Merge 088cffb688 into d45456b1b5

2025-01-04 09:17:43 +03:00 · 2024-12-30 17:59:49 +09:00 · 2024-12-30 17:59:49 +09:00 · bad5ec979e
commit bad5ec979e
parent d45456b1b5 088cffb688
11 changed files with 295 additions and 107 deletions
--- a/models/organization/team.go
+++ b/models/organization/team.go
@ -259,3 +259,8 @@ func IncrTeamRepoNum(ctx context.Context, teamID int64) error {
 	_, err := db.GetEngine(ctx).Incr("num_repos").ID(teamID).Update(new(Team))
 	return err
 }
 func UpdateTeam(ctx context.Context, t *Team, cols ...string) error {
 	_, err := db.GetEngine(ctx).ID(t.ID).Cols(cols...).Update(t)
 	return err
 }
--- a/models/organization/team_fix.go
+++ b/models/organization/team_fix.go
@ -0,0 +1,72 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 package organization
 import (
 	"context"
 	"strings"
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/perm"
 	"code.gitea.io/gitea/models/unit"
 	"xorm.io/builder"
 )
 // CountInconsistentOwnerTeams returns the amount of owner teams that any of
 // their access modes not set to the right value. For external trackers and external wikis
 // it should be Read and otherwise it should be Owner.
 func CountInconsistentOwnerTeams(ctx context.Context) (int64, error) {
 	cnt1, err := db.GetEngine(ctx).Table("team").
 		Join("INNER", "team_unit", "`team`.id = `team_unit`.team_id").
 		Where("`team`.lower_name = ?", strings.ToLower(OwnerTeamName)).
 		And(builder.Or(builder.Eq{"`team_unit`.`type`": unit.TypeExternalTracker}, builder.Eq{"`team_unit`.`type`": unit.TypeExternalWiki})).
 		And("`team_unit`.`access_mode` <> ?", perm.AccessModeRead).
 		GroupBy("`team`.`id`").
 		Count()
 	if err != nil {
 		return 0, err
 	}
 	cnt2, err := db.GetEngine(ctx).Table("team").
 		Join("INNER", "team_unit", "`team`.id = `team_unit`.team_id").
 		Where("`team`.lower_name = ?", strings.ToLower(OwnerTeamName)).
 		And(builder.And(builder.Neq{"`team_unit`.`type`": unit.TypeExternalTracker}, builder.Neq{"`team_unit`.`type`": unit.TypeExternalWiki})).
 		And("`team_unit`.`access_mode` <> ?", perm.AccessModeOwner).
 		GroupBy("`team_unit`.team_id").
 		Count()
 	if err != nil {
 		return 0, err
 	}
 	return cnt1 + cnt2, nil
 }
 // FixInconsistentOwnerTeams fixes inconsistent owner teams that  of
 // their access modes not set to the right value. For external trackers and external wikis
 // it should be Read and otherwise it should be Owner.
 func FixInconsistentOwnerTeams(ctx context.Context) (int64, error) {
 	subQuery := builder.Select("id").From("team").Where(builder.Eq{"lower_name": strings.ToLower(OwnerTeamName)})
 	updated1, err := db.GetEngine(ctx).Table("team_unit").
 		Where(builder.Or(builder.Eq{"`team_unit`.`type`": unit.TypeExternalTracker}, builder.Eq{"`team_unit`.`type`": unit.TypeExternalWiki})).
 		In("team_id", subQuery).
 		Cols("access_mode").
 		Update(&TeamUnit{
 			AccessMode: perm.AccessModeRead,
 		})
 	if err != nil {
 		return 0, err
 	}
 	updated2, err := db.GetEngine(ctx).Table("team_unit").
 		Where(builder.And(builder.Neq{"`team_unit`.`type`": unit.TypeExternalTracker}, builder.Neq{"`team_unit`.`type`": unit.TypeExternalWiki})).
 		In("team_id", subQuery).
 		Cols("access_mode").
