kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Raise exception when user is not authorized

This commit is contained in:
Matija Čupić 2018-11-13 17:27:00 +01:00
parent 0bc14b4522
commit b7e5f73cd7
No known key found for this signature in database
GPG Key ID: 4BAF84FFACD2E5DE
2 changed files with 3 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/services/ci/destroy_pipeline_service.rb
View File

@ -3,7 +3,7 @@
module Ci module Ci
class DestroyPipelineService < BaseService class DestroyPipelineService < BaseService
def execute(pipeline) def execute(pipeline)
return false unless can?(current_user, :destroy_pipeline, pipeline) raise Gitlab::Access::AccessDeniedError unless can?(current_user, :destroy_pipeline, pipeline)
AuditEventService.new(current_user, pipeline).security_event AuditEventService.new(current_user, pipeline).security_event

10
spec/services/ci/destroy_pipeline_service_spec.rb
View File

@ -53,14 +53,8 @@ describe ::Ci::DestroyPipelineService do
context 'user is not owner' do context 'user is not owner' do
let(:user) { create(:user) } let(:user) { create(:user) }
it 'returns false' do it 'raises an exception' do
is_expected.to eq(false) expect { subject }.to raise_error(Gitlab::Access::AccessDeniedError)
end
it 'does not destroy the pipeline' do
subject
expect { pipeline.reload }.not_to raise_error
end end
end end
end end