Fix tests

Author: lunny

integrations/api_team_test.go

@@ -67,9 +67,9 @@ func TestAPITeam(t *testing.T) {
 	resp = session.MakeRequest(t, req, http.StatusCreated)
 	DecodeJSON(t, resp, &apiTeam)
 	checkTeamResponse(t, &apiTeam, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,
-		teamToCreate.Permission, teamToCreate.Units)
+		teamToCreate.Permission, teamToCreate.Units, nil)
 	checkTeamBean(t, apiTeam.ID, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,
-		teamToCreate.Permission, teamToCreate.Units)
+		teamToCreate.Permission, teamToCreate.Units, nil)
 	teamID := apiTeam.ID
 
 	// Edit team.
@@ -87,9 +87,9 @@ func TestAPITeam(t *testing.T) {
 	resp = session.MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiTeam)
 	checkTeamResponse(t, &apiTeam, teamToEdit.Name, *teamToEdit.Description, *teamToEdit.IncludesAllRepositories,
-		teamToEdit.Permission, teamToEdit.Units)
+		teamToEdit.Permission, teamToEdit.Units, nil)
 	checkTeamBean(t, apiTeam.ID, teamToEdit.Name, *teamToEdit.Description, *teamToEdit.IncludesAllRepositories,
-		teamToEdit.Permission, teamToEdit.Units)
+		teamToEdit.Permission, teamToEdit.Units, nil)
 
 	// Edit team Description only
 	editDescription = "first team"
@@ -98,38 +98,108 @@ func TestAPITeam(t *testing.T) {
 	resp = session.MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiTeam)
 	checkTeamResponse(t, &apiTeam, teamToEdit.Name, *teamToEditDesc.Description, *teamToEdit.IncludesAllRepositories,
-		teamToEdit.Permission, teamToEdit.Units)
+		teamToEdit.Permission, teamToEdit.Units, nil)
 	checkTeamBean(t, apiTeam.ID, teamToEdit.Name, *teamToEditDesc.Description, *teamToEdit.IncludesAllRepositories,
-		teamToEdit.Permission, teamToEdit.Units)
+		teamToEdit.Permission, teamToEdit.Units, nil)
 