 		Update(&TeamUnit{
 			AccessMode: perm.AccessModeOwner,
 		})
 	if err != nil {
 		return 0, err
 	}
 	return updated1 + updated2, nil
 }
--- a/routers/api/v1/org/team.go
+++ b/routers/api/v1/org/team.go
@ -293,45 +293,46 @@ func EditTeam(ctx *context.APIContext) {
 		team.CanCreateOrgRepo = team.IsOwnerTeam() || *form.CanCreateOrgRepo
 	}
 	teamName := team.Name
 	if len(form.Name) > 0 {
-		team.Name = form.Name
+		teamName = form.Name
 	}
 	description := team.Description
 	if form.Description != nil {
-		team.Description = *form.Description
+		description = *form.Description
 	}
-	isAuthChanged := false
+	includeAllRepos := team.IncludesAllRepositories
-	isIncludeAllChanged := false
+	if form.IncludesAllRepositories != nil {
-	if !team.IsOwnerTeam() && len(form.Permission) != 0 {
+		includeAllRepos = *form.IncludesAllRepositories
 		// Validate permission level.
 		p := perm.ParseAccessMode(form.Permission)
 		if p < perm.AccessModeAdmin && len(form.UnitsMap) > 0 {
 			p = unit_model.MinUnitAccessMode(convertUnitsMap(form.UnitsMap))
 		}
 		if team.AccessMode != p {
 			isAuthChanged = true
 			team.AccessMode = p
 		}
 		if form.IncludesAllRepositories != nil {
 			isIncludeAllChanged = true
 			team.IncludesAllRepositories = *form.IncludesAllRepositories
 		}
 	}
 	canCreateOrgRepo := team.CanCreateOrgRepo
 	if form.CanCreateOrgRepo != nil {
 		canCreateOrgRepo = *form.CanCreateOrgRepo
 	}
 	unitPerms := make(map[unit_model.Type]perm.AccessMode)
 	if team.AccessMode < perm.AccessModeAdmin {
 		if len(form.UnitsMap) > 0 {
-			attachTeamUnitsMap(team, form.UnitsMap)
+			unitPerms = convertUnitsMap(form.UnitsMap)
 		} else if len(form.Units) > 0 {
 			attachTeamUnits(team, form.Units)
 		}
 	} else {
 		attachAdminTeamUnits(team)
 	}
-	if err := org_service.UpdateTeam(ctx, team, isAuthChanged, isIncludeAllChanged); err != nil {
+	isAdmin := team.AccessMode == perm.AccessModeAdmin
 	if form.Permission != "" && form.Permission == "admin" {
 		isAdmin = true
 	}
 	if err := org_service.UpdateTeam(ctx, team, org_service.UpdateTeamOptions{
 		TeamName:                teamName,
 		Description:             description,
 		IsAdmin:                 isAdmin,
 		IncludesAllRepositories: includeAllRepos,
 		CanCreateOrgRepo:        canCreateOrgRepo,
 		UnitPerms:               unitPerms,
 	}); err != nil {
 		ctx.Error(http.StatusInternalServerError, "EditTeam", err)
 		return
 	}
--- a/routers/web/org/teams.go
+++ b/routers/web/org/teams.go
@ -485,61 +485,26 @@ func EditTeam(ctx *context.Context) {
 func EditTeamPost(ctx *context.Context) {
 	form := web.GetForm(ctx).(*forms.CreateTeamForm)
 	t := ctx.Org.Team
-	newAccessMode := perm.ParseAccessMode(form.Permission)
+	unitPerms := getUnitPerms(ctx.Req.Form, perm.ParseAccessMode(form.Permission))
 	unitPerms := getUnitPerms(ctx.Req.Form, newAccessMode)
 	if newAccessMode < perm.AccessModeAdmin {
 		// if newAccessMode is less than admin accessmode, then it should be general accessmode,
 		// so we should calculate the minial accessmode from units accessmodes.
