diff --git a/models/fixtures/org_user.yml b/models/fixtures/org_user.yml index d6bbdaa9da268..d08f69579913e 100644 --- a/models/fixtures/org_user.yml +++ b/models/fixtures/org_user.yml @@ -75,3 +75,9 @@ uid: 31 org_id: 19 is_public: true + +- + id: 14 + uid: 5 + org_id: 23 + is_public: false diff --git a/models/fixtures/team.yml b/models/fixtures/team.yml index be988b8fce129..aa3b36e644399 100644 --- a/models/fixtures/team.yml +++ b/models/fixtures/team.yml @@ -172,4 +172,15 @@ num_repos: 0 num_members: 0 includes_all_repositories: false - can_create_org_repo: true \ No newline at end of file + can_create_org_repo: true + +- + id: 17 + org_id: 23 + lower_name: team14writeauth + name: team14WriteAuth + authorize: 2 # write + num_repos: 0 + num_members: 1 + includes_all_repositories: false + can_create_org_repo: true diff --git a/models/fixtures/team_unit.yml b/models/fixtures/team_unit.yml index 2e23a6312919b..5257d2c3856d3 100644 --- a/models/fixtures/team_unit.yml +++ b/models/fixtures/team_unit.yml @@ -268,3 +268,9 @@ team_id: 9 type: 1 # code access_mode: 1 + +- + id: 46 + team_id: 17 + type: 9 # package + access_mode: 0 diff --git a/models/fixtures/team_user.yml b/models/fixtures/team_user.yml index de4f29d977cbb..b95f76c72376b 100644 --- a/models/fixtures/team_user.yml +++ b/models/fixtures/team_user.yml @@ -99,3 +99,9 @@ org_id: 3 team_id: 14 uid: 2 + +- + id: 18 + org_id: 23 + team_id: 17 + uid: 5 diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml index ce54defacdc67..3e302dfb9af09 100644 --- a/models/fixtures/user.yml +++ b/models/fixtures/user.yml @@ -844,8 +844,8 @@ num_following: 0 num_stars: 0 num_repos: 2 - num_teams: 1 - num_members: 0 + num_teams: 2 + num_members: 1 visibility: 2 repo_admin_change_team_access: false theme: "" diff --git a/models/organization/org_test.go b/models/organization/org_test.go index cfa304d7b29f2..6e583879976ab 100644 --- a/models/organization/org_test.go +++ b/models/organization/org_test.go @@ -212,25 +212,31 @@ func TestGetOrgUsersByUserID(t *testing.T) { orgUsers, err := organization.GetOrgUsersByUserID(5, &organization.SearchOrganizationsOptions{All: true}) assert.NoError(t, err) - if assert.Len(t, orgUsers, 2) { + if assert.Len(t, orgUsers, 3) { assert.Equal(t, organization.OrgUser{ ID: orgUsers[0].ID, - OrgID: 6, + OrgID: 23, UID: 5, - IsPublic: true, + IsPublic: false, }, *orgUsers[0]) assert.Equal(t, organization.OrgUser{ ID: orgUsers[1].ID, + OrgID: 6, + UID: 5, + IsPublic: true, + }, *orgUsers[1]) + assert.Equal(t, organization.OrgUser{ + ID: orgUsers[2].ID, OrgID: 7, UID: 5, IsPublic: false, - }, *orgUsers[1]) + }, *orgUsers[2]) } publicOrgUsers, err := organization.GetOrgUsersByUserID(5, &organization.SearchOrganizationsOptions{All: false}) assert.NoError(t, err) assert.Len(t, publicOrgUsers, 1) - assert.Equal(t, *orgUsers[0], *publicOrgUsers[0]) + assert.Equal(t, *orgUsers[1], *publicOrgUsers[0]) orgUsers, err = organization.GetOrgUsersByUserID(1, &organization.SearchOrganizationsOptions{All: true}) assert.NoError(t, err) diff --git a/tests/integration/api_packages_test.go b/tests/integration/api_packages_test.go index 4228003e2db39..74a7e3c795464 100644 --- a/tests/integration/api_packages_test.go +++ b/tests/integration/api_packages_test.go @@ -157,6 +157,7 @@ func TestPackageAccess(t *testing.T) { admin := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1}) user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5}) inactive := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 9}) + privatedOrg := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 23}) uploadPackage := func(doer, owner *user_model.User, expectedStatus int) { url := fmt.Sprintf("/api/packages/%s/generic/test-package/1.0/file.bin", owner.Name) @@ -170,6 +171,15 @@ func TestPackageAccess(t *testing.T) { uploadPackage(inactive, user, http.StatusUnauthorized) uploadPackage(admin, inactive, http.StatusCreated) uploadPackage(admin, user, http.StatusCreated) + + // team.authorize is write, but team_unit.access_mode is none + // so the user can not upload packages or get package list + uploadPackage(user, privatedOrg, http.StatusUnauthorized) + + session := loginUser(t, user.Name) + tokenReadPackage := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadPackage) + req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s?token=%s", privatedOrg.Name, tokenReadPackage)) + MakeRequest(t, req, http.StatusForbidden) } func TestPackageQuota(t *testing.T) {