mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4361 Commits
17 Branches
Tree: 4247304f5a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4247304f5a'
${ noResults }
gitea/models/org.go

org.go 15KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models

  6. 

  7. import (

  8. 	"errors"

  9. 	"fmt"

  10. 	"os"

  11. 	"strings"

  12. 

  13. 	"github.com/go-xorm/xorm"

  14. 

  15. 	"code.gitea.io/gitea/modules/base"

  16. 	"code.gitea.io/gitea/modules/log"

  17. )

  18. 

  19. var (

  20. 	ErrOrgNotExist  = errors.New("Organization does not exist")

  21. 	ErrTeamNotExist = errors.New("Team does not exist")

  22. )

  23. 

  24. // IsOwnedBy returns true if given user is in the owner team.

  25. func (org *User) IsOwnedBy(uid int64) bool {

  26. 	return IsOrganizationOwner(org.ID, uid)

  27. }

  28. 

  29. // IsOrgMember returns true if given user is member of organization.

  30. func (org *User) IsOrgMember(uid int64) bool {

  31. 	return org.IsOrganization() && IsOrganizationMember(org.ID, uid)

  32. }

  33. 

  34. func (org *User) getTeam(e Engine, name string) (*Team, error) {

  35. 	return getTeam(e, org.ID, name)

  36. }

  37. 

  38. // GetTeam returns named team of organization.

  39. func (org *User) GetTeam(name string) (*Team, error) {

  40. 	return org.getTeam(x, name)

  41. }

  42. 

  43. func (org *User) getOwnerTeam(e Engine) (*Team, error) {

  44. 	return org.getTeam(e, OWNER_TEAM)

  45. }

  46. 

  47. // GetOwnerTeam returns owner team of organization.

  48. func (org *User) GetOwnerTeam() (*Team, error) {

  49. 	return org.getOwnerTeam(x)

  50. }

  51. 

  52. func (org *User) getTeams(e Engine) error {

  53. 	return e.Where("org_id=?", org.ID).OrderBy("CASE WHEN name LIKE '" + OWNER_TEAM + "' THEN '' ELSE name END").Find(&org.Teams)

  54. }

  55. 

  56. // GetTeams returns all teams that belong to organization.

  57. func (org *User) GetTeams() error {

  58. 	return org.getTeams(x)

  59. }

  60. 

  61. // GetMembers returns all members of organization.

  62. func (org *User) GetMembers() error {

  63. 	ous, err := GetOrgUsersByOrgID(org.ID)

  64. 	if err != nil {

  65. 		return err

  66. 	}

  67. 

  68. 	var ids = make([]int64, len(ous))

  69. 	for i, ou := range ous {

  70. 		ids[i] = ou.Uid

  71. 	}

  72. 	org.Members, err = GetUsersByIDs(ids)

  73. 	return err

  74. }

  75. 

  76. // AddMember adds new member to organization.

  77. func (org *User) AddMember(uid int64) error {

  78. 	return AddOrgUser(org.ID, uid)

  79. }

  80. 

  81. // RemoveMember removes member from organization.

  82. func (org *User) RemoveMember(uid int64) error {

  83. 	return RemoveOrgUser(org.ID, uid)

  84. }

  85. 

  86. func (org *User) removeOrgRepo(e Engine, repoID int64) error {

  87. 	return removeOrgRepo(e, org.ID, repoID)

  88. }

  89. 

  90. // RemoveOrgRepo removes all team-repository relations of organization.

  91. func (org *User) RemoveOrgRepo(repoID int64) error {

  92. 	return org.removeOrgRepo(x, repoID)

  93. }

  94. 

  95. // CreateOrganization creates record of a new organization.

  96. func CreateOrganization(org, owner *User) (err error) {

  97. 	if err = IsUsableUsername(org.Name); err != nil {

  98. 		return err

  99. 	}

  100. 

  101. 	isExist, err := IsUserExist(0, org.Name)

  102. 	if err != nil {

  103. 		return err

  104. 	} else if isExist {

  105. 		return ErrUserAlreadyExist{org.Name}

  106. 	}

  107. 

