Commit 6df02adc7a5cb7badf748be783f9a552cf19aeee
1 parent
6fc3263e
Exists in
master
and in
4 other branches
API: status code 403 returned if new project would exceed limit
When the project limit is reached the user is not allowed to create new ones. Instead of error code 404 the status code 403 (Forbidden) is returned with error message via API.
Showing
3 changed files
with
17 additions
and
1 deletions
Show diff stats
app/models/project.rb
| @@ -155,7 +155,7 @@ class Project < ActiveRecord::Base | @@ -155,7 +155,7 @@ class Project < ActiveRecord::Base | ||
| 155 | 155 | ||
| 156 | def check_limit | 156 | def check_limit |
| 157 | unless creator.can_create_project? | 157 | unless creator.can_create_project? |
| 158 | - errors[:base] << ("Your own projects limit is #{creator.projects_limit}! Please contact administrator to increase it") | 158 | + errors[:limit_reached] << ("Your own projects limit is #{creator.projects_limit}! Please contact administrator to increase it") |
| 159 | end | 159 | end |
| 160 | rescue | 160 | rescue |
| 161 | errors[:base] << ("Can't check your ability to create project") | 161 | errors[:base] << ("Can't check your ability to create project") |
lib/api/projects.rb
| @@ -58,6 +58,9 @@ module Gitlab | @@ -58,6 +58,9 @@ module Gitlab | ||
| 58 | if @project.saved? | 58 | if @project.saved? |
| 59 | present @project, with: Entities::Project | 59 | present @project, with: Entities::Project |
| 60 | else | 60 | else |
| 61 | + if @project.errors[:limit_reached].present? | ||
| 62 | + error!(@project.errors[:limit_reached], 403) | ||
| 63 | + end | ||
| 61 | not_found! | 64 | not_found! |
| 62 | end | 65 | end |
| 63 | end | 66 | end |
spec/requests/api/projects_spec.rb
| @@ -41,6 +41,11 @@ describe Gitlab::API do | @@ -41,6 +41,11 @@ describe Gitlab::API do | ||
| 41 | expect { post api("/projects", user) }.to_not change {Project.count} | 41 | expect { post api("/projects", user) }.to_not change {Project.count} |
| 42 | end | 42 | end |
| 43 | 43 | ||
| 44 | + it "should return a 400 error if name not given" do | ||
| 45 | + post api("/projects", user) | ||
| 46 | + response.status.should == 400 | ||
| 47 | + end | ||
| 48 | + | ||
| 44 | it "should respond with 201 on success" do | 49 | it "should respond with 201 on success" do |
| 45 | post api("/projects", user), name: 'foo' | 50 | post api("/projects", user), name: 'foo' |
| 46 | response.status.should == 201 | 51 | response.status.should == 201 |
| @@ -51,6 +56,14 @@ describe Gitlab::API do | @@ -51,6 +56,14 @@ describe Gitlab::API do | ||
| 51 | response.status.should == 400 | 56 | response.status.should == 400 |
| 52 | end | 57 | end |
| 53 | 58 | ||
| 59 | + it "should return a 403 error if project limit reached" do | ||
| 60 | + (1..user.projects_limit).each do |p| | ||
| 61 | + post api("/projects", user), name: "foo#{p}" | ||
| 62 | + end | ||
| 63 | + post api("/projects", user), name: 'bar' | ||
| 64 | + response.status.should == 403 | ||
| 65 | + end | ||
| 66 | + | ||
| 54 | it "should assign attributes to project" do | 67 | it "should assign attributes to project" do |
| 55 | project = attributes_for(:project, { | 68 | project = attributes_for(:project, { |
| 56 | description: Faker::Lorem.sentence, | 69 | description: Faker::Lorem.sentence, |