 		newAccessMode = unit_model.MinUnitAccessMode(unitPerms)
 	}
 	isAuthChanged := false
 	isIncludeAllChanged := false
 	includesAllRepositories := form.RepoAccess == "all"
 	ctx.Data["Title"] = ctx.Org.Organization.FullName
 	ctx.Data["PageIsOrgTeams"] = true
 	ctx.Data["Team"] = t
 	ctx.Data["Units"] = unit_model.Units
 	if !t.IsOwnerTeam() {
 		t.Name = form.TeamName
 		if t.AccessMode != newAccessMode {
 			isAuthChanged = true
 			t.AccessMode = newAccessMode
 		}
 		if t.IncludesAllRepositories != includesAllRepositories {
 			isIncludeAllChanged = true
 			t.IncludesAllRepositories = includesAllRepositories
 		}
 		t.CanCreateOrgRepo = form.CanCreateOrgRepo
 	} else {
 		t.CanCreateOrgRepo = true
 	}
 	t.Description = form.Description
 	units := make([]*org_model.TeamUnit, 0, len(unitPerms))
 	for tp, perm := range unitPerms {
 		units = append(units, &org_model.TeamUnit{
 			OrgID:      t.OrgID,
 			TeamID:     t.ID,
 			Type:       tp,
 			AccessMode: perm,
 		})
 	}
 	t.Units = units
 	if ctx.HasError() {
 		ctx.HTML(http.StatusOK, tplTeamNew)
 		return
 	}
 	if t.AccessMode < perm.AccessModeAdmin && len(unitPerms) == 0 {
 		ctx.RenderWithErr(ctx.Tr("form.team_no_units_error"), tplTeamNew, &form)
 		return
 	}
-	if err := org_service.UpdateTeam(ctx, t, isAuthChanged, isIncludeAllChanged); err != nil {
+	if err := org_service.UpdateTeam(ctx, t, org_service.UpdateTeamOptions{
 		TeamName:                form.TeamName,
 		Description:             form.Description,
 		IsAdmin:                 form.Permission == "admin",
 		IncludesAllRepositories: form.RepoAccess == "all",
 		CanCreateOrgRepo:        form.CanCreateOrgRepo,
 		UnitPerms:               unitPerms,
 	}); err != nil {
 		ctx.Data["Err_TeamName"] = true
 		switch {
 		case org_model.IsErrTeamAlreadyExist(err):
--- a/services/doctor/dbconsistency.go
+++ b/services/doctor/dbconsistency.go
@ -11,6 +11,7 @@ import (
 	"code.gitea.io/gitea/models/db"
 	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/models/migrations"
 	org_model "code.gitea.io/gitea/models/organization"
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
@ -164,6 +165,12 @@ func prepareDBConsistencyChecks() []consistencyCheck {
 			Fixer:        repo_model.DeleteOrphanedTopics,
 			FixedMessage: "Removed",
 		},
 		{
 			Name:         "Owner teams with wrong admin access unit",
 			Counter:      org_model.CountInconsistentOwnerTeams,
 			Fixer:        org_model.FixInconsistentOwnerTeams,
 			FixedMessage: "Fixed",
 		},
 	}
 	// TODO: function to recalc all counters
--- a/services/doctor/fix8312.go
+++ b/services/doctor/fix8312.go
@ -10,7 +10,6 @@ import (
 	org_model "code.gitea.io/gitea/models/organization"
 	"code.gitea.io/gitea/models/perm"
 	"code.gitea.io/gitea/modules/log"
 	org_service "code.gitea.io/gitea/services/org"
 	"xorm.io/builder"
 )
@ -29,7 +28,7 @@ func fixOwnerTeamCreateOrgRepo(ctx context.Context, logger log.Logger, autofix b
 				return nil
 			}
-			return org_service.UpdateTeam(ctx, team, false, false)
+			return org_model.UpdateTeam(ctx, team, "can_create_org_repo")
 		},
 	)
 	if err != nil {
--- a/services/forms/org.go
+++ b/services/forms/org.go
@ -53,19 +53,12 @@ func (f *UpdateOrgSettingForm) Validate(req *http.Request, errs binding.Errors)
 	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
 }
 // ___________
 // \__    ___/___ _____    _____
 //   |    |_/ __ \\__  \  /     \
 //   |    |\  ___/ / __ \|  Y Y  \
 //   |____| \___  >____  /__|_|  /
 //              \/     \/      \/
 // CreateTeamForm form for creating team
 type CreateTeamForm struct {
 	TeamName         string `binding:"Required;AlphaDashDot;MaxSize(255)"`
 	Description      string `binding:"MaxSize(255)"`
-	Permission       string
+	Permission       string `binding:"Required;In(,read,write,admin)"`
-	RepoAccess       string
+	RepoAccess       string `binding:"Required;In(specified, all)"`
 	CanCreateOrgRepo bool
 }
--- a/services/org/team.go
+++ b/services/org/team.go
@ -12,8 +12,10 @@ import (
 	git_model "code.gitea.io/gitea/models/git"
 	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/models/organization"
 	"code.gitea.io/gitea/models/perm"
 	access_model "code.gitea.io/gitea/models/perm/access"
 	repo_model "code.gitea.io/gitea/models/repo"
 	unit_model "code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
@ -89,12 +91,88 @@ func NewTeam(ctx context.Context, t *organization.Team) (err error) {
 	return committer.Commit()
 }
 type UpdateTeamOptions struct {
 	TeamName                string
 	Description             string
 	IsAdmin                 bool
 	IncludesAllRepositories bool
 	CanCreateOrgRepo        bool
 	UnitPerms               map[unit_model.Type]perm.AccessMode
 }
 func UpdateTeam(ctx context.Context, team *organization.Team, opts UpdateTeamOptions) error {
 	var changedCols []string
 	newAccessMode := team.AccessMode
 	if opts.IsAdmin {
 		newAccessMode = perm.AccessModeAdmin
 	} else if len(opts.UnitPerms) > 0 {
 		// if newAccessMode is less than admin accessmode, then it should be general accessmode,
 		// so we should calculate the minial accessmode from units accessmodes.
