Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[#1902] Don't show private datasets to group members
1. User Sean creates organization my-org 2. Sean adds private dataset my-dataset to my-org 3. Sean creates group my-group 4. Sean adds private dataset my-dataset to my-group 5. Sean adds user Fred to my-group 6. The group_show API will now show the private dataset my-dataset to Fred, even though Fred is not a member of my-org. For some reason the private dataset does not show on the group's page, but it does show in ther API. This commit removes it from the API. If backported this commit will also fix a problem present on 2.2 and 2.2.1 (but not master) that after following the steps above Fred will see the private dataset on the site front page. Arguably you should not be able to add private datasets to groups at all, but you could add a public dataset to a group and then make the dataset private and it would still belong to the group, so we do need to filter private datasets out of groups. Conflicts: ckan/lib/dictization/model_dictize.py
- Loading branch information