUser.ID}) + } else { + // A user can always see the activities of the organizations to which the user belongs. + uidCond = uidCond.Or( + builder.Eq{"type": user_model.UserTypeOrganization}. + And(builder.In("`user`.id", builder.Select("org_id"). + Where(builder.Eq{"uid": opts.RequestedUser.ID}). + From("team_user"))), + ) + } + } + + cond = cond.And(builder.In("act_user_id", uidCond)) } // check readable repositories by doer/actor |