Store read access in access for team repo's (#20275)

- Currently when a Team has read access to a organization's non-private repository, their access won't be stored in the database. This caused issue for code that rely on read access being stored. So from now-on if we see that the repository is owned by a organization don't increase the minMode to write permission. - Resolves #20083
2025-10-29 10:57:44 +09:00 · 2022-07-11 11:48:43 +00:00
parent cb6c5f8193
commit 8a7d1a3516
1 changed files with 7 additions and 1 deletions
--- a/models/perm/access/access.go
+++ b/models/perm/access/access.go
@@ -86,7 +86,13 @@ func updateUserAccess(accessMap map[int64]*userAccess, user *user_model.User, mo
 // FIXME: do cross-comparison so reduce deletions and additions to the minimum?
 func refreshAccesses(ctx context.Context, repo *repo_model.Repository, accessMap map[int64]*userAccess) (err error) {
 	minMode := perm.AccessModeRead
-	if !repo.IsPrivate {
+	if err := repo.GetOwner(ctx); err != nil {
+		return fmt.Errorf("GetOwner: %v", err)
+	}
+
+	// If the repo isn't private and isn't owned by a organization,
+	// increase the minMode to Write.
+	if !repo.IsPrivate && !repo.Owner.IsOrganization() {
 		minMode = perm.AccessModeWrite
 	}