Give organisation members access to organisation feeds (#33508)

Currently the organisation feed only includes items for public repositories (for non-administrators). This pull requests adds notifications from private repositories to the organisation-feed (for accounts that have access to the organisation). Feed-items only get shown for repositories where the users team(s) should have access to, this filtering seems to get done by some existing code. Needs some tests, but am unsure where/how to add them. Before: ![image](https://github.com/user-attachments/assets/8b63f430-227a-4b19-ad1a-f6f5175de301) After: ![image](https://github.com/user-attachments/assets/b439ce0e-4946-421c-a399-421806c7a6d8) --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-07-22 18:28:37 +00:00 · 2025-03-15 18:49:06 +01:00
parent 3e2e7bf4e5
commit 30b13942f0
6 changed files with 110 additions and 50 deletions
--- a/routers/web/feed/profile.go
+++ b/routers/web/feed/profile.go
@@ -7,6 +7,7 @@ import (
 	"time"

 	activities_model "code.gitea.io/gitea/models/activities"
+	"code.gitea.io/gitea/models/organization"
 	"code.gitea.io/gitea/models/renderhelper"
 	"code.gitea.io/gitea/modules/markup/markdown"
 	"code.gitea.io/gitea/services/context"
@@ -28,12 +29,23 @@ func ShowUserFeedAtom(ctx *context.Context) {
 // showUserFeed show user activity as RSS / Atom feed
 func showUserFeed(ctx *context.Context, formatType string) {
 	includePrivate := ctx.IsSigned && (ctx.Doer.IsAdmin || ctx.Doer.ID == ctx.ContextUser.ID)
+	isOrganisation := ctx.ContextUser.IsOrganization()
+	if ctx.IsSigned && isOrganisation && !includePrivate {
+		// When feed is requested by a member of the organization,
+		// include the private repo's the member has access to.
+		isOrgMember, err := organization.IsOrganizationMember(ctx, ctx.ContextUser.ID, ctx.Doer.ID)
+		if err != nil {
+			ctx.ServerError("IsOrganizationMember", err)
+			return
+		}
+		includePrivate = isOrgMember
+	}

 	actions, _, err := feed_service.GetFeeds(ctx, activities_model.GetFeedsOptions{
 		RequestedUser:   ctx.ContextUser,
 		Actor:           ctx.Doer,
 		IncludePrivate:  includePrivate,
-		OnlyPerformedBy: !ctx.ContextUser.IsOrganization(),
+		OnlyPerformedBy: !isOrganisation,
 		IncludeDeleted:  false,
 		Date:            ctx.FormString("date"),
 	})
--- a/routers/web/feed/profile_test.go
+++ b/routers/web/feed/profile_test.go
@@ -0,0 +1,38 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+package feed_test
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/routers/web/feed"
+	"code.gitea.io/gitea/services/contexttest"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestMain(m *testing.M) {
+	unittest.MainTest(m)
+}
+
+func TestCheckGetOrgFeedsAsOrgMember(t *testing.T) {
+	unittest.PrepareTestEnv(t)
+	t.Run("OrgMember", func(t *testing.T) {
+		ctx, resp := contexttest.MockContext(t, "org3.atom")
+		ctx.ContextUser = unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3})
+		contexttest.LoadUser(t, ctx, 2)
+		ctx.IsSigned = true
+		feed.ShowUserFeedAtom(ctx)
+		assert.Contains(t, resp.Body.String(), "<entry>") // Should contain 1 private entry
+	})
+	t.Run("NonOrgMember", func(t *testing.T) {
+		ctx, resp := contexttest.MockContext(t, "org3.atom")
+		ctx.ContextUser = unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3})
+		contexttest.LoadUser(t, ctx, 5)
+		ctx.IsSigned = true
+		feed.ShowUserFeedAtom(ctx)
+		assert.NotContains(t, resp.Body.String(), "<entry>") // Should not contain any entries
+	})
+}