diff --git a/routers/repo/attachment.go b/routers/repo/attachment.go
index 6fa89420d..ed9f7c47e 100755
--- a/routers/repo/attachment.go
+++ b/routers/repo/attachment.go
@@ -177,7 +177,6 @@ func GetAttachment(ctx *context.Context) {
 		ctx.ServerError("checkTypeCloudBrain failed", err)
 		return
 	}
-
 	attach, err := models.GetAttachmentByUUID(ctx.Params(":uuid"))
 	if err != nil {
 		if models.IsErrAttachmentNotExist(err) {
@@ -187,22 +186,19 @@ func GetAttachment(ctx *context.Context) {
 		}
 		return
 	}
-
 	repository, unitType, err := attach.LinkedRepository()
 	if err != nil {
 		ctx.ServerError("LinkedRepository", err)
 		return
 	}
-
 	if repository == nil { //If not linked
 		//if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && attach.IsPrivate { //We block if not the uploader
-		if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && !DownloadUserIsOrgOrCollaboration(ctx, attach) { //We block if not the uploader
+		if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && attach.IsPrivate && !DownloadUserIsOrgOrCollaboration(ctx, attach) { //We block if not the uploader
 			ctx.Error(http.StatusNotFound)
 			return
 		}
 
 	} else { //If we have the repository we check access
-
 		perm, err := models.GetUserRepoPermission(repository, ctx.User)
 		if err != nil {
 			ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err.Error())
@@ -213,7 +209,6 @@ func GetAttachment(ctx *context.Context) {
 			return
 		}
 	}
-
 	dataSet, err := attach.LinkedDataSet()
 	if err != nil {
 		ctx.ServerError("LinkedDataSet", err)