  108. 	org.LowerName = strings.ToLower(org.Name)

  109. 	org.Rands = GetUserSalt()

  110. 	org.Salt = GetUserSalt()

  111. 	org.UseCustomAvatar = true

  112. 	org.MaxRepoCreation = -1

  113. 	org.NumTeams = 1

  114. 	org.NumMembers = 1

  115. 

  116. 	sess := x.NewSession()

  117. 	defer sessionRelease(sess)

  118. 	if err = sess.Begin(); err != nil {

  119. 		return err

  120. 	}

  121. 

  122. 	if _, err = sess.Insert(org); err != nil {

  123. 		return fmt.Errorf("insert organization: %v", err)

  124. 	}

  125. 	org.GenerateRandomAvatar()

  126. 

  127. 	// Add initial creator to organization and owner team.

  128. 	if _, err = sess.Insert(&OrgUser{

  129. 		Uid:      owner.ID,

  130. 		OrgID:    org.ID,

  131. 		IsOwner:  true,

  132. 		NumTeams: 1,

  133. 	}); err != nil {

  134. 		return fmt.Errorf("insert org-user relation: %v", err)

  135. 	}

  136. 

  137. 	// Create default owner team.

  138. 	t := &Team{

  139. 		OrgID:      org.ID,

  140. 		LowerName:  strings.ToLower(OWNER_TEAM),

  141. 		Name:       OWNER_TEAM,

  142. 		Authorize:  AccessModeOwner,

  143. 		NumMembers: 1,

  144. 	}

  145. 	if _, err = sess.Insert(t); err != nil {

  146. 		return fmt.Errorf("insert owner team: %v", err)

  147. 	}

  148. 

  149. 	if _, err = sess.Insert(&TeamUser{

  150. 		Uid:    owner.ID,

  151. 		OrgID:  org.ID,

  152. 		TeamID: t.ID,

  153. 	}); err != nil {

  154. 		return fmt.Errorf("insert team-user relation: %v", err)

  155. 	}

  156. 

  157. 	if err = os.MkdirAll(UserPath(org.Name), os.ModePerm); err != nil {

  158. 		return fmt.Errorf("create directory: %v", err)

  159. 	}

  160. 

  161. 	return sess.Commit()

  162. }

  163. 

  164. // GetOrgByName returns organization by given name.

  165. func GetOrgByName(name string) (*User, error) {

  166. 	if len(name) == 0 {

  167. 		return nil, ErrOrgNotExist

  168. 	}

  169. 	u := &User{

  170. 		LowerName: strings.ToLower(name),

  171. 		Type:      UserTypeOrganization,

  172. 	}

  173. 	has, err := x.Get(u)

  174. 	if err != nil {

  175. 		return nil, err

  176. 	} else if !has {

  177. 		return nil, ErrOrgNotExist

  178. 	}

  179. 	return u, nil

  180. }

  181. 

  182. // CountOrganizations returns number of organizations.

  183. func CountOrganizations() int64 {

  184. 	count, _ := x.Where("type=1").Count(new(User))

  185. 	return count

  186. }

  187. 

  188. // Organizations returns number of organizations in given page.

  189. func Organizations(page, pageSize int) ([]*User, error) {

  190. 	orgs := make([]*User, 0, pageSize)

  191. 	return orgs, x.Limit(pageSize, (page-1)*pageSize).Where("type=1").Asc("name").Find(&orgs)

  192. }

  193. 

  194. // DeleteOrganization completely and permanently deletes everything of organization.

  195. func DeleteOrganization(org *User) (err error) {

  196. 	if err := DeleteUser(org); err != nil {

  197. 		return err

  198. 	}

  199. 

  200. 	sess := x.NewSession()

  201. 	defer sessionRelease(sess)

  202. 	if err = sess.Begin(); err != nil {

  203. 		return err

  204. 	}

  205. 

