Skip to content

Commit

Permalink
HotFix: Hide private partisipation in Orgs (#13994) (#14031)
Browse files Browse the repository at this point in the history
* HotFix: Hide private partisipation in Orgs

Co-authored-by: zeripath <art27@cantab.net>
  • Loading branch information
6543 and zeripath authored Dec 17, 2020
1 parent b8a2cd9 commit df11075
Show file tree
Hide file tree
Showing 3 changed files with 40 additions and 11 deletions.
1 change: 1 addition & 0 deletions models/user.go
Original file line number Diff line number Diff line change
Expand Up @@ -551,6 +551,7 @@ func (u *User) GetOwnedOrganizations() (err error) {
}

// GetOrganizations returns paginated organizations that user belongs to.
// TODO: does not respect All and show orgs you privately participate
func (u *User) GetOrganizations(opts *SearchOrganizationsOptions) error {
sess := x.NewSession()
defer sess.Close()
Expand Down
31 changes: 20 additions & 11 deletions routers/api/v1/org/org.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,28 @@ import (
"code.gitea.io/gitea/routers/api/v1/utils"
)

func listUserOrgs(ctx *context.APIContext, u *models.User, all bool) {
if err := u.GetOrganizations(&models.SearchOrganizationsOptions{
ListOptions: utils.GetListOptions(ctx),
All: all,
}); err != nil {
ctx.Error(http.StatusInternalServerError, "GetOrganizations", err)
func listUserOrgs(ctx *context.APIContext, u *models.User) {

listOptions := utils.GetListOptions(ctx)
showPrivate := ctx.IsSigned && (ctx.User.IsAdmin || ctx.User.ID == u.ID)

orgs, err := models.GetOrgsByUserID(u.ID, showPrivate)
if err != nil {
ctx.Error(http.StatusInternalServerError, "GetOrgsByUserID", err)
return
}
maxResults := len(orgs)

orgs = utils.PaginateUserSlice(orgs, listOptions.Page, listOptions.PageSize)

apiOrgs := make([]*api.Organization, len(u.Orgs))
for i := range u.Orgs {
apiOrgs[i] = convert.ToOrganization(u.Orgs[i])
apiOrgs := make([]*api.Organization, len(orgs))
for i := range orgs {
apiOrgs[i] = convert.ToOrganization(orgs[i])
}

ctx.SetLinkHeader(int(maxResults), listOptions.PageSize)
ctx.Header().Set("X-Total-Count", fmt.Sprintf("%d", maxResults))
ctx.Header().Set("Access-Control-Expose-Headers", "X-Total-Count, Link")
ctx.JSON(http.StatusOK, &apiOrgs)
}

Expand All @@ -53,7 +62,7 @@ func ListMyOrgs(ctx *context.APIContext) {
// "200":
// "$ref": "#/responses/OrganizationList"

listUserOrgs(ctx, ctx.User, true)
listUserOrgs(ctx, ctx.User)
}

// ListUserOrgs list user's orgs
Expand Down Expand Up @@ -85,7 +94,7 @@ func ListUserOrgs(ctx *context.APIContext) {
if ctx.Written() {
return
}
listUserOrgs(ctx, u, ctx.User != nil && (ctx.User.IsAdmin || ctx.User.ID == u.ID))
listUserOrgs(ctx, u)
}

// GetAll return list of all public organizations
Expand Down
19 changes: 19 additions & 0 deletions routers/api/v1/utils/utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -66,3 +66,22 @@ func GetListOptions(ctx *context.APIContext) models.ListOptions {
PageSize: convert.ToCorrectPageSize(ctx.QueryInt("limit")),
}
}

// PaginateUserSlice cut a slice of Users as per pagination options
// TODO: make it generic
func PaginateUserSlice(items []*models.User, page, pageSize int) []*models.User {
if page != 0 {
page--
}

if page*pageSize >= len(items) {
return items[len(items):]
}

items = items[page*pageSize:]

if len(items) > pageSize {
return items[:pageSize]
}
return items
}

0 comments on commit df11075

Please sign in to comment.