From 9fcc4e67f589008d7c44097f5cf08438c09c3c05 Mon Sep 17 00:00:00 2001
From: Sofia Papagiannaki <sofia@grafana.com>
Date: Wed, 24 Jul 2019 13:48:49 +0300
Subject: [PATCH] Fix CreateTeam api endpoint

No team member should be created for requests
authenticated by API tokens.
---
 pkg/api/team.go              | 2 +-
 pkg/middleware/middleware.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkg/api/team.go b/pkg/api/team.go
index ecfd8028c1b..53750ee3493 100644
--- a/pkg/api/team.go
+++ b/pkg/api/team.go
@@ -23,7 +23,7 @@ func (hs *HTTPServer) CreateTeam(c *m.ReqContext, cmd m.CreateTeamCommand) Respo
 		return Error(500, "Failed to create Team", err)
 	}
 
-	if c.OrgRole == m.ROLE_EDITOR && hs.Cfg.EditorsCanAdmin {
+	if c.OrgRole == m.ROLE_EDITOR && hs.Cfg.EditorsCanAdmin && !c.SignedInUser.IsAnonymous {
 		addMemberCmd := m.AddTeamMemberCommand{
 			UserId:     c.SignedInUser.UserId,
 			OrgId:      cmd.OrgId,
diff --git a/pkg/middleware/middleware.go b/pkg/middleware/middleware.go
index d4a0b2da2aa..15b2b2151ed 100644
--- a/pkg/middleware/middleware.go
+++ b/pkg/middleware/middleware.go
@@ -132,7 +132,7 @@ func initContextWithApiKey(ctx *models.ReqContext) bool {
 	}
 
 	ctx.IsSignedIn = true
-	ctx.SignedInUser = &models.SignedInUser{}
+	ctx.SignedInUser = &models.SignedInUser{IsAnonymous: true}
 	ctx.OrgRole = apikey.Role
 	ctx.ApiKeyId = apikey.Id
 	ctx.OrgId = apikey.OrgId