diff --git a/models/dataset.go b/models/dataset.go
index fbd605120..7f049f068 100755
--- a/models/dataset.go
+++ b/models/dataset.go
@@ -113,24 +113,37 @@ func (datasets DatasetList) loadAttachmentAttributes(opts *SearchDatasetOptions)
 		return fmt.Errorf("GetAttachmentsByDatasetIds failed error: %v", err)
 	}
 
-	permissionMap := make(map[int64]*Permission, len(datasets))
+	permissionMap := make(map[int64]bool, len(datasets))
 
 	for _, attachment := range attachments {
 
 		for i := range datasets {
 			if attachment.DatasetID == datasets[i].ID {
 				if opts.StarByMe {
-					var permission *Permission
-					if permission = permissionMap[datasets[i].ID]; permission == nil {
-						permissionInstance, err := GetUserRepoPermission(datasets[i].Repo, opts.User)
-						if err != nil {
-							return fmt.Errorf("GetPermission failed error: %v", err)
+
+					permission,ok := permissionMap[datasets[i].ID];
+					if !ok {
+
+						permission = false
+						datasets[i].Repo.GetOwner()
+						if datasets[i].Repo.Owner.IsOrganization()  {
+							if datasets[i].Repo.Owner.IsUserPartOfOrg(opts.User.ID) {
+								log.Info("user is member of org.")
+								permission = true
+							}
 						}
-						permission = &permissionInstance
-						permissionMap[datasets[i].ID]=&permissionInstance
+						if !permission {
+							isCollaborator, _ := datasets[i].Repo.IsCollaborator(opts.User.ID)
+							if isCollaborator {
+								log.Info("Collaborator user may visit the attach.")
+								permission = true
+							}
+						}
+
+						permissionMap[datasets[i].ID]=permission
 					}
 
-					if permission.HasAccess() {
+					if permission{
 						datasets[i].Attachments = append(datasets[i].Attachments, attachment)
 					} else if !attachment.IsPrivate {
 						datasets[i].Attachments = append(datasets[i].Attachments, attachment)