From 72f1cf27043328061000782d054020f22a2b1da4 Mon Sep 17 00:00:00 2001
From: Oleksii Kriuchykhin <okriuchykhin@biosistemika.com>
Date: Tue, 20 Dec 2022 13:26:38 +0100
Subject: [PATCH] Fix viewer permissions for inventories [SCI-7422]

---
 app/models/repository.rb      | 4 ++--
 app/permissions/repository.rb | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/models/repository.rb b/app/models/repository.rb
index 551d0cbca..1503ddaac 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -170,8 +170,8 @@ class Repository < RepositoryBase
     team_shared_objects.where(team: team, permission_level: :shared_write).any?
   end
 
-  def self.viewable_by_user(user, teams)
-    accessible_by_teams(teams).with_granted_permissions(user, RepositoryPermissions::READ)
+  def self.viewable_by_user(_user, teams)
+    accessible_by_teams(teams)
   end
 
   def self.name_like(query)
diff --git a/app/permissions/repository.rb b/app/permissions/repository.rb
index 68ae1c042..d39986267 100644
--- a/app/permissions/repository.rb
+++ b/app/permissions/repository.rb
@@ -6,7 +6,7 @@ Canaid::Permissions.register_for(RepositoryBase) do
     if repository.is_a?(RepositorySnapshot)
       can_read_my_module?(user, repository.my_module)
     else
-      repository.permission_granted?(user, RepositoryPermissions::READ)
+      user.teams.include?(repository.team) || repository.shared_with?(user.current_team)
     end
   end
 end