summaryrefslogtreecommitdiffstats
path: root/routers/web/user
diff options
context:
space:
mode:
authorGusted <williamzijl7@hotmail.com>2022-03-23 23:57:09 +0100
committerGitHub <noreply@github.com>2022-03-23 23:57:09 +0100
commita5f289407149e0c75973b7efc8e8cfd239e6dd9d (patch)
tree06e9aeebcd55eb7e33b1cc614f761920aa3d1c64 /routers/web/user
parentUpdate issue_no_dependencies description (#19112) (diff)
downloadforgejo-a5f289407149e0c75973b7efc8e8cfd239e6dd9d.tar.xz
forgejo-a5f289407149e0c75973b7efc8e8cfd239e6dd9d.zip
Fix showing issues in your repositories (#18916)
- Make a restriction on which issues can be shown based on if you the user or team has write permission to the repository. - Fixes a issue whereby you wouldn't see any associated issues with a specific team on a organization if you wasn't a member(fixed by zeroing the User{ID} in the options). - Resolves #18913
Diffstat (limited to 'routers/web/user')
-rw-r--r--routers/web/user/home.go51
1 files changed, 47 insertions, 4 deletions
diff --git a/routers/web/user/home.go b/routers/web/user/home.go
index 0878e8d528..d3810f887d 100644
--- a/routers/web/user/home.go
+++ b/routers/web/user/home.go
@@ -362,7 +362,7 @@ func buildIssueOverview(ctx *context.Context, unitType unit.Type) {
var (
viewType string
sortType = ctx.FormString("sort")
- filterMode = models.FilterModeAll
+ filterMode int
)
// --------------------------------------------------------------------------------
@@ -388,8 +388,10 @@ func buildIssueOverview(ctx *context.Context, unitType unit.Type) {
filterMode = models.FilterModeMention
case "review_requested":
filterMode = models.FilterModeReviewRequested
- case "your_repositories": // filterMode already set to All
+ case "your_repositories":
+ fallthrough
default:
+ filterMode = models.FilterModeYourRepositories
viewType = "your_repositories"
}
@@ -419,6 +421,30 @@ func buildIssueOverview(ctx *context.Context, unitType unit.Type) {
User: ctx.Doer,
}
+ // Search all repositories which
+ //
+ // As user:
+ // - Owns the repository.
+ // - Have collaborator permissions in repository.
+ //
+ // As org:
+ // - Owns the repository.
+ //
+ // As team:
+ // - Team org's owns the repository.
+ // - Team has read permission to repository.
+ repoOpts := &models.SearchRepoOptions{
+ Actor: ctx.Doer,
+ OwnerID: ctx.Doer.ID,
+ Private: true,
+ AllPublic: false,
+ AllLimited: false,
+ }
+
+ if ctxUser.IsOrganization() && ctx.Org.Team != nil {
+ repoOpts.TeamID = ctx.Org.Team.ID
+ }
+
switch filterMode {
case models.FilterModeAll:
case models.FilterModeAssign:
@@ -429,6 +455,19 @@ func buildIssueOverview(ctx *context.Context, unitType unit.Type) {
opts.MentionedID = ctx.Doer.ID
case models.FilterModeReviewRequested:
opts.ReviewRequestedID = ctx.Doer.ID
+ case models.FilterModeYourRepositories:
+ if ctxUser.IsOrganization() && ctx.Org.Team != nil {
+ // Fixes a issue whereby the user's ID would be used
+ // to check if it's in the team(which possible isn't the case).
+ opts.User = nil
+ }
+ userRepoIDs, _, err := models.SearchRepositoryIDs(repoOpts)
+ if err != nil {
+ ctx.ServerError("models.SearchRepositoryIDs: %v", err)
+ return
+ }
+
+ opts.RepoIDs = userRepoIDs
}
// keyword holds the search term entered into the search field.
@@ -560,8 +599,12 @@ func buildIssueOverview(ctx *context.Context, unitType unit.Type) {
Org: org,
Team: team,
}
- if len(repoIDs) > 0 {
- statsOpts.RepoIDs = repoIDs
+ if filterMode == models.FilterModeYourRepositories {
+ statsOpts.RepoCond = models.SearchRepositoryCondition(repoOpts)
+ }
+ // Detect when we only should search by team.
+ if opts.User == nil {
+ statsOpts.UserID = 0
}
issueStats, err = models.GetUserIssueStats(statsOpts)
if err != nil {