 	// Read team.
 	teamRead := unittest.AssertExistsAndLoadBean(t, &models.Team{ID: teamID}).(*models.Team)
+	assert.NoError(t, teamRead.GetUnits())
 	req = NewRequestf(t, "GET", "/api/v1/teams/%d?token="+token, teamID)
 	resp = session.MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiTeam)
 	checkTeamResponse(t, &apiTeam, teamRead.Name, *teamToEditDesc.Description, teamRead.IncludesAllRepositories,
-		teamRead.Authorize.String(), teamRead.GetUnitNames())
+		teamRead.Authorize.String(), teamRead.GetUnitNames(), teamRead.GetUnitsMap())
+
+	panic("")
+	// Delete team.
+	req = NewRequestf(t, "DELETE", "/api/v1/teams/%d?token="+token, teamID)
+	session.MakeRequest(t, req, http.StatusNoContent)
+	unittest.AssertNotExistsBean(t, &models.Team{ID: teamID})
+
+	// create team again via UnitsMap
+	// Create team.
+	teamToCreate = &api.CreateTeamOption{
+		Name:                    "team2",
+		Description:             "team two",
+		IncludesAllRepositories: true,
+		Permission:              "write",
+		UnitsMap:                map[string]string{"repo.code": "read", "repo.issues": "write", "repo.wiki": "none"},
+	}
+	req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/orgs/%s/teams?token=%s", org.Name, token), teamToCreate)
+	resp = session.MakeRequest(t, req, http.StatusCreated)
+	DecodeJSON(t, resp, &apiTeam)
+	checkTeamResponse(t, &apiTeam, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,
+		teamToCreate.Permission, nil, teamToCreate.UnitsMap)
+	checkTeamBean(t, apiTeam.ID, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,
+		teamToCreate.Permission, nil, teamToCreate.UnitsMap)
+	teamID = apiTeam.ID
+
+	// Edit team.
+	editDescription = "team 1"
+	editFalse = false
+	teamToEdit = &api.EditTeamOption{
+		Name:                    "teamtwo",
+		Description:             &editDescription,
+		Permission:              "write",
+		IncludesAllRepositories: &editFalse,
+		UnitsMap:                map[string]string{"repo.code": "read", "repo.pulls": "read", "repo.releases": "write"},
+	}
+
+	req = NewRequestWithJSON(t, "PATCH", fmt.Sprintf("/api/v1/teams/%d?token=%s", teamID, token), teamToEdit)
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &apiTeam)
+	checkTeamResponse(t, &apiTeam, teamToEdit.Name, *teamToEdit.Description, *teamToEdit.IncludesAllRepositories,
+		teamToEdit.Permission, nil, teamToEdit.UnitsMap)
+	checkTeamBean(t, apiTeam.ID, teamToEdit.Name, *teamToEdit.Description, *teamToEdit.IncludesAllRepositories,
+		teamToEdit.Permission, nil, teamToEdit.UnitsMap)
+
+	// Edit team Description only
+	editDescription = "second team"
+	teamToEditDesc = api.EditTeamOption{Description: &editDescription}
+	req = NewRequestWithJSON(t, "PATCH", fmt.Sprintf("/api/v1/teams/%d?token=%s", teamID, token), teamToEditDesc)
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &apiTeam)
+	checkTeamResponse(t, &apiTeam, teamToEdit.Name, *teamToEditDesc.Description, *teamToEdit.IncludesAllRepositories,
+		teamToEdit.Permission, nil, teamToEdit.UnitsMap)
+	checkTeamBean(t, apiTeam.ID, teamToEdit.Name, *teamToEditDesc.Description, *teamToEdit.IncludesAllRepositories,
+		teamToEdit.Permission, nil, teamToEdit.UnitsMap)
+
+	// Read team.
+	teamRead = unittest.AssertExistsAndLoadBean(t, &models.Team{ID: teamID}).(*models.Team)
+	req = NewRequestf(t, "GET", "/api/v1/teams/%d?token="+token, teamID)
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &apiTeam)
+	checkTeamResponse(t, &apiTeam, teamRead.Name, *teamToEditDesc.Description, teamRead.IncludesAllRepositories,
+		teamRead.Authorize.String(), teamRead.GetUnitNames(), teamRead.GetUnitsMap())
 
 	// Delete team.
 	req = NewRequestf(t, "DELETE", "/api/v1/teams/%d?token="+token, teamID)
 	session.MakeRequest(t, req, http.StatusNoContent)
 	unittest.AssertNotExistsBean(t, &models.Team{ID: teamID})
 }
 
-func checkTeamResponse(t *testing.T, apiTeam *api.Team, name, description string, includesAllRepositories bool, permission string, units []string) {
-	assert.Equal(t, name, apiTeam.Name, "name")
-	assert.Equal(t, description, apiTeam.Description, "description")
-	assert.Equal(t, includesAllRepositories, apiTeam.IncludesAllRepositories, "includesAllRepositories")
-	assert.Equal(t, permission, apiTeam.Permission, "permission")
-	sort.StringSlice(units).Sort()
-	sort.StringSlice(apiTeam.Units).Sort()
-	assert.EqualValues(t, units, apiTeam.Units, "units")
+func checkTeamResponse(t *testing.T, apiTeam *api.Team, name, description string, includesAllRepositories bool, permission string, units []string, unitsMap map[string]string) {
+	t.Run(name+description, func(t *testing.T) {
+		assert.Equal(t, name, apiTeam.Name, "name")
+		assert.Equal(t, description, apiTeam.Description, "description")
+		assert.Equal(t, includesAllRepositories, apiTeam.IncludesAllRepositories, "includesAllRepositories")
+		assert.Equal(t, permission, apiTeam.Permission, "permission")
+		if units != nil {
+			sort.StringSlice(units).Sort()
+			sort.StringSlice(apiTeam.Units).Sort()
+			assert.EqualValues(t, units, apiTeam.Units, "units")
+		}
+		if unitsMap != nil {
+			assert.EqualValues(t, unitsMap, apiTeam.UnitsMap, "unitsMap")
+		}
+	})
 }
 
