1
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-12-04 14:46:57 -05:00

Fix panic when view profile without signin

Also fix that no matter who, still able to see organizations with private membership.
This commit is contained in:
Unknwon 2016-02-19 18:10:03 -05:00
parent f38d5e57dd
commit aa12135b97
2 changed files with 10 additions and 12 deletions

View File

@ -254,27 +254,25 @@ func IsPublicMembership(orgId, uid int64) bool {
return has return has
} }
func getOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) { func getOrgsByUserID(sess *xorm.Session, userID int64, showAll bool) ([]*User, error) {
orgs := make([]*User, 0, 10) orgs := make([]*User, 0, 10)
return orgs, sess.Where("`org_user`.uid=?", userID). if !showAll {
sess.And("`org_user`.is_public=?", true)
}
return orgs, sess.And("`org_user`.uid=?", userID).
Join("INNER", "`org_user`", "`org_user`.org_id=`user`.id").Find(&orgs) Join("INNER", "`org_user`", "`org_user`.org_id=`user`.id").Find(&orgs)
} }
// GetOrgsByUserID returns a list of organizations that the given user ID // GetOrgsByUserID returns a list of organizations that the given user ID
// has joined. // has joined.
func GetOrgsByUserID(userID int64) ([]*User, error) { func GetOrgsByUserID(userID int64, showAll bool) ([]*User, error) {
sess := x.NewSession() return getOrgsByUserID(x.NewSession(), userID, showAll)
return getOrgsByUserID(sess, userID)
} }
// GetOrgsByUserIDDesc returns a list of organizations that the given user ID // GetOrgsByUserIDDesc returns a list of organizations that the given user ID
// has joined, ordered descending by the given condition. // has joined, ordered descending by the given condition.
func GetOrgsByUserIDDesc(userID int64, desc string, all bool) ([]*User, error) { func GetOrgsByUserIDDesc(userID int64, desc string, showAll bool) ([]*User, error) {
sess := x.NewSession() return getOrgsByUserID(x.NewSession().Desc(desc), userID, showAll)
if !all {
sess.And("`org_user`.is_public=?", true)
}
return getOrgsByUserID(sess.Desc(desc), userID)
} }
func getOwnedOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) { func getOwnedOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) {

View File

@ -75,7 +75,7 @@ func Profile(ctx *middleware.Context) {
ctx.Data["PageIsUserProfile"] = true ctx.Data["PageIsUserProfile"] = true
ctx.Data["Owner"] = u ctx.Data["Owner"] = u
orgs, err := models.GetOrgsByUserIDDesc(u.Id, "updated", ctx.User.IsAdmin || ctx.User.Id == u.Id) orgs, err := models.GetOrgsByUserID(u.Id, ctx.IsSigned && (ctx.User.IsAdmin || ctx.User.Id == u.Id))
if err != nil { if err != nil {
ctx.Handle(500, "GetOrgsByUserIDDesc", err) ctx.Handle(500, "GetOrgsByUserIDDesc", err)
return return