当数据集是公有时，且登录用户如果能看到，那么就可以下载。

Signed-off-by: zouap <zouap@pcl.ac.cn>
3 years ago · cafa013fa5
--- a/routers/repo/attachment.go
+++ b/routers/repo/attachment.go
@@ -177,7 +177,6 @@ func GetAttachment(ctx *context.Context) {
 		ctx.ServerError("checkTypeCloudBrain failed", err)
 		return
 	}

 	attach, err := models.GetAttachmentByUUID(ctx.Params(":uuid"))
 	if err != nil {
 		if models.IsErrAttachmentNotExist(err) {
@@ -187,22 +186,19 @@ func GetAttachment(ctx *context.Context) {
 		}
 		return
 	}

 	repository, unitType, err := attach.LinkedRepository()
 	if err != nil {
 		ctx.ServerError("LinkedRepository", err)
 		return
 	}

 	if repository == nil { //If not linked
 		//if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && attach.IsPrivate { //We block if not the uploader
 		if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && !DownloadUserIsOrgOrCollaboration(ctx, attach) { //We block if not the uploader
 		if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && attach.IsPrivate && !DownloadUserIsOrgOrCollaboration(ctx, attach) { //We block if not the uploader
 			ctx.Error(http.StatusNotFound)
 			return
 		}

 	} else { //If we have the repository we check access

 		perm, err := models.GetUserRepoPermission(repository, ctx.User)
 		if err != nil {
 			ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err.Error())
@@ -213,7 +209,6 @@ func GetAttachment(ctx *context.Context) {
 			return
 		}
 	}

 	dataSet, err := attach.LinkedDataSet()
 	if err != nil {
 		ctx.ServerError("LinkedDataSet", err)