  206. 	if err = deleteBeans(sess,

  207. 		&Team{OrgID: org.ID},

  208. 		&OrgUser{OrgID: org.ID},

  209. 		&TeamUser{OrgID: org.ID},

  210. 	); err != nil {

  211. 		return fmt.Errorf("deleteBeans: %v", err)

  212. 	}

  213. 

  214. 	if err = deleteUser(sess, org); err != nil {

  215. 		return fmt.Errorf("deleteUser: %v", err)

  216. 	}

  217. 

  218. 	return sess.Commit()

  219. }

  220. 

  221. // ________                ____ ___

  222. // \_____  \_______  ____ |    |   \______ ___________

  223. //  /   |   \_  __ \/ ___\|    |   /  ___// __ \_  __ \

  224. // /    |    \  | \/ /_/  >    |  /\___ \\  ___/|  | \/

  225. // \_______  /__|  \___  /|______//____  >\___  >__|

  226. //         \/     /_____/              \/     \/

  227. 

  228. // OrgUser represents an organization-user relation.

  229. type OrgUser struct {

  230. 	ID       int64 `xorm:"pk autoincr"`

  231. 	Uid      int64 `xorm:"INDEX UNIQUE(s)"`

  232. 	OrgID    int64 `xorm:"INDEX UNIQUE(s)"`

  233. 	IsPublic bool

  234. 	IsOwner  bool

  235. 	NumTeams int

  236. }

  237. 

  238. // IsOrganizationOwner returns true if given user is in the owner team.

  239. func IsOrganizationOwner(orgId, uid int64) bool {

  240. 	has, _ := x.Where("is_owner=?", true).And("uid=?", uid).And("org_id=?", orgId).Get(new(OrgUser))

  241. 	return has

  242. }

  243. 

  244. // IsOrganizationMember returns true if given user is member of organization.

  245. func IsOrganizationMember(orgId, uid int64) bool {

  246. 	has, _ := x.Where("uid=?", uid).And("org_id=?", orgId).Get(new(OrgUser))

  247. 	return has

  248. }

  249. 

  250. // IsPublicMembership returns true if given user public his/her membership.

  251. func IsPublicMembership(orgId, uid int64) bool {

  252. 	has, _ := x.Where("uid=?", uid).And("org_id=?", orgId).And("is_public=?", true).Get(new(OrgUser))

  253. 	return has

  254. }

  255. 

  256. func getOrgsByUserID(sess *xorm.Session, userID int64, showAll bool) ([]*User, error) {

  257. 	orgs := make([]*User, 0, 10)

  258. 	if !showAll {

  259. 		sess.And("`org_user`.is_public=?", true)

  260. 	}

  261. 	return orgs, sess.

  262. 		And("`org_user`.uid=?", userID).

  263. 		Join("INNER", "`org_user`", "`org_user`.org_id=`user`.id").

  264. 		Asc("`user`.name").

  265. 		Find(&orgs)

  266. }

  267. 

  268. // GetOrgsByUserID returns a list of organizations that the given user ID

  269. // has joined.

  270. func GetOrgsByUserID(userID int64, showAll bool) ([]*User, error) {

  271. 	return getOrgsByUserID(x.NewSession(), userID, showAll)

  272. }

  273. 

  274. // GetOrgsByUserIDDesc returns a list of organizations that the given user ID

  275. // has joined, ordered descending by the given condition.

  276. func GetOrgsByUserIDDesc(userID int64, desc string, showAll bool) ([]*User, error) {

  277. 	return getOrgsByUserID(x.NewSession().Desc(desc), userID, showAll)

  278. }

  279. 

  280. func getOwnedOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) {

  281. 	orgs := make([]*User, 0, 10)

  282. 	return orgs, sess.

  283. 		Where("`org_user`.uid=?", userID).

  284. 		And("`org_user`.is_owner=?", true).

  285. 		Join("INNER", "`org_user`", "`org_user`.org_id=`user`.id").

  286. 		Asc("`user`.name").

  287. 		Find(&orgs)

  288. }

  289. 

  290. // GetOwnedOrgsByUserID returns a list of organizations are owned by given user ID.

