realaravinth/forgejo-federation
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity

Fix panic when view profile without signin

Browse source 
Also fix that no matter who, still able to see organizations with private membership.
This commit is contained in:
Unknwon 2016-02-19 18:10:03 -05:00
parent f38d5e57dd
commit aa12135b97
2 changed files with 10 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
models/org.go
View file

@ -254,27 +254,25 @@ func IsPublicMembership(orgId, uid int64) bool {
return has return has
} }
func getOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) { func getOrgsByUserID(sess *xorm.Session, userID int64, showAll bool) ([]*User, error) {
orgs := make([]*User, 0, 10) orgs := make([]*User, 0, 10)
return orgs, sess.Where("`org_user`.uid=?", userID). if !showAll {
sess.And("`org_user`.is_public=?", true)
}
return orgs, sess.And("`org_user`.uid=?", userID).
Join("INNER", "`org_user`", "`org_user`.org_id=`user`.id").Find(&orgs) Join("INNER", "`org_user`", "`org_user`.org_id=`user`.id").Find(&orgs)
} }
// GetOrgsByUserID returns a list of organizations that the given user ID // GetOrgsByUserID returns a list of organizations that the given user ID
// has joined. // has joined.
func GetOrgsByUserID(userID int64) ([]*User, error) { func GetOrgsByUserID(userID int64, showAll bool) ([]*User, error) {
sess := x.NewSession() return getOrgsByUserID(x.NewSession(), userID, showAll)
return getOrgsByUserID(sess, userID)
} }
// GetOrgsByUserIDDesc returns a list of organizations that the given user ID // GetOrgsByUserIDDesc returns a list of organizations that the given user ID
// has joined, ordered descending by the given condition. // has joined, ordered descending by the given condition.
func GetOrgsByUserIDDesc(userID int64, desc string, all bool) ([]*User, error) { func GetOrgsByUserIDDesc(userID int64, desc string, showAll bool) ([]*User, error) {
sess := x.NewSession() return getOrgsByUserID(x.NewSession().Desc(desc), userID, showAll)
if !all {
sess.And("`org_user`.is_public=?", true)
}
return getOrgsByUserID(sess.Desc(desc), userID)
} }
func getOwnedOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) { func getOwnedOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) {

2
routers/user/profile.go
View file

@ -75,7 +75,7 @@ func Profile(ctx *middleware.Context) {
ctx.Data["PageIsUserProfile"] = true ctx.Data["PageIsUserProfile"] = true
ctx.Data["Owner"] = u ctx.Data["Owner"] = u
orgs, err := models.GetOrgsByUserIDDesc(u.Id, "updated", ctx.User.IsAdmin || ctx.User.Id == u.Id) orgs, err := models.GetOrgsByUserID(u.Id, ctx.IsSigned && (ctx.User.IsAdmin || ctx.User.Id == u.Id))
if err != nil { if err != nil {
ctx.Handle(500, "GetOrgsByUserIDDesc", err) ctx.Handle(500, "GetOrgsByUserIDDesc", err)
return return