From 8e91135be3e0363684ee0851890806927c4b3045 Mon Sep 17 00:00:00 2001 From: qwerty287 Date: Tue, 23 Nov 2021 18:19:09 +0100 Subject: [PATCH 1/3] Allow forks to org if you can create repos --- models/org.go | 2 +- models/repo.go | 2 +- routers/web/repo/pull.go | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/models/org.go b/models/org.go index ea73d03d422e6..7cb2d6ab3789d 100644 --- a/models/org.go +++ b/models/org.go @@ -558,7 +558,7 @@ func getOwnedOrgsByUserID(sess db.Engine, userID int64) ([]*Organization, error) Join("INNER", "`team_user`", "`team_user`.org_id=`user`.id"). Join("INNER", "`team`", "`team`.id=`team_user`.team_id"). Where("`team_user`.uid=?", userID). - And("`team`.authorize=?", AccessModeOwner). + And("`team`.can_createOrgRepo=?", AccessModeOwner). Asc("`user`.name"). Find(&orgs) } diff --git a/models/repo.go b/models/repo.go index 860c5c4813d2f..f929c242190e6 100644 --- a/models/repo.go +++ b/models/repo.go @@ -768,7 +768,7 @@ func CanUserForkRepo(user *User, repo *Repository) (bool, error) { if repo.OwnerID != user.ID && !HasForkedRepo(user.ID, repo.ID) { return true, nil } - ownedOrgs, err := GetOwnedOrgsByUserID(user.ID) + ownedOrgs, err := GetOrgsCanCreateRepoByUserID(user.ID) if err != nil { return false, err } diff --git a/routers/web/repo/pull.go b/routers/web/repo/pull.go index 83e353833fc72..6c405d38f5661 100644 --- a/routers/web/repo/pull.go +++ b/routers/web/repo/pull.go @@ -112,9 +112,9 @@ func getForkRepository(ctx *context.Context) *models.Repository { ctx.Data["ForkRepo"] = forkRepo - ownedOrgs, err := models.GetOwnedOrgsByUserID(ctx.User.ID) + ownedOrgs, err := models.GetOrgsCanCreateRepoByUserID(ctx.User.ID) if err != nil { - ctx.ServerError("GetOwnedOrgsByUserID", err) + ctx.ServerError("GetOrgsCanCreateRepoByUserID", err) return nil } var orgs []*models.Organization @@ -217,9 +217,9 @@ func ForkPost(ctx *context.Context) { // Check ownership of organization. if ctxUser.IsOrganization() { - isOwner, err := models.OrgFromUser(ctxUser).IsOwnedBy(ctx.User.ID) + isOwner, err := models.OrgFromUser(ctxUser).CanCreateOrgRepo(ctx.User.ID) if err != nil { - ctx.ServerError("IsOwnedBy", err) + ctx.ServerError("CanCreateOrgRepo", err) return } else if !isOwner { ctx.Error(http.StatusForbidden) From 55994b42bf0410526dfd77144b174ac693f90b3d Mon Sep 17 00:00:00 2001 From: qwerty287 Date: Tue, 23 Nov 2021 18:20:34 +0100 Subject: [PATCH 2/3] Fix wrong change --- models/org.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/models/org.go b/models/org.go index 7cb2d6ab3789d..ea73d03d422e6 100644 --- a/models/org.go +++ b/models/org.go @@ -558,7 +558,7 @@ func getOwnedOrgsByUserID(sess db.Engine, userID int64) ([]*Organization, error) Join("INNER", "`team_user`", "`team_user`.org_id=`user`.id"). Join("INNER", "`team`", "`team`.id=`team_user`.team_id"). Where("`team_user`.uid=?", userID). - And("`team`.can_createOrgRepo=?", AccessModeOwner). + And("`team`.authorize=?", AccessModeOwner). Asc("`user`.name"). Find(&orgs) } From 23b53b9700670b76469331936512a20a05f7ad63 Mon Sep 17 00:00:00 2001 From: qwerty287 <80460567+qwerty287@users.noreply.github.com> Date: Wed, 24 Nov 2021 16:06:29 +0100 Subject: [PATCH 3/3] Apply suggestions from code review Co-authored-by: Gusted --- routers/web/repo/pull.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/routers/web/repo/pull.go b/routers/web/repo/pull.go index 6c405d38f5661..6c8fec692d5fb 100644 --- a/routers/web/repo/pull.go +++ b/routers/web/repo/pull.go @@ -215,13 +215,13 @@ func ForkPost(ctx *context.Context) { } } - // Check ownership of organization. + // Check if user is allowed to create repo's on the organization. if ctxUser.IsOrganization() { - isOwner, err := models.OrgFromUser(ctxUser).CanCreateOrgRepo(ctx.User.ID) + isAllowedToFork, err := models.OrgFromUser(ctxUser).CanCreateOrgRepo(ctx.User.ID) if err != nil { ctx.ServerError("CanCreateOrgRepo", err) return - } else if !isOwner { + } else if !isAllowedToFork { ctx.Error(http.StatusForbidden) return }