 		newAccessMode = unit_model.MinUnitAccessMode(opts.UnitPerms)
 	}
 	if !team.IsOwnerTeam() {
 		if team.Name != opts.TeamName {
 			team.Name = opts.TeamName
 			team.LowerName = strings.ToLower(opts.TeamName)
 			changedCols = append(changedCols, "name", "lower_name")
 		}
 		if team.AccessMode != newAccessMode {
 			team.AccessMode = newAccessMode
 			changedCols = append(changedCols, "authorize")
 		}
 		if team.IncludesAllRepositories != opts.IncludesAllRepositories {
 			team.IncludesAllRepositories = opts.IncludesAllRepositories
 			changedCols = append(changedCols, "includes_all_repositories")
 		}
 		if len(opts.UnitPerms) > 0 {
 			units := make([]*organization.TeamUnit, 0, len(opts.UnitPerms))
 			for tp, perm := range opts.UnitPerms {
 				units = append(units, &organization.TeamUnit{
 					OrgID:      team.OrgID,
 					TeamID:     team.ID,
 					Type:       tp,
 					AccessMode: perm,
 				})
 			}
 			team.Units = units
 			changedCols = append(changedCols, "units")
 		}
 		if team.CanCreateOrgRepo != opts.CanCreateOrgRepo {
 			team.CanCreateOrgRepo = opts.CanCreateOrgRepo
 			changedCols = append(changedCols, "can_create_org_repo")
 		}
 	} else { // make the possible legacy data correct, we force to update these fields
 		team.CanCreateOrgRepo = true
 		team.IncludesAllRepositories = true
 		changedCols = append(changedCols, "can_create_org_repo", "includes_all_repositories")
 	}
 	if team.Description != opts.Description {
 		changedCols = append(changedCols, "description")
 		team.Description = opts.Description
 	}
 	return organization.UpdateTeam(ctx, team, changedCols...)
 }
 // UpdateTeam updates information of team.
-func UpdateTeam(ctx context.Context, t *organization.Team, authChanged, includeAllChanged bool) (err error) {
+/*func UpdateTeam(ctx context.Context, t *organization.Team, updateCols ...string) (err error) {
 	if len(t.Name) == 0 {
 		return util.NewInvalidArgumentErrorf("empty team name")
 	}
 	if slices.Contains(updateCols, "name") && !slices.Contains(updateCols, "lower_name") {
 		t.LowerName = strings.ToLower(t.Name)
 		updateCols = append(updateCols, "lower_name")
 	}
 	authChanged := slices.Contains(updateCols, "authorize")
 	includeAllChanged := slices.Contains(updateCols, "includes_all_repositories")
 	if len(t.Description) > 255 {
 		t.Description = t.Description[:255]
 	}
@ -118,13 +196,12 @@ func UpdateTeam(ctx context.Context, t *organization.Team, authChanged, includeA
 	}
 	sess := db.GetEngine(ctx)
-	if _, err = sess.ID(t.ID).Cols("name", "lower_name", "description",
+	if _, err = sess.ID(t.ID).Cols(updateCols...).Update(t); err != nil {
 		"can_create_org_repo", "authorize", "includes_all_repositories").Update(t); err != nil {
 		return fmt.Errorf("update: %w", err)
 	}
 	// update units for team
-	if len(t.Units) > 0 {
+	if slices.Contains(updateCols, "units") {
 		for _, unit := range t.Units {
 			unit.TeamID = t.ID
 		}
@ -164,7 +241,7 @@ func UpdateTeam(ctx context.Context, t *organization.Team, authChanged, includeA
 	}
 	return committer.Commit()
-}
+}*/
 // DeleteTeam deletes given team.
