forgeplus/app/controllers/api/v1/organizations/projects_controller.rb

class Api::V1::Organizations::ProjectsController < Api::V1::BaseController
    before_action :load_organization

    def index
        public_projects_sql = @organization.projects.where(is_public: true).to_sql
        private_projects_sql = @organization.projects
                                .where(is_public: false)
                                .joins(team_projects: {team: :team_users})
                                .where(team_users: {user_id: current_user.id}).to_sql
        @projects = Project.from("( #{ public_projects_sql} UNION #{ private_projects_sql } ) AS projects")
        # 表情处理
        keywords = params[:search].to_s.each_char.select { |c| c.bytes.first < 240 }.join('')
        @projects = @projects.where(is_public: params[:is_public]) if params[:is_public].present?
        @projects = @projects.where(id: params[:pm_project_repository_ids].split(',')) if params[:pm_project_repository_ids].present?
        @projects = @projects.where.not(id: params[:exclude_ids].to_s.split(",")) if params[:exclude_ids].present?
        @projects = @projects.where(project_type: ['mirror', 'common']).where("gpid is not null") if params[:actived].present?
        @projects = @projects.ransack(name_or_identifier_cont: keywords).result if params[:search].present?
        @projects = @projects.includes(:owner).order("projects.#{sort} #{sort_direction}")
        @projects = paginate(@projects)
    end

    private

    def load_organization
        @organization = Organization.find_by(login: params[:owner]) || Organization.find_by(id: params[:owner])
        return render_not_found("组织不存在") if @organization.nil?
        return render_forbidden("没有查看组织的权限") if org_limited_condition || org_privacy_condition
    end

    def org_limited_condition
        @organization.organization_extension.limited? && !current_user.logged?
    end

    def org_privacy_condition
        return false if current_user.admin?
        @organization.organization_extension.privacy? && @organization.organization_users.where(user_id: current_user.id).blank?
    end
end