diff options
author | zeripath | 2020-10-10 20:48:20 +0100 |
---|---|---|
committer | GitHub | 2020-10-10 22:48:20 +0300 |
commit | a0a77c9401c6ba89e9b24b609d455a7ab7303136 (patch) | |
tree | fa0e83d0a71514d179ea72dfe6433d36eb977fdd | |
parent | 40a7660038084dfeb101fb691e7dc1c2c661d24a (diff) |
Fix deadlock when deleting team user (#13093)
Backport #13092
`models.getUserRepoPermission(...)` calls `HasOrgVisible` which
uses `models.x` potentially outside of the transaction `e` provided
as an argument to `getUserRepoPermission`.
This PR switches to use `hasOrgVisible(e, ...)`.
Fix #12983
Signed-off-by: Andrew Thornton <art27@cantab.net>
-rw-r--r-- | models/repo_permission.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/models/repo_permission.go b/models/repo_permission.go index 2061f9770..7768bb625 100644 --- a/models/repo_permission.go +++ b/models/repo_permission.go @@ -178,7 +178,7 @@ func getUserRepoPermission(e Engine, repo *Repository, user *User) (perm Permiss // Prevent strangers from checking out public repo of private orginization // Allow user if they are collaborator of a repo within a private orginization but not a member of the orginization itself - if repo.Owner.IsOrganization() && !HasOrgVisible(repo.Owner, user) && !isCollaborator { + if repo.Owner.IsOrganization() && !hasOrgVisible(e, repo.Owner, user) && !isCollaborator { perm.AccessMode = AccessModeNone return } |