From 296695cb877b4d3f70a8e5d2954748e8de6716c2 Mon Sep 17 00:00:00 2001
From: yackob03 <jacob.moshenko@gmail.com>
Date: Tue, 5 Nov 2013 14:55:05 -0500
Subject: [PATCH] Fix the call that determines if an organization has enough
 private repositories.

---
 data/model.py    |  2 +-
 endpoints/api.py | 38 +++++++++++++++++---------------------
 2 files changed, 18 insertions(+), 22 deletions(-)

diff --git a/data/model.py b/data/model.py
index 5d3b4d692..864ce1e2a 100644
--- a/data/model.py
+++ b/data/model.py
@@ -269,7 +269,7 @@ def get_user_organizations(username):
 
 def get_organization(name):
   try:
-    return User.get(username = name, organization = True)
+    return User.get(username=name, organization=True)
   except User.DoesNotExist:
     raise InvalidOrganizationException('Organization does not exist: %s' %
                                        name)
diff --git a/endpoints/api.py b/endpoints/api.py
index b0b400f59..ae4ed9960 100644
--- a/endpoints/api.py
+++ b/endpoints/api.py
@@ -285,30 +285,26 @@ def get_organization(orgname):
 
 
 @app.route('/api/organization/<orgname>/private', methods=['GET'])
-def get_organization_private_allowed(orgname):  
-  if current_user.is_anonymous():
-    abort(404)
+def get_organization_private_allowed(orgname):
+  permission = CreateRepositoryPermission(orgname)
+  if permission.can():
+    organization = model.get_organization(orgname)
 
-  user = current_user.db_user()
+    private_repos = model.get_private_repo_count(organization.username)
+    if organization.stripe_id:
+      cus = stripe.Customer.retrieve(organization.stripe_id)
 
-  try:
-    organization = model.get_organization(orgname, username = user.username)
-  except:
-    abort(404)
+      if cus.subscription:
+        repos_allowed = get_plan(cus.subscription.plan.id)
+        return jsonify({
+          'privateAllowed': (private_repos < repos_allowed)
+        })
+      
+    return jsonify({
+      'privateAllowed': False
+    })
 
-  private_repos = model.get_private_repo_count(organization.username)
-  if organization.stripe_id:
-    cus = stripe.Customer.retrieve(organization.stripe_id)
-
-    if cus.subscription:
-      repos_allowed = get_plan(cus.subscription.plan.id)
-      return jsonify({
-        'privateAllowed': (private_repos < repos_allowed)
-      })
-    
-  return jsonify({
-    'privateAllowed': False
-  })
+  abort(403)
 
 
 def member_view(m):