 // It's caller's responsibility to assign organization ID.
--- a/services/org/team_test.go
+++ b/services/org/team_test.go
@ -78,11 +78,14 @@ func TestUpdateTeam(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 	team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 2})
 	team.LowerName = "newname"
 	team.Name = "newName"
 	team.Description = strings.Repeat("A long description!", 100)
 	team.AccessMode = perm.AccessModeAdmin
-	assert.NoError(t, UpdateTeam(db.DefaultContext, team, true, false))
+	assert.NoError(t, UpdateTeam(db.DefaultContext, team, UpdateTeamOptions{
 		TeamName:    "name",
 		Description: "description",
 		IsAdmin:     true,
 	}))
 	team = unittest.AssertExistsAndLoadBean(t, &organization.Team{Name: "newName"})
 	assert.True(t, strings.HasPrefix(team.Description, "A long description!"))
@ -101,7 +104,10 @@ func TestUpdateTeam2(t *testing.T) {
 	team.LowerName = "owners"
 	team.Name = "Owners"
 	team.Description = strings.Repeat("A long description!", 100)
-	err := UpdateTeam(db.DefaultContext, team, true, false)
+	err := UpdateTeam(db.DefaultContext, team, UpdateTeamOptions{
 		TeamName:    "name",
 		Description: "description",
 	})
 	assert.True(t, organization.IsErrTeamAlreadyExist(err))
 	unittest.CheckConsistencyFor(t, &organization.Team{ID: team.ID})
@ -280,7 +286,10 @@ func TestIncludesAllRepositoriesTeams(t *testing.T) {
 	teams[4].IncludesAllRepositories = true
 	teamRepos[4] = repoIDs
 	for i, team := range teams {
-		assert.NoError(t, UpdateTeam(db.DefaultContext, team, false, true), "%s: UpdateTeam", team.Name)
+		assert.NoError(t, UpdateTeam(db.DefaultContext, team, UpdateTeamOptions{
 			IncludesAllRepositories: false,
 			CanCreateOrgRepo:        true,
 		}), "%s: UpdateTeam", team.Name)
 		testTeamRepositories(team.ID, teamRepos[i])
 	}
--- a/tests/integration/api_team_test.go
+++ b/tests/integration/api_team_test.go
@ -11,7 +11,7 @@ import (
 	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/db"
-	"code.gitea.io/gitea/models/organization"
+	org_model "code.gitea.io/gitea/models/organization"
 	"code.gitea.io/gitea/models/perm"
 	"code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unit"
@ -27,9 +27,9 @@ import (
 func TestAPITeam(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
-	teamUser := unittest.AssertExistsAndLoadBean(t, &organization.TeamUser{ID: 1})
+	teamUser := unittest.AssertExistsAndLoadBean(t, &org_model.TeamUser{ID: 1})
-	team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: teamUser.TeamID})
+	team := unittest.AssertExistsAndLoadBean(t, &org_model.Team{ID: teamUser.TeamID})
-	org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: teamUser.OrgID})
+	org := unittest.AssertExistsAndLoadBean(t, &org_model.Organization{ID: teamUser.OrgID})
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: teamUser.UID})
 	session := loginUser(t, user.Name)
@ -42,10 +42,11 @@ func TestAPITeam(t *testing.T) {
 	DecodeJSON(t, resp, &apiTeam)
 	assert.EqualValues(t, team.ID, apiTeam.ID)
 	assert.Equal(t, team.Name, apiTeam.Name)
 	assert.Equal(t, team.Description, apiTeam.Description)
 	assert.EqualValues(t, convert.ToOrganization(db.DefaultContext, org), apiTeam.Organization)
 	// non team member user will not access the teams details
-	teamUser2 := unittest.AssertExistsAndLoadBean(t, &organization.TeamUser{ID: 3})
+	teamUser2 := unittest.AssertExistsAndLoadBean(t, &org_model.TeamUser{ID: 3})
 	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: teamUser2.UID})
 	session = loginUser(t, user2.Name)
@ -59,10 +60,30 @@ func TestAPITeam(t *testing.T) {
 	// Get an admin user able to create, update and delete teams.
