From d37bbd29d5b9881e09f0e813316f0843e1bbad41 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E2=98=99=E2=97=A6=20The=20Tablet=20=E2=9D=80=20GamerGirla?=
 =?UTF-8?q?ndCo=20=E2=97=A6=E2=9D=A7?= <i.am.the.tablet@proton.me>
Date: Thu, 21 Aug 2025 20:08:20 -0400
Subject: [PATCH] ensure visited repo's group owner is the same as the repo's
 owner, otherwise return 404

---
 routers/api/v1/group/group.go | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/routers/api/v1/group/group.go b/routers/api/v1/group/group.go
index bb361a19f0..abcb33d53c 100644
--- a/routers/api/v1/group/group.go
+++ b/routers/api/v1/group/group.go
@@ -282,10 +282,6 @@ func GetGroup(ctx *context.APIContext) {
 		ctx.APIErrorNotFound()
 		return
 	}
-	if group.OwnerID != ctx.Org.Organization.ID {
-		ctx.APIErrorNotFound()
-		return
-	}
 	if err != nil {
 		ctx.APIErrorInternal(err)
 		return
@@ -299,7 +295,7 @@ func GetGroup(ctx *context.APIContext) {
 }
 
 func DeleteGroup(ctx *context.APIContext) {
-	// swagger:operation DELETE /groups/{group_id} repositoryGroup groupDelete
+	// swagger:operation DELETE /groups/{group_id} repository-group groupDelete
 	// ---
 	// summary: Delete a repository group
 	// produces: