Various APIv4 fixes (#5474)

api4/context.go

@@ -128,6 +128,8 @@ func (h handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	if utils.GetSiteURL() == "" {
 		protocol := app.GetProtocol(r)
 		c.SetSiteURL(protocol + "://" + r.Host)
+	} else {
+		c.SetSiteURL(utils.GetSiteURL())
 	}
 
 	w.Header().Set(model.HEADER_REQUEST_ID, c.RequestId)

api4/team.go

@@ -19,7 +19,7 @@ func InitTeam() {
 	BaseRoutes.TeamsForUser.Handle("", ApiSessionRequired(getTeamsForUser)).Methods("GET")
 
 	BaseRoutes.Team.Handle("", ApiSessionRequired(getTeam)).Methods("GET")
-	BaseRoutes.Team.Handle("/stats", ApiHandler(getTeamStats)).Methods("GET")
+	BaseRoutes.Team.Handle("/stats", ApiSessionRequired(getTeamStats)).Methods("GET")
 
 	BaseRoutes.TeamByName.Handle("", ApiSessionRequired(getTeamByName)).Methods("GET")
 	BaseRoutes.TeamMember.Handle("", ApiSessionRequired(getTeamMember)).Methods("GET")

api4/team_test.go

@@ -278,4 +278,8 @@ func TestGetTeamStats(t *testing.T) {
 	Client.Login(user.Email, user.Password)
 	_, resp = Client.GetTeamStats(th.BasicTeam.Id, "")
 	CheckForbiddenStatus(t, resp)
+
+	Client.Logout()
+	_, resp = Client.GetTeamStats(th.BasicTeam.Id, "")
+	CheckUnauthorizedStatus(t, resp)
 }