Give ProjectNotFound when the project is not readable

This commit is contained in:
Lin Jen-Shin 2016-05-18 17:57:14 -05:00
parent e7a6d17b2b
commit a7c823a573
3 changed files with 3 additions and 6 deletions

View file

@ -25,7 +25,7 @@ module Gitlab
def validate_permission!(permission) def validate_permission!(permission)
raise UserNotFoundError unless author raise UserNotFoundError unless author
raise UserBlockedError if author.blocked? raise UserBlockedError if author.blocked?
# TODO: Give project not found error if author cannot read project raise ProjectNotFound unless author.can?(:read_project, project)
raise UserNotAuthorizedError unless author.can?(permission, project) raise UserNotAuthorizedError unless author.can?(permission, project)
end end

View file

@ -10,9 +10,6 @@ module Gitlab
end end
def execute def execute
# Must be private project without access
raise ProjectNotFound unless author.can?(:read_project, project)
validate_permission!(:create_issue) validate_permission!(:create_issue)
validate_authentication_token! validate_authentication_token!

View file

@ -88,8 +88,8 @@ describe Gitlab::Email::Receiver, lib: true do
project.update_attribute(:visibility_level, Project::PRIVATE) project.update_attribute(:visibility_level, Project::PRIVATE)
end end
it "raises a UserNotAuthorizedError" do it "raises a ProjectNotFound" do
expect { receiver.execute }.to raise_error(Gitlab::Email::UserNotAuthorizedError) expect { receiver.execute }.to raise_error(Gitlab::Email::ProjectNotFound)
end end
end end