Raise exception when user is not authorized
This commit is contained in:
parent
0bc14b4522
commit
b7e5f73cd7
|
@ -3,7 +3,7 @@
|
||||||
module Ci
|
module Ci
|
||||||
class DestroyPipelineService < BaseService
|
class DestroyPipelineService < BaseService
|
||||||
def execute(pipeline)
|
def execute(pipeline)
|
||||||
return false unless can?(current_user, :destroy_pipeline, pipeline)
|
raise Gitlab::Access::AccessDeniedError unless can?(current_user, :destroy_pipeline, pipeline)
|
||||||
|
|
||||||
AuditEventService.new(current_user, pipeline).security_event
|
AuditEventService.new(current_user, pipeline).security_event
|
||||||
|
|
||||||
|
|
|
@ -53,14 +53,8 @@ describe ::Ci::DestroyPipelineService do
|
||||||
context 'user is not owner' do
|
context 'user is not owner' do
|
||||||
let(:user) { create(:user) }
|
let(:user) { create(:user) }
|
||||||
|
|
||||||
it 'returns false' do
|
it 'raises an exception' do
|
||||||
is_expected.to eq(false)
|
expect { subject }.to raise_error(Gitlab::Access::AccessDeniedError)
|
||||||
end
|
|
||||||
|
|
||||||
it 'does not destroy the pipeline' do
|
|
||||||
subject
|
|
||||||
|
|
||||||
expect { pipeline.reload }.not_to raise_error
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue