mirror of
				https://github.com/go-gitea/gitea.git
				synced 2025-10-27 00:23:41 +09:00 
			
		
		
		
	[API] teamSearch show teams with no members if user is admin (#21204)
close #21176
This commit is contained in:
		| @@ -64,8 +64,8 @@ func main() { | |||||||
| 		} | 		} | ||||||
|  |  | ||||||
| 		entries = append(entries, LicenseEntry{ | 		entries = append(entries, LicenseEntry{ | ||||||
| 			Name: name, | 			Name:        name, | ||||||
| 			Path: path, | 			Path:        path, | ||||||
| 			LicenseText: string(licenseText), | 			LicenseText: string(licenseText), | ||||||
| 		}) | 		}) | ||||||
| 	} | 	} | ||||||
|   | |||||||
| @@ -129,29 +129,11 @@ func SearchTeam(opts *SearchTeamOptions) ([]*Team, int64, error) { | |||||||
| 	if opts.UserID > 0 { | 	if opts.UserID > 0 { | ||||||
| 		sess = sess.Join("INNER", "team_user", "team_user.team_id = team.id") | 		sess = sess.Join("INNER", "team_user", "team_user.team_id = team.id") | ||||||
| 	} | 	} | ||||||
|  | 	sess = db.SetSessionPagination(sess, opts) | ||||||
| 	count, err := sess. |  | ||||||
| 		Where(cond). |  | ||||||
| 		Count(new(Team)) |  | ||||||
| 	if err != nil { |  | ||||||
| 		return nil, 0, err |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	if opts.UserID > 0 { |  | ||||||
| 		sess = sess.Join("INNER", "team_user", "team_user.team_id = team.id") |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	if opts.PageSize == -1 { |  | ||||||
| 		opts.PageSize = int(count) |  | ||||||
| 	} else { |  | ||||||
| 		sess = sess.Limit(opts.PageSize, (opts.Page-1)*opts.PageSize) |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	teams := make([]*Team, 0, opts.PageSize) | 	teams := make([]*Team, 0, opts.PageSize) | ||||||
| 	if err = sess. | 	count, err := sess.Where(cond).OrderBy("lower_name").FindAndCount(&teams) | ||||||
| 		Where(cond). | 	if err != nil { | ||||||
| 		OrderBy("lower_name"). |  | ||||||
| 		Find(&teams); err != nil { |  | ||||||
| 		return nil, 0, err | 		return nil, 0, err | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|   | |||||||
| @@ -11,6 +11,7 @@ import ( | |||||||
| 	"unicode/utf8" | 	"unicode/utf8" | ||||||
|  |  | ||||||
| 	"code.gitea.io/gitea/modules/log" | 	"code.gitea.io/gitea/modules/log" | ||||||
|  |  | ||||||
| 	"gopkg.in/yaml.v3" | 	"gopkg.in/yaml.v3" | ||||||
| ) | ) | ||||||
|  |  | ||||||
|   | |||||||
| @@ -8,6 +8,7 @@ import ( | |||||||
| 	"strings" | 	"strings" | ||||||
|  |  | ||||||
| 	"code.gitea.io/gitea/modules/log" | 	"code.gitea.io/gitea/modules/log" | ||||||
|  |  | ||||||
| 	"github.com/yuin/goldmark/ast" | 	"github.com/yuin/goldmark/ast" | ||||||
| 	"gopkg.in/yaml.v3" | 	"gopkg.in/yaml.v3" | ||||||
| ) | ) | ||||||
|   | |||||||
| @@ -759,13 +759,17 @@ func SearchTeam(ctx *context.APIContext) { | |||||||
| 	listOptions := utils.GetListOptions(ctx) | 	listOptions := utils.GetListOptions(ctx) | ||||||
|  |  | ||||||
| 	opts := &organization.SearchTeamOptions{ | 	opts := &organization.SearchTeamOptions{ | ||||||
| 		UserID:      ctx.Doer.ID, |  | ||||||
| 		Keyword:     ctx.FormTrim("q"), | 		Keyword:     ctx.FormTrim("q"), | ||||||
