Skip to content

Commit df2a41b

Browse files
zeripathzeripath
committed
Add csrf to TestAPITeamSearch
Signed-off-by: Andrew Thornton <art27@cantab.net>
1 parent 2d9c8a3 commit df2a41b

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

integrations/api_team_test.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -144,7 +144,9 @@ func TestAPITeamSearch(t *testing.T) {
144144
var results TeamSearchResults
145145

146146
session := loginUser(t, user.Name)
147+
csrf := GetCSRF(t, session, "/"+org.Name)
147148
req := NewRequestf(t, "GET", "/api/v1/orgs/%s/teams/search?q=%s", org.Name, "_team")
149+
req.Header.Add("X-Csrf-Token", csrf)
148150
resp := session.MakeRequest(t, req, http.StatusOK)
149151
DecodeJSON(t, resp, &results)
150152
assert.NotEmpty(t, results.Data)
@@ -154,7 +156,9 @@ func TestAPITeamSearch(t *testing.T) {
154156
// no access if not organization member
155157
user5 := models.AssertExistsAndLoadBean(t, &models.User{ID: 5}).(*models.User)
156158
session = loginUser(t, user5.Name)
159+
csrf = GetCSRF(t, session, "/"+org.Name)
157160
req = NewRequestf(t, "GET", "/api/v1/orgs/%s/teams/search?q=%s", org.Name, "team")
161+
req.Header.Add("X-Csrf-Token", csrf)
158162
resp = session.MakeRequest(t, req, http.StatusForbidden)
159163

160164
}

0 commit comments

Comments
 (0)