Merge branch 'project-existence-leak' into 'master'

Don't leak information about private project existence via Git-over-SSH/HTTP.

Fixes #2040 and https://gitlab.com/gitlab-org/gitlab-ce/issues/343.

Both `Grack::Auth` (used by Git-over-HTTP) and `Api::Internal /allowed` (used by gitlab-shell/Git-over-SSH) now return a generic "Not Found" error when the project exists but the user doesn't have access to it.

See merge request !1578

0 files changed, 0 insertions, 0 deletions