diff --git a/routers/repo/attachment.go b/routers/repo/attachment.go
index ed9f7c47e..fea7a3384 100755
--- a/routers/repo/attachment.go
+++ b/routers/repo/attachment.go
@@ -152,6 +152,7 @@ func DownloadUserIsOrgOrCollaboration(ctx *context.Context, attach *models.Attac
 		} else {
 			repo.GetOwner()
 			if ctx.User != nil {
+
 				if repo.Owner.IsOrganization() {
 					if repo.Owner.IsUserPartOfOrg(ctx.User.ID) {
 						log.Info("org user may visit the attach.")
@@ -177,6 +178,7 @@ func GetAttachment(ctx *context.Context) {
 		ctx.ServerError("checkTypeCloudBrain failed", err)
 		return
 	}
+
 	attach, err := models.GetAttachmentByUUID(ctx.Params(":uuid"))
 	if err != nil {
 		if models.IsErrAttachmentNotExist(err) {
@@ -186,22 +188,35 @@ func GetAttachment(ctx *context.Context) {
 		}
 		return
 	}
+
 	repository, unitType, err := attach.LinkedRepository()
 	if err != nil {
 		ctx.ServerError("LinkedRepository", err)
 		return
 	}
+	dataSet, err := attach.LinkedDataSet()
+	if err != nil {
+		ctx.ServerError("LinkedDataSet", err)
+		return
+	}
+
+	if repository == nil && dataSet != nil {
+		repository, _ = models.GetRepositoryByID(dataSet.RepoID)
+		unitType = models.UnitTypeDatasets
+	}
+
 	if repository == nil { //If not linked
 		//if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && attach.IsPrivate { //We block if not the uploader
+		//log.Info("ctx.IsSigned =" + fmt.Sprintf("%v", ctx.IsSigned))
 		if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && attach.IsPrivate && !DownloadUserIsOrgOrCollaboration(ctx, attach) { //We block if not the uploader
 			ctx.Error(http.StatusNotFound)
 			return
 		}
 
 	} else { //If we have the repository we check access
-		perm, err := models.GetUserRepoPermission(repository, ctx.User)
-		if err != nil {
-			ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err.Error())
+		perm, errPermission := models.GetUserRepoPermission(repository, ctx.User)
+		if errPermission != nil {
+			ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", errPermission.Error())
 			return
 		}
 		if !perm.CanRead(unitType) {
@@ -209,11 +224,6 @@ func GetAttachment(ctx *context.Context) {
 			return
 		}
 	}
-	dataSet, err := attach.LinkedDataSet()
-	if err != nil {
-		ctx.ServerError("LinkedDataSet", err)
-		return
-	}
 
 	if dataSet != nil {
 		isPermit, err := models.GetUserDataSetPermission(dataSet, ctx.User)