diff options
| author | Gusted <gusted@noreply.codeberg.org> | 2024-12-04 18:57:07 +0100 |
|---|---|---|
| committer | Gusted <gusted@noreply.codeberg.org> | 2024-12-04 18:57:07 +0100 |
| commit | 5a7a87846b4f8ddf3264e935c02a7298e02e2463 (patch) | |
| tree | 7383789a9d8f690580dc2d3c995820d346aaf631 | |
| parent | Update module code.forgejo.org/go-chi/captcha to v1.0.1 (forgejo) (#6148) (diff) | |
| parent | fix: correct permission loading for limited organisation (diff) | |
| download | forgejo-5a7a87846b4f8ddf3264e935c02a7298e02e2463.tar.xz forgejo-5a7a87846b4f8ddf3264e935c02a7298e02e2463.zip | |
Merge pull request 'fix: correct permission loading for limited organisation' (#6144) from gusted/forgejo-org-limited into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6144
Reviewed-by: Otto <otto@codeberg.org>
| -rw-r--r-- | models/organization/org.go | 2 | ||||
| -rw-r--r-- | models/organization/org_test.go | 34 |
2 files changed, 35 insertions, 1 deletions
diff --git a/models/organization/org.go b/models/organization/org.go index 0dc42e1c4f..d7269c7166 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -264,7 +264,7 @@ func (org *Organization) UnitPermission(ctx context.Context, doer *user_model.Us } } - if org.Visibility.IsPublic() { + if org.Visibility.IsPublic() || (org.Visibility.IsLimited() && doer != nil) { return perm.AccessModeRead } diff --git a/models/organization/org_test.go b/models/organization/org_test.go index 681eeb8a34..7a67d9f822 100644 --- a/models/organization/org_test.go +++ b/models/organization/org_test.go @@ -9,7 +9,9 @@ import ( "code.gitea.io/gitea/models/db" "code.gitea.io/gitea/models/organization" + "code.gitea.io/gitea/models/perm" repo_model "code.gitea.io/gitea/models/repo" + "code.gitea.io/gitea/models/unit" "code.gitea.io/gitea/models/unittest" user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/modules/structs" @@ -482,3 +484,35 @@ func TestCreateOrganization4(t *testing.T) { assert.True(t, db.IsErrNameReserved(err)) unittest.CheckConsistencyFor(t, &organization.Organization{}, &organization.Team{}) } + +func TestUnitPermission(t *testing.T) { + require.NoError(t, unittest.PrepareTestDatabase()) + + publicOrg := &organization.Organization{ID: 1001, Visibility: structs.VisibleTypePublic} + limitedOrg := &organization.Organization{ID: 1001, Visibility: structs.VisibleTypeLimited} + privateOrg := &organization.Organization{ID: 1001, Visibility: structs.VisibleTypePrivate} + user := &user_model.User{ID: 1001} + t.Run("Anonymous", func(t *testing.T) { + t.Run("Public", func(t *testing.T) { + assert.EqualValues(t, perm.AccessModeRead, publicOrg.UnitPermission(db.DefaultContext, nil, unit.TypeCode)) + }) + t.Run("Limited", func(t *testing.T) { + assert.EqualValues(t, perm.AccessModeNone, limitedOrg.UnitPermission(db.DefaultContext, nil, unit.TypeCode)) + }) + t.Run("Private", func(t *testing.T) { + assert.EqualValues(t, perm.AccessModeNone, privateOrg.UnitPermission(db.DefaultContext, nil, unit.TypeCode)) + }) + }) + + t.Run("Logged in", func(t *testing.T) { + t.Run("Public", func(t *testing.T) { + assert.EqualValues(t, perm.AccessModeRead, publicOrg.UnitPermission(db.DefaultContext, user, unit.TypeCode)) + }) + t.Run("Limited", func(t *testing.T) { + assert.EqualValues(t, perm.AccessModeRead, limitedOrg.UnitPermission(db.DefaultContext, user, unit.TypeCode)) + }) + t.Run("Private", func(t *testing.T) { + assert.EqualValues(t, perm.AccessModeNone, privateOrg.UnitPermission(db.DefaultContext, user, unit.TypeCode)) + }) + }) +} |