From d27f06186306d3222c2601798fa221f2c474ae0c Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Wed, 8 Sep 2021 17:58:00 +0200
Subject: [PATCH] Skip AllowedUserVisibilityModes validation on update user if
 it is an organisation (#16988) (#16990)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

if AllowedUserVisibilityModes allow only public & limited, and orgs can be private, a user can create a repo to that organisation whitch will result in an update of the user. On this call the user is validaten and will be rejected since private is not allowed, but its not an user its an valid org ...

Co-authored-by: Alexey 〒erentyev <axifnx@gmail.com>

Co-authored-by: Alexey 〒erentyev <axifnx@gmail.com>
---
 models/user.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/models/user.go b/models/user.go
index f606da53d..7563f2ecb 100644
--- a/models/user.go
+++ b/models/user.go
@@ -1062,9 +1062,9 @@ func checkDupEmail(e Engine, u *User) error {
 	return nil
 }
 
-// validateUser check if user is valide to insert / update into database
+// validateUser check if user is valid to insert / update into database
 func validateUser(u *User) error {
-	if !setting.Service.AllowedUserVisibilityModesSlice.IsAllowedVisibility(u.Visibility) {
+	if !setting.Service.AllowedUserVisibilityModesSlice.IsAllowedVisibility(u.Visibility) && !u.IsOrganization() {
 		return fmt.Errorf("visibility Mode not allowed: %s", u.Visibility.String())
 	}