  291. func GetOwnedOrgsByUserID(userID int64) ([]*User, error) {

  292. 	sess := x.NewSession()

  293. 	return getOwnedOrgsByUserID(sess, userID)

  294. }

  295. 

  296. // GetOwnedOrganizationsByUserIDDesc returns a list of organizations are owned by

  297. // given user ID, ordered descending by the given condition.

  298. func GetOwnedOrgsByUserIDDesc(userID int64, desc string) ([]*User, error) {

  299. 	sess := x.NewSession()

  300. 	return getOwnedOrgsByUserID(sess.Desc(desc), userID)

  301. }

  302. 

  303. // GetOrgUsersByUserID returns all organization-user relations by user ID.

  304. func GetOrgUsersByUserID(uid int64, all bool) ([]*OrgUser, error) {

  305. 	ous := make([]*OrgUser, 0, 10)

  306. 	sess := x.

  307. 		Join("LEFT", "user", `"org_user".org_id="user".id`).

  308. 		Where(`"org_user".uid=?`, uid)

  309. 	if !all {

  310. 		// Only show public organizations

  311. 		sess.And("is_public=?", true)

  312. 	}

  313. 	err := sess.

  314. 		Asc("`user`.name").

  315. 		Find(&ous)

  316. 	return ous, err

  317. }

  318. 

  319. // GetOrgUsersByOrgID returns all organization-user relations by organization ID.

  320. func GetOrgUsersByOrgID(orgID int64) ([]*OrgUser, error) {

  321. 	ous := make([]*OrgUser, 0, 10)

  322. 	err := x.Where("org_id=?", orgID).Find(&ous)

  323. 	return ous, err

  324. }

  325. 

  326. // ChangeOrgUserStatus changes public or private membership status.

  327. func ChangeOrgUserStatus(orgID, uid int64, public bool) error {

  328. 	ou := new(OrgUser)

  329. 	has, err := x.Where("uid=?", uid).And("org_id=?", orgID).Get(ou)

  330. 	if err != nil {

  331. 		return err

  332. 	} else if !has {

  333. 		return nil

  334. 	}

  335. 

  336. 	ou.IsPublic = public

  337. 	_, err = x.Id(ou.ID).AllCols().Update(ou)

  338. 	return err

  339. }

  340. 

  341. // AddOrgUser adds new user to given organization.

  342. func AddOrgUser(orgID, uid int64) error {

  343. 	if IsOrganizationMember(orgID, uid) {

  344. 		return nil

  345. 	}

  346. 

  347. 	sess := x.NewSession()

  348. 	defer sess.Close()

  349. 	if err := sess.Begin(); err != nil {

  350. 		return err

  351. 	}

  352. 

  353. 	ou := &OrgUser{

  354. 		Uid:   uid,

  355. 		OrgID: orgID,

  356. 	}

  357. 

  358. 	if _, err := sess.Insert(ou); err != nil {

  359. 		sess.Rollback()

  360. 		return err

  361. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members = num_members + 1 WHERE id = ?", orgID); err != nil {

  362. 		sess.Rollback()

  363. 		return err

  364. 	}

  365. 

  366. 	return sess.Commit()

  367. }

  368. 

  369. // RemoveOrgUser removes user from given organization.

  370. func RemoveOrgUser(orgID, userID int64) error {

  371. 	ou := new(OrgUser)

  372. 

  373. 	has, err := x.Where("uid=?", userID).And("org_id=?", orgID).Get(ou)

  374. 	if err != nil {

  375. 		return fmt.Errorf("get org-user: %v", err)

  376. 	} else if !has {

  377. 		return nil

  378. 	}

  379. 

  380. 	user, err := GetUserByID(userID)

  381. 	if err != nil {

  382. 		return fmt.Errorf("GetUserByID [%d]: %v", userID, err)

  383. 	}

  384. 	org, err := GetUserByID(orgID)

  385. 	if err != nil {

  386. 		return fmt.Errorf("GetUserByID [%d]: %v", orgID, err)

  387. 	}

  388. 

