fix(packages): allow read access for private packages

Changes permission check from write to read access for viewing private packages. Organization members with read permissions can now view private packages, not just those with write access.
2026-01-24 14:37:19 -05:00
parent 1a8a6639b4
commit baaa8803a9
2 changed files with 4 additions and 4 deletions
--- a/services/context/package.go
+++ b/services/context/package.go
@@ -126,8 +126,8 @@ func packageAssignment(ctx *packageAssignmentCtx, errCb func(int, any)) *Package
 			return pkg
 		}

-		// Check if package is private and user doesn't have write access
-		if pkg.Descriptor.Package.IsPrivate && pkg.AccessMode < perm.AccessModeWrite {
+		// Check if package is private and user doesn't have read access
+		if pkg.Descriptor.Package.IsPrivate && pkg.AccessMode < perm.AccessModeRead {
 			errCb(http.StatusNotFound, errors.New("package is private"))
 			return pkg
 		}