-func checkTeamBean(t *testing.T, id int64, name, description string, includesAllRepositories bool, permission string, units []string) {
+func checkTeamBean(t *testing.T, id int64, name, description string, includesAllRepositories bool, permission string, units []string, unitsMap map[string]string) {
 	team := unittest.AssertExistsAndLoadBean(t, &models.Team{ID: id}).(*models.Team)
 	assert.NoError(t, team.GetUnits(), "GetUnits")
-	checkTeamResponse(t, convert.ToTeam(team), name, description, includesAllRepositories, permission, units)
+	checkTeamResponse(t, convert.ToTeam(team), name, description, includesAllRepositories, permission, units, unitsMap)
 }
 
 type TeamSearchResults struct {

integrations/org_test.go

@@ -156,9 +156,9 @@ func TestOrgRestrictedUser(t *testing.T) {
 	resp := adminSession.MakeRequest(t, req, http.StatusCreated)
 	DecodeJSON(t, resp, &apiTeam)
 	checkTeamResponse(t, &apiTeam, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,
-		teamToCreate.Permission, teamToCreate.Units)
+		teamToCreate.Permission, teamToCreate.Units, nil)
 	checkTeamBean(t, apiTeam.ID, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,
-		teamToCreate.Permission, teamToCreate.Units)
+		teamToCreate.Permission, teamToCreate.Units, nil)
 	//teamID := apiTeam.ID
 
 	// Now we need to add the restricted user to the team

models/issue.go

@@ -2088,7 +2088,7 @@ func (issue *Issue) ResolveMentionsByVisibility(ctx context.Context, doer *user_
 				unittype = unit.TypePullRequests
 			}
 			for _, team := range teams {
-				if team.Authorize >= perm.AccessModeOwner {
+				if team.Authorize >= perm.AccessModeAdmin {
 					checked = append(checked, team.ID)
 					resolved[issue.Repo.Owner.LowerName+"/"+team.LowerName] = true
 					continue

models/org_team.go

@@ -142,6 +142,15 @@ func (t *Team) GetUnitNames() (res []string) {
 	return
 }
 
+// GetUnitsMap returns the team units permissions
+func (t *Team) GetUnitsMap() map[string]string {
+	var m = make(map[string]string)
+	for _, u := range t.Units {
+		m[u.Unit().NameKey] = u.Authorize.String()
+	}
+	return m
+}
+
 // IsOwnerTeam returns true if team is owner team.
 func (t *Team) IsOwnerTeam() bool {
 	return t.Name == ownerTeamName
@@ -652,7 +661,7 @@ func UpdateTeam(t *Team, authChanged, includeAllChanged bool) (err error) {
 			Delete(new(TeamUnit)); err != nil {
 			return err
 		}
-		if _, err = sess.Cols("org_id", "team_id", "type").Insert(&t.Units); err != nil {
+		if _, err = sess.Cols("org_id", "team_id", "type", "authorize").Insert(&t.Units); err != nil {
 			return err
 		}
 	}

models/perm/access_mode.go

@@ -52,12 +52,14 @@ func (mode AccessMode) ColorFormat(s fmt.State) {
 // ParseAccessMode returns corresponding access mode to given permission string.
 func ParseAccessMode(permission string) AccessMode {
 	switch permission {
+	case "read":
+		return AccessModeRead
 	case "write":
 		return AccessModeWrite
 	case "admin":
 		return AccessModeAdmin
 	default:
-		return AccessModeRead
+		return AccessModeNone
 	}
 }
 

models/repo_permission.go

@@ -235,7 +235,7 @@ func getUserRepoPermission(e db.Engine, repo *Repository, user *user_model.User)
 
