1 files changed, 9 insertions(+), 1 deletions(-)

M api/graph/schema.resolvers.go

@@ 951,7 951,15 @@ func (r *userResolver) Repositories(ctx context.Context, obj *model.User, cursor
 		query := database.
 			Select(ctx, repo).
 			From(`repository repo`).
-			Where(`repo.owner_id = ?`, obj.ID)
+			LeftJoin(`access ON repo.id = access.repo_id`).
+			Where(sq.And{
+				sq.Or{
+					sq.Expr(`? IN (access.user_id, repo.owner_id)`,
+						auth.ForContext(ctx).UserID),
+					sq.Expr(`repo.visibility = 'public'`),
+				},
+				sq.Expr(`repo.owner_id = ?`, obj.ID),
+			})
 		repos, cursor = repo.QueryWithCursor(ctx, tx, query, cursor)
 		return nil
 	}); err != nil {