feat(labrinth): hide orgs without a purpose, re-enable organization creation (#4426)

* chore(labrinth): set `DELPHI_URL` to a valid default in `.env.local` * feat(labrinth): make orgs not publicly visible until they meet some conditions * Revert "Org disabled frontend (#4424)" This reverts commit 2492b11ec0. * changelog: update for re-enabling organization creation * chore: run `sqlx prepare` * chore(labrinth): tweak tests to work with new org changes * tweak: apply @triphora's suggestion Co-authored-by: Emma Alexia <emma@modrinth.com> Signed-off-by: Alejandro González <7822554+AlexTMjugador@users.noreply.github.com> * tweak: document `is_visible_organization` relationship with `Project#is_searchable` --------- Signed-off-by: Alejandro González <7822554+AlexTMjugador@users.noreply.github.com> Co-authored-by: Emma Alexia <emma@modrinth.com>
2025-09-26 17:42:53 +02:00
parent 14af3d0763
commit bb9ce52c9d
10 changed files with 130 additions and 63 deletions
--- a/apps/labrinth/src/routes/v3/organizations.rs
+++ b/apps/labrinth/src/routes/v3/organizations.rs
@@ -2,6 +2,7 @@ use std::collections::HashMap;
 use std::sync::Arc;

 use super::ApiError;
+use crate::auth::checks::is_visible_organization;
 use crate::auth::{filter_visible_projects, get_user_from_headers};
 use crate::database::models::team_item::DBTeamMember;
 use crate::database::models::{
@@ -70,7 +71,10 @@ pub async fn organization_projects_get(
    .ok();

    let organization_data = DBOrganization::get(&id, &**pool, &redis).await?;
-    if let Some(organization) = organization_data {
+    if let Some(organization) = organization_data
+        && is_visible_organization(&organization, &current_user, &pool, &redis)
+            .await?
+    {
        let project_ids = sqlx::query!(
            "
            SELECT m.id FROM organizations o
@@ -232,7 +236,9 @@ pub async fn organization_get(
    let user_id = current_user.as_ref().map(|x| x.id.into());

    let organization_data = DBOrganization::get(&id, &**pool, &redis).await?;
-    if let Some(data) = organization_data {
+    if let Some(data) = organization_data
+        && is_visible_organization(&data, &current_user, &pool, &redis).await?
+    {
        let members_data =
            DBTeamMember::get_from_team_full(data.team_id, &**pool, &redis)
                .await?;
@@ -328,6 +334,11 @@ pub async fn organizations_get(
    }

    for data in organizations_data {
+        if !is_visible_organization(&data, &current_user, &pool, &redis).await?
+        {
+            continue;
+        }
+
        let members_data = team_groups.remove(&data.team_id).unwrap_or(vec![]);
        let logged_in = current_user
            .as_ref()
--- a/apps/labrinth/src/routes/v3/teams.rs
+++ b/apps/labrinth/src/routes/v3/teams.rs
@@ -1,4 +1,4 @@
-use crate::auth::checks::is_visible_project;
+use crate::auth::checks::{is_visible_organization, is_visible_project};
 use crate::auth::get_user_from_headers;
 use crate::database::DBProject;
 use crate::database::models::notification_item::NotificationBuilder;
@@ -134,18 +134,21 @@ pub async fn team_members_get_organization(
        crate::database::models::DBOrganization::get(&string, &**pool, &redis)
            .await?;

-    if let Some(organization) = organization_data {
-        let current_user = get_user_from_headers(
-            &req,
-            &**pool,
-            &redis,
-            &session_queue,
-            Scopes::ORGANIZATION_READ,
-        )
-        .await
-        .map(|x| x.1)
-        .ok();
+    let current_user = get_user_from_headers(
+        &req,
+        &**pool,
+        &redis,
+        &session_queue,
+        Scopes::ORGANIZATION_READ,
+    )
+    .await
+    .map(|x| x.1)
+    .ok();

+    if let Some(organization) = organization_data
+        && is_visible_organization(&organization, &current_user, &pool, &redis)
+            .await?
+    {
        let members_data = DBTeamMember::get_from_team_full(
            organization.team_id,
            &**pool,