Merge pull request #2567 from fnkr/hide-other-teams-activity-from-dashboard

Only show activities and repositories on the dashboard, that the user has access to

models/action.go

@@ -593,12 +593,29 @@ func MergePullRequestAction(actUser *User, repo *Repository, pull *Issue) error
 }
 
 // GetFeeds returns action list of given user in given context.
-func GetFeeds(uid, offset int64, isProfile bool) ([]*Action, error) {
+// ctxUserID is the user who's requesting, userID is the user/org that is requested.
+// ctxUserID can be -1, if isProfile is true or in order to skip the permission check.
+func GetFeeds(ctxUserID, userID, offset int64, isProfile bool) ([]*Action, error) {
 	actions := make([]*Action, 0, 20)
-	sess := x.Limit(20, int(offset)).Desc("id").Where("user_id=?", uid)
+	sess := x.Limit(20, int(offset)).Desc("id").Where("user_id=?", userID)
 	if isProfile {
-		sess.And("is_private=?", false).And("act_user_id=?", uid)
+		sess.And("is_private=?", false).And("act_user_id=?", userID)
+	} else if ctxUserID != -1 {
+		ctxUser := &User{Id: userID}
+		if err := ctxUser.GetUserRepositories(ctxUserID); err != nil {
+			return nil, err
+		}
+
+		var repoIDs []int64
+		for	_, repo := range ctxUser.Repos {
+			repoIDs = append(repoIDs, repo.ID)
+		}
+
+		if len(repoIDs) > 0 {
+			sess.In("repo_id", repoIDs)
+		}
 	}
+
 	err := sess.Find(&actions)
 	return actions, err
 }

routers/user/home.go

@@ -51,8 +51,8 @@ func getDashboardContextUser(ctx *middleware.Context) *models.User {
 	return ctxUser
 }
 
-func retrieveFeeds(ctx *middleware.Context, uid, offset int64, isProfile bool) {
-	actions, err := models.GetFeeds(uid, offset, isProfile)
+func retrieveFeeds(ctx *middleware.Context, ctxUserID, userID, offset int64, isProfile bool) {
+	actions, err := models.GetFeeds(ctxUserID, userID, offset, isProfile)
 	if err != nil {
 		ctx.Handle(500, "GetFeeds", err)
 		return
@@ -109,10 +109,20 @@ func Dashboard(ctx *middleware.Context) {
 		ctx.Data["CollaborativeRepos"] = collaborateRepos
 	}
 
-	repos, err := models.GetRepositories(ctxUser.Id, true)
-	if err != nil {
-		ctx.Handle(500, "GetRepositories", err)
-		return
+	var repos []*models.Repository
+	if ctxUser.IsOrganization() {
+		if err := ctxUser.GetUserRepositories(ctx.User.Id); err != nil {
+			ctx.Handle(500, "GetUserRepositories", err)
+			return
+		}
+		repos = ctxUser.Repos
+	} else {
+		var err error
+		repos, err = models.GetRepositories(ctxUser.Id, true)
+		if err != nil {
+			ctx.Handle(500, "GetRepositories", err)
+			return
+		}
 	}
 	ctx.Data["Repos"] = repos
 
@@ -120,7 +130,7 @@ func Dashboard(ctx *middleware.Context) {
 	mirrors := make([]*models.Repository, 0, 5)
 	for _, repo := range repos {
 		if repo.IsMirror {
-			if err = repo.GetMirror(); err != nil {
+			if err := repo.GetMirror(); err != nil {
 				ctx.Handle(500, "GetMirror: "+repo.Name, err)
 				return
 			}
@@ -130,7 +140,7 @@ func Dashboard(ctx *middleware.Context) {
 	ctx.Data["MirrorCount"] = len(mirrors)
 	ctx.Data["Mirrors"] = mirrors
 
-	retrieveFeeds(ctx, ctxUser.Id, 0, false)
+	retrieveFeeds(ctx, ctx.User.Id, ctxUser.Id, 0, false)
 	if ctx.Written() {
 		return
 	}

routers/user/profile.go

@@ -86,7 +86,7 @@ func Profile(ctx *middleware.Context) {
 	ctx.Data["TabName"] = tab
 	switch tab {
 	case "activity":
-		retrieveFeeds(ctx, u.Id, 0, true)
+		retrieveFeeds(ctx, -1, u.Id, 0, true)
 		if ctx.Written() {
 			return
 		}