diff --git a/routers/repo/attachment.go b/routers/repo/attachment.go
index a79955e8c..3e92471bb 100755
--- a/routers/repo/attachment.go
+++ b/routers/repo/attachment.go
@@ -152,15 +152,15 @@ func DownloadUserIsOrg(ctx *context.Context, attach *models.Attachment) bool {
 		} else {
 			repo.GetOwner()
 			if repo.Owner.IsOrganization() {
-				log.Info("ower is org.")
+				//log.Info("ower is org.")
 				if repo.Owner.IsUserPartOfOrg(ctx.User.ID) {
-					log.Info("user may be visit the attach.")
-					return false
+					log.Info("user may visit the attach.")
+					return true
 				}
 			}
 		}
 	}
-	return true
+	return false
 }
 
 // GetAttachment serve attachements
@@ -190,7 +190,7 @@ func GetAttachment(ctx *context.Context) {
 
 	if repository == nil { //If not linked
 		//if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && attach.IsPrivate { //We block if not the uploader
-		if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && DownloadUserIsOrg(ctx, attach) { //We block if not the uploader
+		if !(ctx.IsSigned && attach.UploaderID == ctx.User.ID) && !DownloadUserIsOrg(ctx, attach) { //We block if not the uploader
 			ctx.Error(http.StatusNotFound)
 			return
 		}