From f80caa5a8caefbddad78d64cc199ebd497ab8a39 Mon Sep 17 00:00:00 2001
From: Zsombor <gzsombor@users.noreply.github.com>
Date: Tue, 5 Mar 2019 21:15:24 +0100
Subject: [PATCH] Fix #6234 : Check organization visibility before everything
 else (#6235)

* Fix #6234 : Check organization visibility before everything else

* Ensure that Owner is available in the Repo
---
 modules/context/repo.go | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/modules/context/repo.go b/modules/context/repo.go
index 8f4377b041..8f2622fa82 100644
--- a/modules/context/repo.go
+++ b/modules/context/repo.go
@@ -212,6 +212,17 @@ func RedirectToRepo(ctx *Context, redirectRepoID int64) {
 
 func repoAssignment(ctx *Context, repo *models.Repository) {
 	var err error
+	if err = repo.GetOwner(); err != nil {
+		ctx.ServerError("GetOwner", err)
+		return
+	}
+
+	if repo.Owner.IsOrganization() {
+		if !models.HasOrgVisible(repo.Owner, ctx.User) {
+			ctx.NotFound("HasOrgVisible", nil)
+			return
+		}
+	}
 	ctx.Repo.Permission, err = models.GetUserRepoPermission(repo, ctx.User)
 	if err != nil {
 		ctx.ServerError("GetUserRepoPermission", err)