diff options
Diffstat (limited to 'routers/api')
| -rw-r--r-- | routers/api/v1/org/org.go | 4 | ||||
| -rw-r--r-- | routers/api/v1/repo/repo.go | 5 |
2 files changed, 9 insertions, 0 deletions
diff --git a/routers/api/v1/org/org.go b/routers/api/v1/org/org.go index 59351e20d1..e3916046f0 100644 --- a/routers/api/v1/org/org.go +++ b/routers/api/v1/org/org.go @@ -129,6 +129,10 @@ func Get(ctx *context.APIContext) { // responses: // "200": // "$ref": "#/responses/Organization" + if !models.HasOrgVisible(ctx.Org.Organization, ctx.User) { + ctx.NotFound("HasOrgVisible", nil) + return + } ctx.JSON(200, convert.ToOrganization(ctx.Org.Organization)) } diff --git a/routers/api/v1/repo/repo.go b/routers/api/v1/repo/repo.go index d78700c6b0..f69cbee0c0 100644 --- a/routers/api/v1/repo/repo.go +++ b/routers/api/v1/repo/repo.go @@ -302,6 +302,11 @@ func CreateOrgRepo(ctx *context.APIContext, opt api.CreateRepoOption) { return } + if !models.HasOrgVisible(org, ctx.User) { + ctx.NotFound("HasOrgVisible", nil) + return + } + if !ctx.User.IsAdmin { isOwner, err := org.IsOwnedBy(ctx.User.ID) if err != nil { |