Do not leak project exists when importing members

When importing members, and user does not have permissions to read
members in a source project, do not leak information about source
project existence. Notifiy user that project has not been found instead.

app/controllers/projects/project_members_controller.rb

@@ -94,13 +94,13 @@ class Projects::ProjectMembersController < Projects::ApplicationController
   end
 
   def apply_import
-    giver = Project.find(params[:source_project_id])
+    source_project = Project.find(params[:source_project_id])
 
-    if current_user.can?(:read_project_member, giver)
-      status = @project.team.import(giver, current_user)
+    if can?(current_user, :read_project_member, source_project)
+      status = @project.team.import(source_project, current_user)
       notice = status ? "Successfully imported" : "Import failed"
     else
-      notice = 'You are not authorized to import members from this project'
+      notice = 'Import failed - source project not found!'
     end
 
     redirect_to(namespace_project_project_members_path(project.namespace, project),

spec/controllers/projects/project_members_controller_spec.rb

@@ -41,8 +41,8 @@ describe Projects::ProjectMembersController do
         expect(project.team_members).to_not include member
       end
 
-      it 'notifies about invalid permissions' do
-        expect(response).to set_flash.to /not authorized/
+      it 'pretends that source projects does not exist' do
+        expect(response).to set_flash.to /source project not found/
       end
     end
   end