  389. 	// FIXME: only need to get IDs here, not all fields of repository.

  390. 	repos, _, err := org.GetUserRepositories(user.ID, 1, org.NumRepos)

  391. 	if err != nil {

  392. 		return fmt.Errorf("GetUserRepositories [%d]: %v", user.ID, err)

  393. 	}

  394. 

  395. 	// Check if the user to delete is the last member in owner team.

  396. 	if IsOrganizationOwner(orgID, userID) {

  397. 		t, err := org.GetOwnerTeam()

  398. 		if err != nil {

  399. 			return err

  400. 		}

  401. 		if t.NumMembers == 1 {

  402. 			return ErrLastOrgOwner{UID: userID}

  403. 		}

  404. 	}

  405. 

  406. 	sess := x.NewSession()

  407. 	defer sessionRelease(sess)

  408. 	if err := sess.Begin(); err != nil {

  409. 		return err

  410. 	}

  411. 

  412. 	if _, err := sess.Id(ou.ID).Delete(ou); err != nil {

  413. 		return err

  414. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members=num_members-1 WHERE id=?", orgID); err != nil {

  415. 		return err

  416. 	}

  417. 

  418. 	// Delete all repository accesses and unwatch them.

  419. 	repoIDs := make([]int64, len(repos))

  420. 	for i := range repos {

  421. 		repoIDs = append(repoIDs, repos[i].ID)

  422. 		if err = watchRepo(sess, user.ID, repos[i].ID, false); err != nil {

  423. 			return err

  424. 		}

  425. 	}

  426. 

  427. 	if len(repoIDs) > 0 {

  428. 		if _, err = sess.Where("user_id = ?", user.ID).In("repo_id", repoIDs).Delete(new(Access)); err != nil {

  429. 			return err

  430. 		}

  431. 	}

  432. 

  433. 	// Delete member in his/her teams.

  434. 	teams, err := getUserTeams(sess, org.ID, user.ID)

  435. 	if err != nil {

  436. 		return err

  437. 	}

  438. 	for _, t := range teams {

  439. 		if err = removeTeamMember(sess, org.ID, t.ID, user.ID); err != nil {

  440. 			return err

  441. 		}

  442. 	}

  443. 

  444. 	return sess.Commit()

  445. }

  446. 

  447. func removeOrgRepo(e Engine, orgID, repoID int64) error {

  448. 	_, err := e.Delete(&TeamRepo{

  449. 		OrgID:  orgID,

  450. 		RepoID: repoID,

  451. 	})

  452. 	return err

  453. }

  454. 

  455. // RemoveOrgRepo removes all team-repository relations of given organization.

  456. func RemoveOrgRepo(orgID, repoID int64) error {

  457. 	return removeOrgRepo(x, orgID, repoID)

  458. }

  459. 

  460. func (org *User) getUserTeams(e Engine, userID int64, cols ...string) ([]*Team, error) {

  461. 	teams := make([]*Team, 0, org.NumTeams)

  462. 	return teams, e.

  463. 		Where("`team_user`.org_id = ?", org.ID).

  464. 		Join("INNER", "team_user", "`team_user`.team_id = team.id").

  465. 		Join("INNER", "user", "`user`.id=team_user.uid").

  466. 		And("`team_user`.uid = ?", userID).

  467. 		Asc("`user`.name").

  468. 		Cols(cols...).

  469. 	    Find(&teams)

  470. }

  471. 

  472. // GetUserTeamIDs returns of all team IDs of the organization that user is memeber of.

  473. func (org *User) GetUserTeamIDs(userID int64) ([]int64, error) {

  474. 	teams, err := org.getUserTeams(x, userID, "team.id")

  475. 	if err != nil {

  476. 		return nil, fmt.Errorf("getUserTeams [%d]: %v", userID, err)

  477. 	}

  478. 

  479. 	teamIDs := make([]int64, len(teams))

  480. 	for i := range teams {

  481. 		teamIDs[i] = teams[i].ID

  482. 	}

  483. 	return teamIDs, nil

  484. }

  485. 

