Fixes #6881 - API users search fix (#6882)

author: Richard Mahn <richmahn@users.noreply.github.com> 2019-05-08 15:17:32 -0400
committer: Lauris BH <lauris@nix.lv> 2019-05-08 22:17:32 +0300
commit: 6db3dc7c021e05658f063e577e2ea972b8bad80d (patch)
tree: 9f8bd8115bc21dd823601bd2c430a1069590b06c /integrations/api_admin_test.go
parent: d8b2ed6627d60d3573ba4864e72601230e1d0eaf (diff)
download: gitea-6db3dc7c021e05658f063e577e2ea972b8bad80d.tar.gz
gitea-6db3dc7c021e05658f063e577e2ea972b8bad80d.zip
1 files changed, 15 insertions, 0 deletions
diff --git a/integrations/api_admin_test.go b/integrations/api_admin_test.go
index a7bbde4c53..41add45458 100644
--- a/integrations/api_admin_test.go
+++ b/integrations/api_admin_test.go
@@ -129,3 +129,18 @@ func TestAPIListUsers(t *testing.T) {
 	numberOfUsers := models.GetCount(t, &models.User{}, "type = 0")
 	assert.Equal(t, numberOfUsers, len(users))
 }
+
+func TestAPIListUsersNotLoggedIn(t *testing.T) {
+	prepareTestEnv(t)
+	req := NewRequest(t, "GET", "/api/v1/admin/users")
+	MakeRequest(t, req, http.StatusUnauthorized)
+}
+
+func TestAPIListUsersNonAdmin(t *testing.T) {
+	prepareTestEnv(t)
+	nonAdminUsername := "user2"
+	session := loginUser(t, nonAdminUsername)
+	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "GET", "/api/v1/admin/users?token=%s", token)
+	session.MakeRequest(t, req, http.StatusForbidden)
+}
author	Richard Mahn <richmahn@users.noreply.github.com>	2019-05-08 15:17:32 -0400
committer	Lauris BH <lauris@nix.lv>	2019-05-08 22:17:32 +0300
commit	6db3dc7c021e05658f063e577e2ea972b8bad80d (patch)
tree	9f8bd8115bc21dd823601bd2c430a1069590b06c /integrations/api_admin_test.go
parent	d8b2ed6627d60d3573ba4864e72601230e1d0eaf (diff)
download	gitea-6db3dc7c021e05658f063e577e2ea972b8bad80d.tar.gz gitea-6db3dc7c021e05658f063e577e2ea972b8bad80d.zip