 	// if user in an owner team
 	for _, team := range teams {
-		if team.Authorize >= perm_model.AccessModeOwner {
+		if team.Authorize >= perm_model.AccessModeAdmin {
 			perm.AccessMode = perm_model.AccessModeOwner
 			perm.UnitsMode = nil
 			return

modules/convert/convert.go

@@ -306,6 +306,7 @@ func ToTeam(team *models.Team) *api.Team {
 		CanCreateOrgRepo:        team.CanCreateOrgRepo,
 		Permission:              team.Authorize.String(),
 		Units:                   team.GetUnitNames(),
+		UnitsMap:                team.GetUnitsMap(),
 	}
 }
 

routers/api/v1/org/team.go

@@ -112,6 +112,10 @@ func ListUserTeams(ctx *context.APIContext) {
 			apiOrg = convert.ToOrganization(org)
 			cache[teams[i].OrgID] = apiOrg
 		}
+		if err := teams[i].GetUnits(); err != nil {
+			ctx.Error(http.StatusInternalServerError, "teams[i].GetUnits()", err)
+			return
+		}
 		apiTeams[i] = convert.ToTeam(teams[i])
 		apiTeams[i].Organization = apiOrg
 	}
@@ -138,6 +142,11 @@ func GetTeam(ctx *context.APIContext) {
 	//   "200":
 	//     "$ref": "#/responses/Team"
 
+	if err := ctx.Org.Team.GetUnits(); err != nil {
+		ctx.Error(http.StatusInternalServerError, "team.GetUnits", err)
+		return
+	}
+
 	ctx.JSON(http.StatusOK, convert.ToTeam(ctx.Org.Team))
 }
 
@@ -199,7 +208,7 @@ func CreateTeam(ctx *context.APIContext) {
 	form := web.GetForm(ctx).(*api.CreateTeamOption)
 
 	var p = perm.ParseAccessMode(form.Permission)
-	if p < perm.AccessModeOwner {
+	if p < perm.AccessModeAdmin && len(form.UnitsMap) > 0 {
 		p = perm.MinUnitPerms(convertUnitsMap(form.UnitsMap))
 	}
 
@@ -212,7 +221,7 @@ func CreateTeam(ctx *context.APIContext) {
 		Authorize:               p,
 	}
 
-	if team.Authorize < perm.AccessModeOwner {
+	if team.Authorize < perm.AccessModeAdmin {
 		if len(form.UnitsMap) > 0 {
 			attachTeamUnitsMap(team, form.UnitsMap)
 		} else if len(form.Units) > 0 {
@@ -283,7 +292,7 @@ func EditTeam(ctx *context.APIContext) {
 	if !team.IsOwnerTeam() && len(form.Permission) != 0 {
 		// Validate permission level.
 		var p = perm.ParseAccessMode(form.Permission)
-		if p < perm.AccessModeOwner {
+		if p < perm.AccessModeAdmin && len(form.UnitsMap) > 0 {
 			p = perm.MinUnitPerms(convertUnitsMap(form.UnitsMap))
 		}
 
@@ -298,7 +307,7 @@ func EditTeam(ctx *context.APIContext) {
 		}
 	}
 
-	if team.Authorize < perm.AccessModeOwner {
+	if team.Authorize < perm.AccessModeAdmin {
 		if len(form.UnitsMap) > 0 {
 			attachTeamUnitsMap(team, form.UnitsMap)
 		} else if len(form.Units) > 0 {

routers/web/org/teams.go

@@ -248,7 +248,7 @@ func NewTeamPost(ctx *context.Context) {
 	var includesAllRepositories = form.RepoAccess == "all"
 	var unitPerms = getUnitPerms(ctx.Req.Form)
 	var p = perm.ParseAccessMode(form.Permission)
-	if p < perm.AccessModeOwner {
+	if p < perm.AccessModeAdmin {
 		p = perm.MinUnitPerms(unitPerms)
 	}
 
@@ -261,7 +261,7 @@ func NewTeamPost(ctx *context.Context) {
 		CanCreateOrgRepo:        form.CanCreateOrgRepo,
 	}
 
-	if t.Authorize < perm.AccessModeOwner {
+	if t.Authorize < perm.AccessModeAdmin {
 		var units = make([]*models.TeamUnit, 0, len(unitPerms))
 		for tp, perm := range unitPerms {
 			units = append(units, &models.TeamUnit{
@@ -363,7 +363,7 @@ func EditTeamPost(ctx *context.Context) {
 		}
 	}
 	t.Description = form.Description
-	if t.Authorize < perm.AccessModeOwner {
+	if t.Authorize < perm.AccessModeAdmin {
 		var units = make([]models.TeamUnit, 0, len(unitPerms))
 		for tp, perm := range unitPerms {
 			units = append(units, models.TeamUnit{