use Actor to calculate rightrs

Author: 6543

models/org.go

@@ -427,20 +427,38 @@ func GetUserOrgsList(uid int64) ([]*MinimalOrg, error) {
 // FindOrgOptions finds orgs options
 type FindOrgOptions struct {
 	ListOptions
-	UserID         int64
-	IncludePrivate bool
+	Actor  *User
+	UserID int64
+}
+
+// queryOrgMembershipVisibleOrgIDs return query to only get org's of user who user is part of in public
+func queryOrgMembershipVisibleOrgIDs(actor *User) *builder.Builder {
+	if actor == nil {
+		return builder.Select("org_user.org_id").From("org_user").Where(builder.Eq{"org_user.is_public": true})
+	}
+	if actor.IsAdmin {
+		return builder.Select("org_user.org_id").From("org_user")
+	}
+	return builder.Select("org_user.org_id").From("org_user").Where(builder.Eq{"org_user.is_public": true}).Or(builder.Eq{"org_user.uid": actor.ID})
 }
 
 func (opts FindOrgOptions) toConds() builder.Cond {
 	var cond = builder.NewCond()
+	cond = cond.And(builder.In("`user`.`id`", queryOrgMembershipVisibleOrgIDs(opts.Actor)))
 	if opts.UserID > 0 {
-		// TODO: use queryUserOrgIDs()
 		cond = cond.And(builder.In("`user`.`id`",
 			builder.Select("org_user.org_id").
 				From("org_user").
 				Where(builder.Eq{"org_user.uid": opts.UserID})))
 	}
-	if !opts.IncludePrivate {
+	if opts.Actor != nil {
+		if !opts.Actor.IsAdmin {
+			cond = cond.And(builder.In("`user`.visibility", structs.VisibleTypePublic, structs.VisibleTypeLimited)).Or(builder.In("`user`.`id`",
+				builder.Select("org_user.org_id").
+					From("org_user").
+					Where(builder.Eq{"org_user.uid": opts.Actor.ID})))
+		}
+	} else {
 		cond = cond.And(builder.Eq{"`user`.visibility": structs.VisibleTypePublic})
 	}
 	return cond

models/org_test.go

@@ -325,24 +325,23 @@ func TestFindOrgs(t *testing.T) {
 	assert.NoError(t, PrepareTestDatabase())
 
 	orgs, err := FindOrgs(FindOrgOptions{
-		UserID:         4,
-		IncludePrivate: true,
+		UserID: 4,
+		Actor:  &User{ID: 4},
 	})
 	assert.NoError(t, err)
 	if assert.Len(t, orgs, 1) {
 		assert.EqualValues(t, 3, orgs[0].ID)
 	}
 
 	orgs, err = FindOrgs(FindOrgOptions{
-		UserID:         4,
-		IncludePrivate: false,
+		UserID: 4,
 	})
 	assert.NoError(t, err)
 	assert.EqualValues(t, 0, len(orgs))
 
 	total, err := CountOrgs(FindOrgOptions{
-		UserID:         4,
-		IncludePrivate: true,
+		UserID: 4,
+		Actor:  &User{ID: 4},
 	})
 	assert.NoError(t, err)
 	assert.EqualValues(t, 1, total)

routers/api/v1/org/org.go

@@ -20,12 +20,11 @@ import (
 
 func listUserOrgs(ctx *context.APIContext, u *models.User) {
 	listOptions := utils.GetListOptions(ctx)
-	showPrivate := ctx.IsSigned && (ctx.User.IsAdmin || ctx.User.ID == u.ID)
 
 	var opts = models.FindOrgOptions{
-		ListOptions:    listOptions,
-		UserID:         u.ID,
-		IncludePrivate: showPrivate,
+		Actor:       ctx.User,
+		ListOptions: listOptions,
+		UserID:      u.ID,
 	}
 	orgs, err := models.FindOrgs(opts)
 	if err != nil {

routers/web/user/profile.go

@@ -125,11 +125,9 @@ func Profile(ctx *context.Context) {
 		ctx.Data["RenderedDescription"] = content
 	}
 
-	showPrivate := ctx.IsSigned && (ctx.User.IsAdmin || ctx.User.ID == ctxUser.ID)
-
 	orgs, err := models.FindOrgs(models.FindOrgOptions{
-		UserID:         ctxUser.ID,
-		IncludePrivate: showPrivate,
+		Actor:  ctx.User,
+		UserID: ctxUser.ID,
 	})
 	if err != nil {
 		ctx.ServerError("FindOrgs", err)
@@ -211,6 +209,7 @@ func Profile(ctx *context.Context) {
 
 		total = ctxUser.NumFollowing
 	case "activity":
+		showPrivate := ctx.IsSigned && (ctx.User.IsAdmin || ctx.User.ID == ctxUser.ID)
 		retrieveFeeds(ctx, models.GetFeedsOptions{RequestedUser: ctxUser,
 			Actor:           ctx.User,
 			IncludePrivate:  showPrivate,

routers/web/user/setting/profile.go

@@ -214,8 +214,8 @@ func Organization(ctx *context.Context) {
 			PageSize: setting.UI.Admin.UserPagingNum,
 			Page:     ctx.QueryInt("page"),
 		},
-		UserID:         ctx.User.ID,
-		IncludePrivate: ctx.IsSigned,
+		Actor:  ctx.User,
+		UserID: ctx.User.ID,
 	}
 
 	if opts.Page <= 0 {