Add scope to teams APIs
This commit is contained in:
harryzcy
parent
b6f6ad4cf0
commit
2451accb56
3 changed files with 14 additions and 14 deletions
|
|
@ -1148,24 +1148,24 @@ func Routes(ctx gocontext.Context) *web.Route {
|
||||||
}, reqToken(auth_model.AccessTokenScopeAdminOrgHook), reqOrgOwnership(), reqWebhooksEnabled())
|
}, reqToken(auth_model.AccessTokenScopeAdminOrgHook), reqOrgOwnership(), reqWebhooksEnabled())
|
||||||
}, orgAssignment(true))
|
}, orgAssignment(true))
|
||||||
m.Group("/teams/{teamid}", func() {
|
m.Group("/teams/{teamid}", func() {
|
||||||
m.Combo("").Get(org.GetTeam).
|
m.Combo("").Get(reqToken(auth_model.AccessTokenScopeReadOrg), org.GetTeam).
|
||||||
Patch(reqOrgOwnership(), bind(api.EditTeamOption{}), org.EditTeam).
|
Patch(reqToken(auth_model.AccessTokenScopeWriteOrg), reqOrgOwnership(), bind(api.EditTeamOption{}), org.EditTeam).
|
||||||
Delete(reqOrgOwnership(), org.DeleteTeam)
|
Delete(reqToken(auth_model.AccessTokenScopeWriteOrg), reqOrgOwnership(), org.DeleteTeam)
|
||||||
m.Group("/members", func() {
|
m.Group("/members", func() {
|
||||||
m.Get("", org.GetTeamMembers)
|
m.Get("", reqToken(auth_model.AccessTokenScopeReadOrg), org.GetTeamMembers)
|
||||||
m.Combo("/{username}").
|
m.Combo("/{username}").
|
||||||
Get(org.GetTeamMember).
|
Get(reqToken(auth_model.AccessTokenScopeReadOrg), org.GetTeamMember).
|
||||||
Put(reqOrgOwnership(), org.AddTeamMember).
|
Put(reqToken(auth_model.AccessTokenScopeWriteOrg), reqOrgOwnership(), org.AddTeamMember).
|
||||||
Delete(reqOrgOwnership(), org.RemoveTeamMember)
|
Delete(reqToken(auth_model.AccessTokenScopeWriteOrg), reqOrgOwnership(), org.RemoveTeamMember)
|
||||||
})
|
})
|
||||||
m.Group("/repos", func() {
|
m.Group("/repos", func() {
|
||||||
m.Get("", org.GetTeamRepos)
|
m.Get("", reqToken(auth_model.AccessTokenScopeReadOrg), org.GetTeamRepos)
|
||||||
m.Combo("/{org}/{reponame}").
|
m.Combo("/{org}/{reponame}").
|
||||||
Put(org.AddTeamRepository).
|
Put(reqToken(auth_model.AccessTokenScopeWriteOrg), org.AddTeamRepository).
|
||||||
Delete(org.RemoveTeamRepository).
|
Delete(reqToken(auth_model.AccessTokenScopeWriteOrg), org.RemoveTeamRepository).
|
||||||
Get(org.GetTeamRepo)
|
Get(reqToken(auth_model.AccessTokenScopeReadOrg), org.GetTeamRepo)
|
||||||
})
|
})
|
||||||
}, orgAssignment(false, true), reqToken(""), reqTeamMembership())
|
}, orgAssignment(false, true), reqTeamMembership())
|
||||||
|
|
||||||
m.Group("/admin", func() {
|
m.Group("/admin", func() {
|
||||||
m.Group("/cron", func() {
|
m.Group("/cron", func() {
|
||||||
|
|
|
||||||
|
|
@ -44,7 +44,7 @@ func TestAPITeam(t *testing.T) {
|
||||||
user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: teamUser2.UID})
|
user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: teamUser2.UID})
|
||||||
|
|
||||||
session = loginUser(t, user2.Name)
|
session = loginUser(t, user2.Name)
|
||||||
token = getTokenForLoggedInUser(t, session)
|
token = getTokenForLoggedInUser(t, session, "read_org")
|
||||||
req = NewRequestf(t, "GET", "/api/v1/teams/%d?token="+token, teamUser.TeamID)
|
req = NewRequestf(t, "GET", "/api/v1/teams/%d?token="+token, teamUser.TeamID)
|
||||||
_ = session.MakeRequest(t, req, http.StatusForbidden)
|
_ = session.MakeRequest(t, req, http.StatusForbidden)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,7 @@ func TestAPITeamUser(t *testing.T) {
|
||||||
|
|
||||||
normalUsername := "user2"
|
normalUsername := "user2"
|
||||||
session := loginUser(t, normalUsername)
|
session := loginUser(t, normalUsername)
|
||||||
token := getTokenForLoggedInUser(t, session)
|
token := getTokenForLoggedInUser(t, session, "read_org")
|
||||||
req := NewRequest(t, "GET", "/api/v1/teams/1/members/user1?token="+token)
|
req := NewRequest(t, "GET", "/api/v1/teams/1/members/user1?token="+token)
|
||||||
session.MakeRequest(t, req, http.StatusNotFound)
|
session.MakeRequest(t, req, http.StatusNotFound)
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue