Skip AllowedUserVisibilityModes validation on update user if it is an organisation (#16988)
if AllowedUserVisibilityModes allow only public & limited, and orgs can be private, a user can create a repo to that organisation whitch will result in an update of the user. On this call the user is validaten and will be rejected since private is not allowed, but its not an user its an valid org ... Co-authored-by: Alexey 〒erentyev <axifnx@gmail.com>
This commit is contained in:
parent
ddc709ff7f
commit
8e18b412c3
@ -1060,9 +1060,9 @@ func checkDupEmail(e Engine, u *User) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// validateUser check if user is valide to insert / update into database
|
||||
// validateUser check if user is valid to insert / update into database
|
||||
func validateUser(u *User) error {
|
||||
if !setting.Service.AllowedUserVisibilityModesSlice.IsAllowedVisibility(u.Visibility) {
|
||||
if !setting.Service.AllowedUserVisibilityModesSlice.IsAllowedVisibility(u.Visibility) && !u.IsOrganization() {
|
||||
return fmt.Errorf("visibility Mode not allowed: %s", u.Visibility.String())
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user