  486. // GetTeams returns all teams that belong to organization,

  487. // and that the user has joined.

  488. func (org *User) GetUserTeams(userID int64) ([]*Team, error) {

  489. 	return org.getUserTeams(x, userID)

  490. }

  491. 

  492. // GetUserRepositories returns a range of repositories in organization

  493. // that the user with the given userID has access to,

  494. // and total number of records based on given condition.

  495. func (org *User) GetUserRepositories(userID int64, page, pageSize int) ([]*Repository, int64, error) {

  496. 	teamIDs, err := org.GetUserTeamIDs(userID)

  497. 	if err != nil {

  498. 		return nil, 0, fmt.Errorf("GetUserTeamIDs: %v", err)

  499. 	}

  500. 	if len(teamIDs) == 0 {

  501. 		// user has no team but "IN ()" is invalid SQL

  502. 		teamIDs = []int64{-1} // there is no repo with id=-1

  503. 	}

  504. 

  505. 	if page <= 0 {

  506. 		page = 1

  507. 	}

  508. 	repos := make([]*Repository, 0, pageSize)

  509. 	// FIXME: use XORM chain operations instead of raw SQL.

  510. 	if err = x.SQL(fmt.Sprintf(`SELECT repository.* FROM repository

  511. 	INNER JOIN team_repo

  512. 	ON team_repo.repo_id = repository.id

  513. 	WHERE (repository.owner_id = ? AND repository.is_private = ?) OR team_repo.team_id IN (%s)

  514. 	GROUP BY repository.id

  515. 	ORDER BY updated_unix DESC

  516. 	LIMIT %d OFFSET %d`,

  517. 		strings.Join(base.Int64sToStrings(teamIDs), ","), pageSize, (page-1)*pageSize),

  518. 		org.ID, false).Find(&repos); err != nil {

  519. 		return nil, 0, fmt.Errorf("get repositories: %v", err)

  520. 	}

  521. 

  522. 	results, err := x.Query(fmt.Sprintf(`SELECT repository.id FROM repository

  523. 	INNER JOIN team_repo

  524. 	ON team_repo.repo_id = repository.id

  525. 	WHERE (repository.owner_id = ? AND repository.is_private = ?) OR team_repo.team_id IN (%s)

  526. 	GROUP BY repository.id

  527. 	ORDER BY updated_unix DESC`,

  528. 		strings.Join(base.Int64sToStrings(teamIDs), ",")),

  529. 		org.ID, false)

  530. 	if err != nil {

  531. 		log.Error(4, "count user repositories in organization: %v", err)

  532. 	}

  533. 

  534. 	return repos, int64(len(results)), nil

  535. }

  536. 

  537. // GetUserRepositories returns mirror repositories of the organization

  538. // that the user with the given userID has access to.

  539. func (org *User) GetUserMirrorRepositories(userID int64) ([]*Repository, error) {

  540. 	teamIDs, err := org.GetUserTeamIDs(userID)

  541. 	if err != nil {

  542. 		return nil, fmt.Errorf("GetUserTeamIDs: %v", err)

  543. 	}

  544. 	if len(teamIDs) == 0 {

  545. 		teamIDs = []int64{-1}

  546. 	}

  547. 

  548. 	repos := make([]*Repository, 0, 10)

  549. 	if err = x.SQL(fmt.Sprintf(`SELECT repository.* FROM repository

  550. 	INNER JOIN team_repo

  551. 	ON team_repo.repo_id = repository.id AND repository.is_mirror = ?

  552. 	WHERE (repository.owner_id = ? AND repository.is_private = ?) OR team_repo.team_id IN (%s)

  553. 	GROUP BY repository.id

  554. 	ORDER BY updated_unix DESC`,

  555. 		strings.Join(base.Int64sToStrings(teamIDs), ",")),

  556. 		true, org.ID, false).Find(&repos); err != nil {

  557. 		return nil, fmt.Errorf("get repositories: %v", err)

  558. 	}

  559. 	return repos, nil

  560. }