 	user = unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
 	org = unittest.AssertExistsAndLoadBean(t, &org_model.Organization{ID: 6})
 	session = loginUser(t, user.Name)
 	token = getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteOrganization)
-	org = unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 6})
+	// edit owner team
 	editDescription := "this is owner team"
 	editFalse := false
 	teamToEdit := &api.EditTeamOption{
 		Name:                    "not_owner_team", // should be ignored
 		Description:             &editDescription,
 		Permission:              "admin",                                              // should be ignored
 		IncludesAllRepositories: &editFalse,                                           // should be ignored
 		Units:                   []string{"repo.code", "repo.pulls", "repo.releases"}, // should be ignored
 	}
 	req = NewRequestWithJSON(t, "PATCH", fmt.Sprintf("/api/v1/teams/%d", team.ID), teamToEdit).
 		AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 	apiTeam = api.Team{}
 	DecodeJSON(t, resp, &apiTeam)
 	checkTeamResponse(t, "Edit Owner Team", &apiTeam, org_model.OwnerTeamName, *teamToEdit.Description, true,
 		"owner", unit.AllUnitKeyNames(), nil)
 	checkTeamBean(t, apiTeam.ID, org_model.OwnerTeamName, *teamToEdit.Description, true,
 		"owner", unit.AllUnitKeyNames(), nil)
 	// Create team.
 	teamToCreate := &api.CreateTeamOption{
@ -84,9 +105,9 @@ func TestAPITeam(t *testing.T) {
 	teamID := apiTeam.ID
 	// Edit team.
-	editDescription := "team 1"
+	editDescription = "team 1"
-	editFalse := false
+	editFalse = false
-	teamToEdit := &api.EditTeamOption{
+	teamToEdit = &api.EditTeamOption{
 		Name:                    "teamone",
 		Description:             &editDescription,
 		Permission:              "admin",
@ -118,7 +139,7 @@ func TestAPITeam(t *testing.T) {
 		teamToEdit.Permission, unit.AllUnitKeyNames(), nil)
 	// Read team.
-	teamRead := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: teamID})
+	teamRead := unittest.AssertExistsAndLoadBean(t, &org_model.Team{ID: teamID})
 	assert.NoError(t, teamRead.LoadUnits(db.DefaultContext))
 	req = NewRequestf(t, "GET", "/api/v1/teams/%d", teamID).
 		AddTokenAuth(token)
@ -132,7 +153,7 @@ func TestAPITeam(t *testing.T) {
 	req = NewRequestf(t, "DELETE", "/api/v1/teams/%d", teamID).
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNoContent)
-	unittest.AssertNotExistsBean(t, &organization.Team{ID: teamID})
+	unittest.AssertNotExistsBean(t, &org_model.Team{ID: teamID})
 	// create team again via UnitsMap
 	// Create team.
@ -189,7 +210,7 @@ func TestAPITeam(t *testing.T) {
 		"read", nil, teamToEdit.UnitsMap)
 	// Read team.
-	teamRead = unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: teamID})
+	teamRead = unittest.AssertExistsAndLoadBean(t, &org_model.Team{ID: teamID})
 	req = NewRequestf(t, "GET", "/api/v1/teams/%d", teamID).
 		AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
@ -203,7 +224,7 @@ func TestAPITeam(t *testing.T) {
 	req = NewRequestf(t, "DELETE", "/api/v1/teams/%d", teamID).
