Remove 404 when an entity is not a member of a team, but is a robot under the org.
Fixes #1200
This commit is contained in:
Joseph Schorr
Joseph Schorr
parent
0bc1a06f4c
commit
da45bedcdb
1 changed files with 9 additions and 1 deletions
|
|
@ -18,6 +18,7 @@ from auth.auth_context import get_authenticated_user
|
|||
from auth import scopes
|
||||
from data import model
|
||||
from data.billing import get_plan
|
||||
from util.names import parse_robot_username
|
||||
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
|
@ -342,7 +343,14 @@ class OrganizationMember(ApiResource):
|
|||
# Lookup the user's information in the organization.
|
||||
teams = list(model.team.get_user_teams_within_org(membername, organization))
|
||||
if not teams:
|
||||
raise NotFound()
|
||||
# 404 if the user is not a robot under the organization, as that means the referenced
|
||||
# user or robot is not a member of this organization.
|
||||
if not member.robot:
|
||||
raise NotFound()
|
||||
|
||||
namespace, _ = parse_robot_username(member.username)
|
||||
if namespace != orgname:
|
||||
raise NotFound()
|
||||
|
||||
repo_permissions = model.permission.list_organization_member_permissions(organization, member)
|
||||
|
||||
|
|
|
|||
Reference in a new issue