Improve permission check of packages (#23879)

At first, we have one unified team unit permission which is called
`Team.Authorize` in DB.
But since https://github.com/go-gitea/gitea/pull/17811, we allowed
different units to have different permission.

The old code is only designed for the old version. So after #17811, if
org users have write permission of other units, but have no permission
of packages, they can also get write permission of packages.

Co-authored-by: delvh <dev.lh@web.de>

models/fixtures/org_user.yml

@@ -75,3 +75,9 @@
   uid: 31
   org_id: 19
   is_public: true
+
+-
+  id: 14
+  uid: 5
+  org_id: 23
+  is_public: false

models/fixtures/team.yml

@@ -172,4 +172,15 @@
   num_repos: 0
   num_members: 0
   includes_all_repositories: false
-  can_create_org_repo: true
+  can_create_org_repo: true
+
+-
+  id: 17
+  org_id: 23
+  lower_name: team14writeauth
+  name: team14WriteAuth
+  authorize: 2 # write
+  num_repos: 0
+  num_members: 1
+  includes_all_repositories: false
+  can_create_org_repo: true

models/fixtures/team_unit.yml

@@ -268,3 +268,9 @@
   team_id: 9
   type: 1 # code
   access_mode: 1
+
+-
+  id: 46
+  team_id: 17
+  type: 9 # package
+  access_mode: 0

models/fixtures/team_user.yml

@@ -99,3 +99,9 @@
   org_id: 3
   team_id: 14
   uid: 2
+
+-
+  id: 18
+  org_id: 23
+  team_id: 17
+  uid: 5

models/fixtures/user.yml

@@ -844,8 +844,8 @@
   num_following: 0
   num_stars: 0
   num_repos: 2
-  num_teams: 1
-  num_members: 0
+  num_teams: 2
+  num_members: 1
   visibility: 2
   repo_admin_change_team_access: false
   theme: ""