diff options
| author | jubianchi <contact@jubianchi.fr> | 2015-01-30 10:46:08 +0100 |
|---|---|---|
| committer | jubianchi <contact@jubianchi.fr> | 2015-02-03 13:42:38 +0100 |
| commit | 4e97f26649a7756bef843fca74e3c58eadd117e1 (patch) | |
| tree | 3df8a8967811007ca81c863d09e2767799479829 /lib | |
| parent | a073e00ab41b5fa4979b021b55cf184ffc104fb9 (diff) | |
| download | gitlab-ce-4e97f26649a7756bef843fca74e3c58eadd117e1.tar.gz | |
Acces groups with their path in API
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/api/group_members.rb | 16 | ||||
| -rw-r--r-- | lib/api/groups.rb | 16 | ||||
| -rw-r--r-- | lib/api/helpers.rb | 25 |
3 files changed, 23 insertions, 34 deletions
diff --git a/lib/api/group_members.rb b/lib/api/group_members.rb index d596517c816..4373070083a 100644 --- a/lib/api/group_members.rb +++ b/lib/api/group_members.rb @@ -3,22 +3,6 @@ module API before { authenticate! } resource :groups do - helpers do - def find_group(id) - group = Group.find(id) - - if can?(current_user, :read_group, group) - group - else - render_api_error!("403 Forbidden - #{current_user.username} lacks sufficient access to #{group.name}", 403) - end - end - - def validate_access_level?(level) - Gitlab::Access.options_with_owner.values.include? level.to_i - end - end - # Get a list of group members viewable by the authenticated user. # # Example Request: diff --git a/lib/api/groups.rb b/lib/api/groups.rb index 730dfad52c8..384a28e41f5 100644 --- a/lib/api/groups.rb +++ b/lib/api/groups.rb @@ -4,22 +4,6 @@ module API before { authenticate! } resource :groups do - helpers do - def find_group(id) - group = Group.find(id) - - if can?(current_user, :read_group, group) - group - else - render_api_error!("403 Forbidden - #{current_user.username} lacks sufficient access to #{group.name}", 403) - end - end - - def validate_access_level?(level) - Gitlab::Access.options_with_owner.values.include? level.to_i - end - end - # Get a groups list # # Example Request: diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 62c26ef76ce..96249ea8cfe 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -55,6 +55,21 @@ module API end end + def find_group(id) + begin + group = Group.find(id) + rescue ActiveRecord::RecordNotFound + group = Group.find_by!(path: id) + end + + if can?(current_user, :read_group, group) + group + else + forbidden!("#{current_user.username} lacks sufficient "\ + "access to #{group.name}") + end + end + def paginate(relation) per_page = params[:per_page].to_i paginated = relation.page(params[:page]).per(per_page) @@ -135,10 +150,16 @@ module API errors end + def validate_access_level?(level) + Gitlab::Access.options_with_owner.values.include? level.to_i + end + # error helpers - def forbidden! - render_api_error!('403 Forbidden', 403) + def forbidden!(reason = nil) + message = ['403 Forbidden'] + message << " - #{reason}" if reason + render_api_error!(message.join(' '), 403) end def bad_request!(attribute) |