1 files changed, 17 insertions, 11 deletions

diff --git a/tests/integration/api_org_test.go b/tests/integration/api_org_test.go
index 0be0c170d6..84166861a7 100644
--- a/tests/integration/api_org_test.go
+++ b/tests/integration/api_org_test.go
@@ -10,6 +10,7 @@ import (
 	"strings"
 	"testing"
 
+	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/setting"
@@ -21,7 +22,7 @@ import (
 
 func TestAPIOrgCreate(t *testing.T) {
 	onGiteaRun(t, func(*testing.T, *url.URL) {
-		token := getUserToken(t, "user1")
+		token := getUserToken(t, "user1", auth_model.AccessTokenScopeWriteOrg)
 
 		org := api.CreateOrgOption{
 			UserName:    "user1_org",
@@ -79,7 +80,7 @@ func TestAPIOrgEdit(t *testing.T) {
 	onGiteaRun(t, func(*testing.T, *url.URL) {
 		session := loginUser(t, "user1")
 
-		token := getTokenForLoggedInUser(t, session)
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteOrg)
 		org := api.EditOrgOption{
 			FullName:    "User3 organization new full name",
 			Description: "A new description",
@@ -106,7 +107,7 @@ func TestAPIOrgEditBadVisibility(t *testing.T) {
 	onGiteaRun(t, func(*testing.T, *url.URL) {
 		session := loginUser(t, "user1")
 
-		token := getTokenForLoggedInUser(t, session)
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteOrg)
 		org := api.EditOrgOption{
 			FullName:    "User3 organization new full name",
 			Description: "A new description",
@@ -126,14 +127,16 @@ func TestAPIOrgDeny(t *testing.T) {
 			setting.Service.RequireSignInView = false
 		}()
 
+		token := getUserToken(t, "user1", auth_model.AccessTokenScopeReadOrg)
+
 		orgName := "user1_org"
-		req := NewRequestf(t, "GET", "/api/v1/orgs/%s", orgName)
+		req := NewRequestf(t, "GET", "/api/v1/orgs/%s?token=%s", orgName, token)
 		MakeRequest(t, req, http.StatusNotFound)
 
-		req = NewRequestf(t, "GET", "/api/v1/orgs/%s/repos", orgName)
+		req = NewRequestf(t, "GET", "/api/v1/orgs/%s/repos?token=%s", orgName, token)
 		MakeRequest(t, req, http.StatusNotFound)
 
-		req = NewRequestf(t, "GET", "/api/v1/orgs/%s/members", orgName)
+		req = NewRequestf(t, "GET", "/api/v1/orgs/%s/members?token=%s", orgName, token)
 		MakeRequest(t, req, http.StatusNotFound)
 	})
 }
@@ -141,20 +144,23 @@ func TestAPIOrgDeny(t *testing.T) {
 func TestAPIGetAll(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 
-	req := NewRequestf(t, "GET", "/api/v1/orgs")
+	token := getUserToken(t, "user1", auth_model.AccessTokenScopeReadOrg)
+
+	req := NewRequestf(t, "GET", "/api/v1/orgs?token=%s", token)
 	resp := MakeRequest(t, req, http.StatusOK)
 
 	var apiOrgList []*api.Organization
 	DecodeJSON(t, resp, &apiOrgList)
 
-	assert.Len(t, apiOrgList, 7)
-	assert.Equal(t, "org25", apiOrgList[0].FullName)
-	assert.Equal(t, "public", apiOrgList[0].Visibility)
+	// accessing with a token will return all orgs
+	assert.Len(t, apiOrgList, 9)
+	assert.Equal(t, "org25", apiOrgList[1].FullName)
+	assert.Equal(t, "public", apiOrgList[1].Visibility)
 }
 
 func TestAPIOrgSearchEmptyTeam(t *testing.T) {
 	onGiteaRun(t, func(*testing.T, *url.URL) {
-		token := getUserToken(t, "user1")
+		token := getUserToken(t, "user1", auth_model.AccessTokenScopeAdminOrg)
 		orgName := "org_with_empty_team"
 
 		// create org