Never use /api/v1 from Gitea UI Pages (#19318)

Reusing `/api/v1` from Gitea UI Pages have pros and cons. Pros: 1) Less code copy Cons: 1) API/v1 have to support shared session with page requests. 2) You need to consider for each other when you want to change something about api/v1 or page. This PR moves all dependencies to API/v1 from UI Pages. Partially replace #16052
author: Lunny Xiao <xiaolunwen@gmail.com> 2022-04-08 02:59:56 +0800
committer: GitHub <noreply@github.com> 2022-04-07 20:59:56 +0200
commit: 783a02188970ba5800514f7c64f6a818f65c04a1 (patch)
tree: 8c7dc3bbe00abbc245203f94c437f157168cc54a /integrations/org_test.go
parent: bb7e0619c3356227d6c5826cb789841f6bc4a05a (diff)
download: gitea-783a02188970ba5800514f7c64f6a818f65c04a1.tar.gz
gitea-783a02188970ba5800514f7c64f6a818f65c04a1.zip
1 files changed, 29 insertions, 0 deletions
diff --git a/integrations/org_test.go b/integrations/org_test.go
index 794475a924..227a1b8d40 100644
--- a/integrations/org_test.go
+++ b/integrations/org_test.go
@@ -10,6 +10,8 @@ import (
 	"strings"
 	"testing"
 
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
 	api "code.gitea.io/gitea/modules/structs"
 
 	"github.com/stretchr/testify/assert"
@@ -173,3 +175,30 @@ func TestOrgRestrictedUser(t *testing.T) {
 	req = NewRequest(t, "GET", fmt.Sprintf("/%s/%s", orgName, repoName))
 	restrictedSession.MakeRequest(t, req, http.StatusOK)
 }
+
+func TestTeamSearch(t *testing.T) {
+	defer prepareTestEnv(t)()
+
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}).(*user_model.User)
+	org := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3}).(*user_model.User)
+
+	var results TeamSearchResults
+
+	session := loginUser(t, user.Name)
+	csrf := GetCSRF(t, session, "/"+org.Name)
+	req := NewRequestf(t, "GET", "/org/%s/teams/-/search?q=%s", org.Name, "_team")
+	req.Header.Add("X-Csrf-Token", csrf)
+	resp := session.MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &results)
+	assert.NotEmpty(t, results.Data)
+	assert.Len(t, results.Data, 1)
+	assert.Equal(t, "test_team", results.Data[0].Name)
+
+	// no access if not organization member
+	user5 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5}).(*user_model.User)
+	session = loginUser(t, user5.Name)
+	csrf = GetCSRF(t, session, "/"+org.Name)
+	req = NewRequestf(t, "GET", "/org/%s/teams/-/search?q=%s", org.Name, "team")
+	req.Header.Add("X-Csrf-Token", csrf)
+	session.MakeRequest(t, req, http.StatusNotFound)
+}
author	Lunny Xiao <xiaolunwen@gmail.com>	2022-04-08 02:59:56 +0800
committer	GitHub <noreply@github.com>	2022-04-07 20:59:56 +0200
commit	783a02188970ba5800514f7c64f6a818f65c04a1 (patch)
tree	8c7dc3bbe00abbc245203f94c437f157168cc54a /integrations/org_test.go
parent	bb7e0619c3356227d6c5826cb789841f6bc4a05a (diff)
download	gitea-783a02188970ba5800514f7c64f6a818f65c04a1.tar.gz gitea-783a02188970ba5800514f7c64f6a818f65c04a1.zip