diff options
| author | Florian Kaiser <florian.kaiser@fnkr.net> | 2016-02-06 07:52:21 +0000 |
|---|---|---|
| committer | Florian Kaiser <florian.kaiser@fnkr.net> | 2016-02-06 07:52:21 +0000 |
| commit | 45db167f7a80f777db403decf9532bc9a6c9d43e (patch) | |
| tree | 6950bbc21c8b607c4bfeb35754f5ce52d9fa0483 /models | |
| parent | 90e9e3c89d01c58b68c71f47249a6190c04797a0 (diff) | |
| download | gitea-45db167f7a80f777db403decf9532bc9a6c9d43e.tar.gz gitea-45db167f7a80f777db403decf9532bc9a6c9d43e.zip | |
Only show activities for repositories on dashboard, that the user has access to
Diffstat (limited to 'models')
| -rw-r--r-- | models/action.go | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/models/action.go b/models/action.go index 33d5246ee5..5a38da87c0 100644 --- a/models/action.go +++ b/models/action.go @@ -593,12 +593,29 @@ func MergePullRequestAction(actUser *User, repo *Repository, pull *Issue) error } // GetFeeds returns action list of given user in given context. -func GetFeeds(uid, offset int64, isProfile bool) ([]*Action, error) { +// ctxUserID is the user who's requesting, userID is the user/org that is requested. +// ctxUserID can be -1, if isProfile is true or in order to skip the permission check. +func GetFeeds(ctxUserID, userID, offset int64, isProfile bool) ([]*Action, error) { actions := make([]*Action, 0, 20) - sess := x.Limit(20, int(offset)).Desc("id").Where("user_id=?", uid) + sess := x.Limit(20, int(offset)).Desc("id").Where("user_id=?", userID) if isProfile { - sess.And("is_private=?", false).And("act_user_id=?", uid) + sess.And("is_private=?", false).And("act_user_id=?", userID) + } else if ctxUserID != -1 { + ctxUser := &User{Id: userID} + if err := ctxUser.GetUserRepositories(ctxUserID); err != nil { + return nil, err + } + + var repoIDs []int64 + for _, repo := range ctxUser.Repos { + repoIDs = append(repoIDs, repo.ID) + } + + if len(repoIDs) > 0 { + sess.In("repo_id", repoIDs) + } } + err := sess.Find(&actions) return actions, err } |