I think this change needs some discussion before we commit anything.

First off, the count. I don't think it's wrong to show invisible repositories in the count, just like we don't show inactive users or invisible groups. They're still in the database, and likely are still referenced by older review requests. They're just not publicly shown, I think that's okay.

As far as the API goes, I can see arguments for doing this and for not doing this. On the one hand, an administrator is a special class of user that can access just about anything, and so maybe we do want to show these. I would say that consumers should be checking whether the repository is listed as visible or not in each result anyway, except we don't provide that field. We should definitely do that at a minimum. We also may potentially break consumers of the API by making this change.

On the other hand, it's not consistent in terms of results between users, and that's weird. However, I still want the ability to show invisible repositories (there may be a native app or tool that shows all repositories and allows you to toggle visibility state).

So here's what I think we should do.

1) Don't change the count. I think it's fine as it is.

2) Add a 'visible' field to RepositoryResource.

3) Add a show-visible= query argument for the list of repositories, and key off by that. Set it to False by default. Document that it will only be used for administrators.

4) We also need unit tests for each combination of this in the API.

No need to compare to True.

Should just be:

qs = self.filter(visible=True).distinct()

Ship It!