diff options
| author | Ethan Koenig <ethantkoenig@gmail.com> | 2017-12-20 23:43:26 -0800 |
|---|---|---|
| committer | Lauris BH <lauris@nix.lv> | 2017-12-21 09:43:26 +0200 |
| commit | 515cdaa85d6087d91a61ebe74fae39e0c4bdf1c4 (patch) | |
| tree | 3a7143fc376af4402ca9008876be3afdc0c18efc /routers/repo/repo.go | |
| parent | 529482135c8e9304dd7cdf08772eaba61d903894 (diff) | |
| download | gitea-515cdaa85d6087d91a61ebe74fae39e0c4bdf1c4.tar.gz gitea-515cdaa85d6087d91a61ebe74fae39e0c4bdf1c4.zip | |
Fix ignored errors when checking if organization, team member (#3177)
Diffstat (limited to 'routers/repo/repo.go')
| -rw-r--r-- | routers/repo/repo.go | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/routers/repo/repo.go b/routers/repo/repo.go index aedc4e5477..4cd7c8062c 100644 --- a/routers/repo/repo.go +++ b/routers/repo/repo.go @@ -74,10 +74,20 @@ func checkContextUser(ctx *context.Context, uid int64) *models.User { } // Check ownership of organization. - if !org.IsOrganization() || !(ctx.User.IsAdmin || org.IsOwnedBy(ctx.User.ID)) { + if !org.IsOrganization() { ctx.Error(403) return nil } + if !ctx.User.IsAdmin { + isOwner, err := org.IsOwnedBy(ctx.User.ID) + if err != nil { + ctx.Handle(500, "IsOwnedBy", err) + return nil + } else if !isOwner { + ctx.Error(403) + return nil + } + } return org } |