Merge branch 'api-internal-errors' into 'master'

Respond with full GitAccess error if user has project read access. Should help with debugging #1236. cc @marin See merge request !437
author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-03-25 04:16:45 +0000
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-03-25 04:16:45 +0000
commit: 8f3f6e9efbbacf5e52f98324944f644630da2f18 (patch)
tree: b8bd189a7dc4919a832eb583441d398b7294cb8c /lib/api
parent: d7aecf68e02cb9ac3b7e022aca60e15a65a62ac6 (diff)
parent: 4745424bd3b7f6e13e86ebf985977ad3268881e3 (diff)
download: gitlab-ce-8f3f6e9efbbacf5e52f98324944f644630da2f18.tar.gz
2 files changed, 20 insertions, 21 deletions
diff --git a/lib/api/internal.rb b/lib/api/internal.rb
index 753d0fcbd98..f98a17773e7 100644
--- a/lib/api/internal.rb
+++ b/lib/api/internal.rb
@@ -17,42 +17,40 @@ module API
       post "/allowed" do
         status 200
 
-        actor = if params[:key_id]
-                  Key.find_by(id: params[:key_id])
-                elsif params[:user_id]
-                  User.find_by(id: params[:user_id])
-                end
+        actor = 
+          if params[:key_id]
+            Key.find_by(id: params[:key_id])
+          elsif params[:user_id]
+            User.find_by(id: params[:user_id])
+          end
 
         unless actor
           return Gitlab::GitAccessStatus.new(false, 'No such user or key')
         end
 
         project_path = params[:project]
-
+        
         # Check for *.wiki repositories.
         # Strip out the .wiki from the pathname before finding the
         # project. This applies the correct project permissions to
         # the wiki repository as well.
-        access =
-          if project_path.end_with?('.wiki')
-            project_path.chomp!('.wiki')
-            Gitlab::GitAccessWiki.new
-          else
-            Gitlab::GitAccess.new
-          end
+        wiki = project_path.end_with?('.wiki')
+        project_path.chomp!('.wiki') if wiki
 
         project = Project.find_with_namespace(project_path)
 
         if project
-          status = access.check(
-            actor,
-            params[:action],
-            project,
-            params[:changes]
-          )
+          access =
+            if wiki
+              Gitlab::GitAccessWiki.new(actor, project)
+            else
+              Gitlab::GitAccess.new(actor, project)
+            end
+
+          status = access.check(params[:action], params[:changes])
         end
 
-        if project && status && status.allowed?
+        if project && access.can_read_project?
           status
         else
           Gitlab::GitAccessStatus.new(false, 'No such project')
diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb
index 25b7857f4b1..f3765f5ab03 100644
--- a/lib/api/merge_requests.rb
+++ b/lib/api/merge_requests.rb
@@ -178,7 +178,8 @@ module API
       put ":id/merge_request/:merge_request_id/merge" do
         merge_request = user_project.merge_requests.find(params[:merge_request_id])
 
-        allowed = ::Gitlab::GitAccess.can_push_to_branch?(current_user, user_project, merge_request.target_branch)
+        allowed = ::Gitlab::GitAccess.new(current_user, user_project).
+          can_push_to_branch?(merge_request.target_branch)
 
         if allowed
           if merge_request.unchecked?
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2015-03-25 04:16:45 +0000
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2015-03-25 04:16:45 +0000
commit	8f3f6e9efbbacf5e52f98324944f644630da2f18 (patch)
tree	b8bd189a7dc4919a832eb583441d398b7294cb8c /lib/api
parent	d7aecf68e02cb9ac3b7e022aca60e15a65a62ac6 (diff)
parent	4745424bd3b7f6e13e86ebf985977ad3268881e3 (diff)
download	gitlab-ce-8f3f6e9efbbacf5e52f98324944f644630da2f18.tar.gz