From 8a7d1a3516c4479dae6824d5b0b041ed7dd5eb41 Mon Sep 17 00:00:00 2001
From: Gusted <williamzijl7@hotmail.com>
Date: Mon, 11 Jul 2022 11:48:43 +0000
Subject: [PATCH] Store read access in access for team repo's (#20275)

- Currently when a Team has read access to a organization's non-private
repository, their access won't be stored in the database. This caused
issue for code that rely on read access being stored. So from now-on if
we see that the repository is owned by a organization don't increase the
minMode to write permission.
- Resolves #20083
---
 models/perm/access/access.go | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/models/perm/access/access.go b/models/perm/access/access.go
index 764751902597..0e5e4ff2bb5d 100644
--- a/models/perm/access/access.go
+++ b/models/perm/access/access.go
@@ -86,7 +86,13 @@ func updateUserAccess(accessMap map[int64]*userAccess, user *user_model.User, mo
 // FIXME: do cross-comparison so reduce deletions and additions to the minimum?
 func refreshAccesses(ctx context.Context, repo *repo_model.Repository, accessMap map[int64]*userAccess) (err error) {
 	minMode := perm.AccessModeRead
-	if !repo.IsPrivate {
+	if err := repo.GetOwner(ctx); err != nil {
+		return fmt.Errorf("GetOwner: %v", err)
+	}
+
+	// If the repo isn't private and isn't owned by a organization,
+	// increase the minMode to Write.
+	if !repo.IsPrivate && !repo.Owner.IsOrganization() {
 		minMode = perm.AccessModeWrite
 	}