Merge pull request '数据集显示增加协作者可以查看及下载' (#195) from zouanp into V20210731.patch

Reviewed-on: https://git.openi.org.cn/OpenI/aiforge/pulls/195
3 years ago · 5fc2134472
--- a/routers/repo/attachment.go
+++ b/routers/repo/attachment.go
@@ -141,7 +141,7 @@ func DeleteAttachment(ctx *context.Context) {
 	})
 }

 func DownloadUserIsOrg(ctx *context.Context, attach *models.Attachment) bool {
 func DownloadUserIsOrgOrCollaboration(ctx *context.Context, attach *models.Attachment) bool {
 	dataset, err := models.GetDatasetByID(attach.DatasetID)
 	if err != nil {
 		log.Info("query dataset error")
@@ -154,10 +154,15 @@ func DownloadUserIsOrg(ctx *context.Context, attach *models.Attachment) bool {
 			if repo.Owner.IsOrganization() {
 				//log.Info("ower is org.")
 				if repo.Owner.IsUserPartOfOrg(ctx.User.ID) {
 					log.Info("user may visit the attach.")
 					log.Info("org user may visit the attach.")
 					return true
 				}
 			}
 			isCollaborator, _ := repo.IsCollaborator(ctx.User.ID)
 			if isCollaborator {
 				log.Info("Collaborator user may visit the attach.")
 				return true
 			}
 		}
 	}
 	return false
@@ -190,7 +195,7 @@ func GetAttachment(ctx *context.Context) {

 	if repository == nil { //If not linked
 		//if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && attach.IsPrivate { //We block if not the uploader
 		if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && !DownloadUserIsOrg(ctx, attach) { //We block if not the uploader
 		if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && !DownloadUserIsOrgOrCollaboration(ctx, attach) { //We block if not the uploader
 			ctx.Error(http.StatusNotFound)
 			return
 		}
--- a/routers/repo/dataset.go
+++ b/routers/repo/dataset.go
@@ -28,19 +28,31 @@ func newFilterPrivateAttachments(ctx *context.Context, list []*models.Attachment
 		log.Info("can write.")
 		return list
 	} else {
 		if repo.Owner == nil {
 			repo.GetOwner()
 		}
 		permission := false
 		if repo.Owner.IsOrganization() {
 			if repo.Owner.IsUserPartOfOrg(ctx.User.ID) {
 				log.Info("user is member of org.")
 				permission = true
 			}
 		}
 		if !permission {
 			isCollaborator, _ := repo.IsCollaborator(ctx.User.ID)
 			if isCollaborator {
 				log.Info("Collaborator user may visit the attach.")
 				permission = true
 			}
 		}

 		var publicList []*models.Attachment
 		for _, attach := range list {
 			if !attach.IsPrivate {
 				publicList = append(publicList, attach)
 			} else {
 				if repo.Owner == nil {
 					repo.GetOwner()
 				}
 				if repo.Owner.IsOrganization() {
 					if repo.Owner.IsUserPartOfOrg(ctx.User.ID) {
 						log.Info("user is member of org.")
 						publicList = append(publicList, attach)
 					}
 				if permission {
 					publicList = append(publicList, attach)
 				}
 			}
 		}