Allow access to the Public Organization Member lists with minimal permissions (#20330)
Examining Organization membership should not necessarily require sign-in if the organization is public and the members are public. Therefore we should adjust `/org/{org}/members` to not require login. Fix #7501 Signed-off-by: a1012112796 <1012112796@qq.com> Co-authored-by: zeripath <art27@cantab.net>
This commit is contained in:
parent
7d20c8323a
commit
4f267ef643
4 changed files with 24 additions and 11 deletions
|
@ -12,6 +12,7 @@ import (
|
|||
"code.gitea.io/gitea/models/perm"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
"code.gitea.io/gitea/modules/structs"
|
||||
)
|
||||
|
||||
// Organization contains organization context
|
||||
|
@ -69,6 +70,20 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
|
|||
return
|
||||
}
|
||||
org := ctx.Org.Organization
|
||||
|
||||
// Handle Visibility
|
||||
if org.Visibility != structs.VisibleTypePublic && !ctx.IsSigned {
|
||||
// We must be signed in to see limited or private organizations
|
||||
ctx.NotFound("OrgAssignment", err)
|
||||
return
|
||||
}
|
||||
|
||||
if org.Visibility == structs.VisibleTypePrivate {
|
||||
requireMember = true
|
||||
} else if ctx.IsSigned && ctx.Doer.IsRestricted {
|
||||
requireMember = true
|
||||
}
|
||||
|
||||
ctx.ContextUser = org.AsUser()
|
||||
ctx.Data["Org"] = org
|
||||
|
||||
|
|
|
@ -39,11 +39,6 @@ func Home(ctx *context.Context) {
|
|||
|
||||
org := ctx.Org.Organization
|
||||
|
||||
if !organization.HasOrgOrUserVisible(ctx, org.AsUser(), ctx.Doer) {
|
||||
ctx.NotFound("HasOrgOrUserVisible", nil)
|
||||
return
|
||||
}
|
||||
|
||||
ctx.Data["PageIsUserProfile"] = true
|
||||
ctx.Data["Title"] = org.DisplayName()
|
||||
if len(org.Description) != 0 {
|
||||
|
|
|
@ -610,6 +610,12 @@ func RegisterRoutes(m *web.Route) {
|
|||
}
|
||||
|
||||
// ***** START: Organization *****
|
||||
m.Group("/org", func() {
|
||||
m.Group("/{org}", func() {
|
||||
m.Get("/members", org.Members)
|
||||
}, context.OrgAssignment())
|
||||
}, ignSignIn)
|
||||
|
||||
m.Group("/org", func() {
|
||||
m.Group("", func() {
|
||||
m.Get("/create", org.Create)
|
||||
|
@ -625,7 +631,6 @@ func RegisterRoutes(m *web.Route) {
|
|||
m.Get("/pulls/{team}", user.Pulls)
|
||||
m.Get("/milestones", reqMilestonesDashboardPageEnabled, user.Milestones)
|
||||
m.Get("/milestones/{team}", reqMilestonesDashboardPageEnabled, user.Milestones)
|
||||
m.Get("/members", org.Members)
|
||||
m.Post("/members/action/{action}", org.MembersAction)
|
||||
m.Get("/teams", org.Teams)
|
||||
}, context.OrgAssignment(true, false, true))
|
||||
|
|
|
@ -41,11 +41,9 @@
|
|||
{{end}}
|
||||
<h4 class="ui top attached header df">
|
||||
<strong class="f1">{{.locale.Tr "org.people"}}</strong>
|
||||
{{if .IsOrganizationMember}}
|
||||
<div class="ui">
|
||||
<a class="text grey dif ac" href="{{.OrgLink}}/members"><span>{{.Org.NumMembers}}</span> {{svg "octicon-chevron-right"}}</a>
|
||||
<a class="text grey dif ac" href="{{.OrgLink}}/members"><span>{{.MembersTotal}}</span> {{svg "octicon-chevron-right"}}</a>
|
||||
</div>
|
||||
{{end}}
|
||||
</h4>
|
||||
<div class="ui attached segment members">
|
||||
{{$isMember := .IsOrganizationMember}}
|
||||
|
|
Loading…
Reference in a new issue