| 		OrgID:       ctx.Org.Organization.ID, | 		OrgID:       ctx.Org.Organization.ID, | ||||||
| 		IncludeDesc: ctx.FormString("include_desc") == "" || ctx.FormBool("include_desc"), | 		IncludeDesc: ctx.FormString("include_desc") == "" || ctx.FormBool("include_desc"), | ||||||
| 		ListOptions: listOptions, | 		ListOptions: listOptions, | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | 	// Only admin is allowd to search for all teams | ||||||
|  | 	if !ctx.Doer.IsAdmin { | ||||||
|  | 		opts.UserID = ctx.Doer.ID | ||||||
|  | 	} | ||||||
|  |  | ||||||
| 	teams, maxResults, err := organization.SearchTeam(opts) | 	teams, maxResults, err := organization.SearchTeam(opts) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		log.Error("SearchTeam failed: %v", err) | 		log.Error("SearchTeam failed: %v", err) | ||||||
|   | |||||||
| @@ -5,6 +5,7 @@ | |||||||
| package integration | package integration | ||||||
|  |  | ||||||
| import ( | import ( | ||||||
|  | 	"fmt" | ||||||
| 	"net/http" | 	"net/http" | ||||||
| 	"net/url" | 	"net/url" | ||||||
| 	"strings" | 	"strings" | ||||||
| @@ -151,3 +152,38 @@ func TestAPIGetAll(t *testing.T) { | |||||||
| 	assert.Equal(t, "org25", apiOrgList[0].FullName) | 	assert.Equal(t, "org25", apiOrgList[0].FullName) | ||||||
| 	assert.Equal(t, "public", apiOrgList[0].Visibility) | 	assert.Equal(t, "public", apiOrgList[0].Visibility) | ||||||
| } | } | ||||||
|  |  | ||||||
|  | func TestAPIOrgSearchEmptyTeam(t *testing.T) { | ||||||
|  | 	onGiteaRun(t, func(*testing.T, *url.URL) { | ||||||
|  | 		token := getUserToken(t, "user1") | ||||||
|  | 		orgName := "org_with_empty_team" | ||||||
|  |  | ||||||
|  | 		// create org | ||||||
|  | 		req := NewRequestWithJSON(t, "POST", "/api/v1/orgs?token="+token, &api.CreateOrgOption{ | ||||||
|  | 			UserName: orgName, | ||||||
|  | 		}) | ||||||
|  | 		MakeRequest(t, req, http.StatusCreated) | ||||||
|  |  | ||||||
|  | 		// create team with no member | ||||||
|  | 		req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/orgs/%s/teams?token=%s", orgName, token), &api.CreateTeamOption{ | ||||||
|  | 			Name:                    "Empty", | ||||||
|  | 			IncludesAllRepositories: true, | ||||||
|  | 			Permission:              "read", | ||||||
|  | 			Units:                   []string{"repo.code", "repo.issues", "repo.ext_issues", "repo.wiki", "repo.pulls"}, | ||||||
|  | 		}) | ||||||
|  | 		MakeRequest(t, req, http.StatusCreated) | ||||||
|  |  | ||||||
|  | 		// case-insensitive search for teams that have no members | ||||||
|  | 		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/%s/teams/search?q=%s&token=%s", orgName, "empty", token)) | ||||||
|  | 		resp := MakeRequest(t, req, http.StatusOK) | ||||||
|  | 		data := struct { | ||||||
|  | 			Ok   bool | ||||||
|  | 			Data []*api.Team | ||||||
|  | 		}{} | ||||||
|  | 		DecodeJSON(t, resp, &data) | ||||||
|  | 		assert.True(t, data.Ok) | ||||||
|  | 		if assert.Len(t, data.Data, 1) { | ||||||
|  | 			assert.EqualValues(t, "Empty", data.Data[0].Name) | ||||||
|  | 		} | ||||||
|  | 	}) | ||||||
|  | } | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user