diff --git a/app/controllers/projects/environments_controller.rb b/app/controllers/projects/environments_controller.rb
index 1f5c7506212..58678f96879 100644
--- a/app/controllers/projects/environments_controller.rb
+++ b/app/controllers/projects/environments_controller.rb
@@ -2,7 +2,7 @@ class Projects::EnvironmentsController < Projects::ApplicationController
   layout 'project'
   before_action :authorize_read_environment!
   before_action :authorize_create_environment!, only: [:new, :create]
-  before_action :authorize_update_environment!, only: [:edit, :destroy]
+  before_action :authorize_update_environment!, only: [:edit, :update, :destroy]
   before_action :environment, only: [:show, :edit, :update, :destroy]
 
   def index
diff --git a/lib/api/environments.rb b/lib/api/environments.rb
index a50f007d697..819f80d8365 100644
--- a/lib/api/environments.rb
+++ b/lib/api/environments.rb
@@ -11,6 +11,10 @@ module API
         detail 'This feature was introduced in GitLab 8.11.'
         success Entities::Environment
       end
+      params do
+        optional :page,     type: Integer, desc: 'Page number of the current request'
+        optional :per_page, type: Integer, desc: 'Number of items per page'
+      end
       get ':id/environments' do
         authorize! :read_environment, user_project
 
@@ -51,7 +55,7 @@ module API
         authorize! :update_environment, user_project
 
         environment = user_project.environments.find(params[:environment_id])
-
+        
         update_params = declared(params, include_missing: false).extract!(:name, :external_url).to_h
         if environment.update(update_params)
           present environment, with: Entities::Environment
diff --git a/spec/requests/api/environments_spec.rb b/spec/requests/api/environments_spec.rb
index d315e456dda..05e57905343 100644
--- a/spec/requests/api/environments_spec.rb
+++ b/spec/requests/api/environments_spec.rb
@@ -14,6 +14,10 @@ describe API::API, api: true  do
 
   describe 'GET /projects/:id/environments' do
     context 'as member of the project' do
+      it_behaves_like 'a paginated resources' do
+        let(:request) { get api("/projects/#{project.id}/environments", user) }
+      end
+
       it 'returns project environments' do
         get api("/projects/#{project.id}/environments", user)
 
@@ -59,9 +63,13 @@ describe API::API, api: true  do
 
     context 'a non member' do
       it 'rejects the request' do
-        post api("/projects/#{project.id}/environments", non_member)
+        post api("/projects/#{project.id}/environments", non_member), name: 'gitlab.com'
 
-        expect(response).to have_http_status(400)
+        expect(response).to have_http_status(404)
+      end
+
+      it 'returns a 400 when the required params are missing' do
+        post api("/projects/12345/environments", non_member), external_url: 'http://env.git.com'
       end
     end
   end
@@ -109,5 +117,13 @@ describe API::API, api: true  do
         expect(json_response['message']).to eq('404 Not found')
       end
     end
+
+    context 'a non member' do
+      it 'rejects the request' do
+        delete api("/projects/#{project.id}/environments/#{environment.id}", non_member)
+
+        expect(response).to have_http_status(404)
+      end
+    end
   end
 end