Merge remote-tracking branch 'origin/master' into 14552-signup-password-leak14552-signup-password-leak

author: Timothy Andrew <mail@timothyandrew.net> 2016-04-18 09:41:20 +0530
committer: Timothy Andrew <mail@timothyandrew.net> 2016-04-18 09:41:20 +0530
commit: ed1be10087e0bffc9a9b4c27d9c7dc8dfba9b427 (patch)
tree: 50d5d18cb0ed09043711274ca4bf7fa9d1db2682 /lib/api/helpers.rb
parent: cfcd95b0c3c0c3699de8724e60cc2bce687a9132 (diff)
parent: e9f20f5922e9c365b4af14e53881a7bafba4139c (diff)
download: gitlab-ce-14552-signup-password-leak.tar.gz
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 4921ae99e78..5bbf721321d 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -91,8 +91,7 @@ module API
       if can?(current_user, :read_group, group)
         group
       else
-        forbidden!("#{current_user.username} lacks sufficient "\
-        "access to #{group.name}")
+        not_found!('Group')
       end
     end
 
@@ -241,6 +240,10 @@ module API
       render_api_error!('413 Request Entity Too Large', 413)
     end
 
+    def not_modified!
+      render_api_error!('304 Not Modified', 304)
+    end
+
     def render_validation_error!(model)
       if model.errors.any?
         render_api_error!(model.errors.messages || '400 Bad Request', 400)
author	Timothy Andrew <mail@timothyandrew.net>	2016-04-18 09:41:20 +0530
committer	Timothy Andrew <mail@timothyandrew.net>	2016-04-18 09:41:20 +0530
commit	ed1be10087e0bffc9a9b4c27d9c7dc8dfba9b427 (patch)
tree	50d5d18cb0ed09043711274ca4bf7fa9d1db2682 /lib/api/helpers.rb
parent	cfcd95b0c3c0c3699de8724e60cc2bce687a9132 (diff)
parent	e9f20f5922e9c365b4af14e53881a7bafba4139c (diff)
download	gitlab-ce-14552-signup-password-leak.tar.gz