From 580bbe75c1523aec466c29c17a8d61c8f3b6521c Mon Sep 17 00:00:00 2001 From: Zettat123 Date: Thu, 4 May 2023 18:35:29 +0800 Subject: [PATCH 1/3] improve find actions by act_user_id --- models/activities/action.go | 31 +++++++++++++++++++++++++------ 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/models/activities/action.go b/models/activities/action.go index f75ab559823d5..f9ca4d09bee48 100644 --- a/models/activities/action.go +++ b/models/activities/action.go @@ -494,12 +494,31 @@ func activityQueryCondition(opts GetFeedsOptions) (builder.Cond, error) { ).From("`user`"), )) } else if !opts.Actor.IsAdmin { - cond = cond.And(builder.In("act_user_id", - builder.Select("`user`.id").Where( - builder.Eq{"keep_activity_private": false}. - And(builder.In("visibility", structs.VisibleTypePublic, structs.VisibleTypeLimited))). - Or(builder.Eq{"id": opts.Actor.ID}).From("`user`"), - )) + uidCond := builder.Select("`user`.id").Where( + builder.Eq{"keep_activity_private": false}. + And(builder.In("visibility", structs.VisibleTypePublic, structs.VisibleTypeLimited))). + Or(builder.Eq{"id": opts.Actor.ID}) + + if opts.RequestedUser != nil { + if opts.RequestedUser.IsOrganization() { + // An organization can always see the activities whose `act_user_id` is the same as its id. + uidCond = uidCond.Or(builder.Eq{"id": opts.RequestedUser.ID}) + } else { + // A user can always see the activities of the organizations to which the user belongs. + uidCond = uidCond.Or( + builder.Eq{"type": user_model.UserTypeOrganization}. + And( + builder.In("`user`.id", builder.Select("org_id"). + Where(builder.Eq{"uid": opts.RequestedUser.ID}). + From("team_user"), + ), + ), + ) + } + } + uidCond.From("`user`") + + cond = cond.And(builder.In("act_user_id", uidCond)) } // check readable repositories by doer/actor From 25cdcccbf9126125e6e047416465ea45aff2b7c5 Mon Sep 17 00:00:00 2001 From: Zettat123 Date: Fri, 5 May 2023 09:51:36 +0800 Subject: [PATCH 2/3] improve query cond --- models/activities/action.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/models/activities/action.go b/models/activities/action.go index f9ca4d09bee48..c8f28f85d3ef8 100644 --- a/models/activities/action.go +++ b/models/activities/action.go @@ -494,7 +494,7 @@ func activityQueryCondition(opts GetFeedsOptions) (builder.Cond, error) { ).From("`user`"), )) } else if !opts.Actor.IsAdmin { - uidCond := builder.Select("`user`.id").Where( + uidCond := builder.Select("`user`.id").From("`user`").Where( builder.Eq{"keep_activity_private": false}. And(builder.In("visibility", structs.VisibleTypePublic, structs.VisibleTypeLimited))). Or(builder.Eq{"id": opts.Actor.ID}) @@ -516,7 +516,6 @@ func activityQueryCondition(opts GetFeedsOptions) (builder.Cond, error) { ) } } - uidCond.From("`user`") cond = cond.And(builder.In("act_user_id", uidCond)) } From 88006d792de42da57bfb4cc82a54b51d964d8e4c Mon Sep 17 00:00:00 2001 From: Zettat123 Date: Fri, 5 May 2023 10:16:25 +0800 Subject: [PATCH 3/3] format code --- models/activities/action.go | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/models/activities/action.go b/models/activities/action.go index c8f28f85d3ef8..33e476e34ddb9 100644 --- a/models/activities/action.go +++ b/models/activities/action.go @@ -507,12 +507,9 @@ func activityQueryCondition(opts GetFeedsOptions) (builder.Cond, error) { // A user can always see the activities of the organizations to which the user belongs. uidCond = uidCond.Or( builder.Eq{"type": user_model.UserTypeOrganization}. - And( - builder.In("`user`.id", builder.Select("org_id"). - Where(builder.Eq{"uid": opts.RequestedUser.ID}). - From("team_user"), - ), - ), + And(builder.In("`user`.id", builder.Select("org_id"). + Where(builder.Eq{"uid": opts.RequestedUser.ID}). + From("team_user"))), ) } }