Examining Organization membership should not necessarily require sign-in if the organization is public and the members are public. Therefore we should adjust `/org/{org}/members` to not require login.
Fix #7501
Signed-off-by: a101211279
<1012112796@qq.com>
Co-authored-by: zeripath <art27@cantab.net>
tags/v1.18.0-rc0
@@ -12,6 +12,7 @@ import ( | |||
"code.gitea.io/gitea/models/perm" | |||
user_model "code.gitea.io/gitea/models/user" | |||
"code.gitea.io/gitea/modules/setting" | |||
"code.gitea.io/gitea/modules/structs" | |||
) | |||
// Organization contains organization context | |||
@@ -69,6 +70,20 @@ func HandleOrgAssignment(ctx *Context, args ...bool) { | |||
return | |||
} | |||
org := ctx.Org.Organization | |||
// Handle Visibility | |||
if org.Visibility != structs.VisibleTypePublic && !ctx.IsSigned { | |||
// We must be signed in to see limited or private organizations | |||
ctx.NotFound("OrgAssignment", err) | |||
return | |||
} | |||
if org.Visibility == structs.VisibleTypePrivate { | |||
requireMember = true | |||
} else if ctx.IsSigned && ctx.Doer.IsRestricted { | |||
requireMember = true | |||
} | |||
ctx.ContextUser = org.AsUser() | |||
ctx.Data["Org"] = org | |||
@@ -39,11 +39,6 @@ func Home(ctx *context.Context) { | |||
org := ctx.Org.Organization | |||
if !organization.HasOrgOrUserVisible(ctx, org.AsUser(), ctx.Doer) { | |||
ctx.NotFound("HasOrgOrUserVisible", nil) | |||
return | |||
} | |||
ctx.Data["PageIsUserProfile"] = true | |||
ctx.Data["Title"] = org.DisplayName() | |||
if len(org.Description) != 0 { |
@@ -610,6 +610,12 @@ func RegisterRoutes(m *web.Route) { | |||
} | |||
// ***** START: Organization ***** | |||
m.Group("/org", func() { | |||
m.Group("/{org}", func() { | |||
m.Get("/members", org.Members) | |||
}, context.OrgAssignment()) | |||
}, ignSignIn) | |||
m.Group("/org", func() { | |||
m.Group("", func() { | |||
m.Get("/create", org.Create) | |||
@@ -625,7 +631,6 @@ func RegisterRoutes(m *web.Route) { | |||
m.Get("/pulls/{team}", user.Pulls) | |||
m.Get("/milestones", reqMilestonesDashboardPageEnabled, user.Milestones) | |||
m.Get("/milestones/{team}", reqMilestonesDashboardPageEnabled, user.Milestones) | |||
m.Get("/members", org.Members) | |||
m.Post("/members/action/{action}", org.MembersAction) | |||
m.Get("/teams", org.Teams) | |||
}, context.OrgAssignment(true, false, true)) |
@@ -41,11 +41,9 @@ | |||
{{end}} | |||
<h4 class="ui top attached header df"> | |||
<strong class="f1">{{.locale.Tr "org.people"}}</strong> | |||
{{if .IsOrganizationMember}} | |||
<div class="ui"> | |||
<a class="text grey dif ac" href="{{.OrgLink}}/members"><span>{{.Org.NumMembers}}</span> {{svg "octicon-chevron-right"}}</a> | |||
</div> | |||
{{end}} | |||
<div class="ui"> | |||
<a class="text grey dif ac" href="{{.OrgLink}}/members"><span>{{.MembersTotal}}</span> {{svg "octicon-chevron-right"}}</a> | |||
</div> | |||
</h4> | |||
<div class="ui attached segment members"> | |||
{{$isMember := .IsOrganizationMember}} |