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNoContent)
-	unittest.AssertNotExistsBean(t, &organization.Team{ID: teamID})
+	unittest.AssertNotExistsBean(t, &org_model.Team{ID: teamID})
 	// Create admin team
 	teamToCreate = &api.CreateTeamOption{
@ -222,7 +243,7 @@ func TestAPITeam(t *testing.T) {
 		if ut == unit.TypeExternalTracker || ut == unit.TypeExternalWiki {
 			up = perm.AccessModeRead
 		}
-		unittest.AssertExistsAndLoadBean(t, &organization.TeamUnit{
+		unittest.AssertExistsAndLoadBean(t, &org_model.TeamUnit{
 			OrgID:      org.ID,
 			TeamID:     apiTeam.ID,
 			Type:       ut,
@ -235,7 +256,7 @@ func TestAPITeam(t *testing.T) {
 	req = NewRequestf(t, "DELETE", "/api/v1/teams/%d", teamID).
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNoContent)
-	unittest.AssertNotExistsBean(t, &organization.Team{ID: teamID})
+	unittest.AssertNotExistsBean(t, &org_model.Team{ID: teamID})
 }
 func checkTeamResponse(t *testing.T, testName string, apiTeam *api.Team, name, description string, includesAllRepositories bool, permission string, units []string, unitsMap map[string]string) {
@ -256,7 +277,7 @@ func checkTeamResponse(t *testing.T, testName string, apiTeam *api.Team, name, d
 }
 func checkTeamBean(t *testing.T, id int64, name, description string, includesAllRepositories bool, permission string, units []string, unitsMap map[string]string) {
-	team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: id})
+	team := unittest.AssertExistsAndLoadBean(t, &org_model.Team{ID: id})
 	assert.NoError(t, team.LoadUnits(db.DefaultContext), "LoadUnits")
 	apiTeam, err := convert.ToTeam(db.DefaultContext, team)
 	assert.NoError(t, err)
@ -299,7 +320,7 @@ func TestAPIGetTeamRepo(t *testing.T) {
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 15})
 	teamRepo := unittest.AssertExistsAndLoadBean(t, &repo.Repository{ID: 24})
-	team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 5})
+	team := unittest.AssertExistsAndLoadBean(t, &org_model.Team{ID: 5})
 	var results api.Repository
--- a/tests/integration/org_test.go
+++ b/tests/integration/org_test.go
@ -10,6 +10,9 @@ import (
 	"testing"
 	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/db"
 	org_model "code.gitea.io/gitea/models/organization"
 	"code.gitea.io/gitea/models/perm"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	api "code.gitea.io/gitea/modules/structs"
@ -218,3 +221,39 @@ func TestTeamSearch(t *testing.T) {
 	req = NewRequestf(t, "GET", "/org/%s/teams/-/search?q=%s", org.Name, "team")
 	session.MakeRequest(t, req, http.StatusNotFound)
 }
 func TestOwnerTeamsEdit(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 	user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
 	org := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3, Type: user_model.UserTypeOrganization})
 	session := loginUser(t, user1.Name)
 	team := unittest.AssertExistsAndLoadBean(t, &org_model.Team{OrgID: org.ID, Name: org_model.OwnerTeamName})
 	assert.EqualValues(t, perm.AccessModeOwner, team.AccessMode)
 	assert.EqualValues(t, "", team.Description)
 	assert.NoError(t, team.LoadUnits(db.DefaultContext))
 	assert.EqualValues(t, 7, len(team.Units))
 	for _, unit := range team.Units {
 		assert.EqualValues(t, perm.AccessModeOwner, unit.AccessMode)
 	}
 	req := NewRequestWithValues(t, "POST", fmt.Sprintf("/org/%s/teams/owners/edit", org.Name), map[string]string{
 		"_csrf":       GetUserCSRFToken(t, session),
 		"team_name":   "Not Owners", // This change should be ignored
 		"description": "Just a description",
 	})
 	session.MakeRequest(t, req, http.StatusSeeOther)
 	// reload team
 	team = unittest.AssertExistsAndLoadBean(t, &org_model.Team{ID: team.ID})
 	assert.EqualValues(t, perm.AccessModeOwner, team.AccessMode)
 	assert.EqualValues(t, org_model.OwnerTeamName, team.Name)
 	assert.EqualValues(t, "Just a description", team.Description)
 	assert.NoError(t, team.LoadUnits(db.DefaultContext))
 	assert.EqualValues(t, 7, len(team.Units))
 	for _, unit := range team.Units {
 		assert.EqualValues(t, perm.AccessModeOwner, unit.AccessMode)
 	}
 }