Fix org permission API visibility checks for hidden members and private orgs (#36798)

- fix wrong parameter of HasOrgOrUserVisible in
routers/api/v1/org/org.go
- add integration tests covering the bug fix
- merge permissions API tests

---
Generated by a coding agent with Codex 5.2
This commit is contained in:
Lunny Xiao
2026-03-05 20:32:15 -08:00
committed by GitHub
parent c710ce34fb
commit 57b5ed3f25
2 changed files with 59 additions and 17 deletions
+1 -1
View File
@@ -135,7 +135,7 @@ func GetUserOrgsPermissions(ctx *context.APIContext) {
op := api.OrganizationPermissions{}
if !organization.HasOrgOrUserVisible(ctx, o, ctx.ContextUser) {
if !organization.HasOrgOrUserVisible(ctx, o, ctx.Doer) {
ctx.APIErrorNotFound("HasOrgOrUserVisible", nil)
return
}