Fix SQL Query for SearchTeam (#20844)

- Currently the function takes in the `UserID` option, but isn't being used within the SQL query. This patch fixes that by checking that only teams are being returned that the user belongs to. Fix #20829 Co-authored-by: delvh <dev.lh@web.de>
2022-08-21 18:24:05 +02:00 · 2022-08-21 18:24:05 +02:00 · 0b4c166e8a
commit 0b4c166e8a
parent 6d3181406d
7 changed files with 61 additions and 19 deletions
--- a/integrations/api_team_test.go
+++ b/integrations/api_team_test.go
@ -223,7 +223,7 @@ func TestAPITeamSearch(t *testing.T) {
 	defer prepareTestEnv(t)()

 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
-	org := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3})
+	org := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 17})

 	var results TeamSearchResults

--- a/integrations/api_user_orgs_test.go
+++ b/integrations/api_user_orgs_test.go
@ -26,8 +26,19 @@ func TestUserOrgs(t *testing.T) {
 	orgs := getUserOrgs(t, adminUsername, normalUsername)

 	user3 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user3"})
+	user17 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user17"})

 	assert.Equal(t, []*api.Organization{
+		{
+			ID:          17,
+			UserName:    user17.Name,
+			FullName:    user17.FullName,
+			AvatarURL:   user17.AvatarLink(),
+			Description: "",
+			Website:     "",
+			Location:    "",
+			Visibility:  "public",
+		},
 		{
 			ID:          3,
 			UserName:    user3.Name,
@ -82,8 +93,19 @@ func TestMyOrgs(t *testing.T) {
 	var orgs []*api.Organization
 	DecodeJSON(t, resp, &orgs)
 	user3 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user3"})
+	user17 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user17"})

 	assert.Equal(t, []*api.Organization{
+		{
+			ID:          17,
+			UserName:    user17.Name,
+			FullName:    user17.FullName,
+			AvatarURL:   user17.AvatarLink(),
+			Description: "",
+			Website:     "",
+			Location:    "",
+			Visibility:  "public",
+		},
 		{
 			ID:          3,
 			UserName:    user3.Name,
--- a/integrations/org_test.go
+++ b/integrations/org_test.go
@ -197,8 +197,8 @@ func TestOrgRestrictedUser(t *testing.T) {
 func TestTeamSearch(t *testing.T) {
 	defer prepareTestEnv(t)()

-	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
-	org := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3})
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 15})
+	org := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 17})

 	var results TeamSearchResults

@ -209,8 +209,9 @@ func TestTeamSearch(t *testing.T) {
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &results)
 	assert.NotEmpty(t, results.Data)
-	assert.Len(t, results.Data, 1)
-	assert.Equal(t, "test_team", results.Data[0].Name)
+	assert.Len(t, results.Data, 2)
+	assert.Equal(t, "review_team", results.Data[0].Name)
+	assert.Equal(t, "test_team", results.Data[1].Name)

 	// no access if not organization member
 	user5 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})