Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
gitlab-ce
Commits
a7c823a5
Commit
a7c823a5
authored
May 18, 2016
by
Lin Jen-Shin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Give ProjectNotFound when the project is not readable
parent
e7a6d17b
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
3 additions
and
6 deletions
+3
-6
lib/gitlab/email/handler.rb
lib/gitlab/email/handler.rb
+1
-1
lib/gitlab/email/handler/create_issue.rb
lib/gitlab/email/handler/create_issue.rb
+0
-3
spec/lib/gitlab/email/receiver_spec.rb
spec/lib/gitlab/email/receiver_spec.rb
+2
-2
No files found.
lib/gitlab/email/handler.rb
View file @
a7c823a5
...
@@ -25,7 +25,7 @@ module Gitlab
...
@@ -25,7 +25,7 @@ module Gitlab
def
validate_permission!
(
permission
)
def
validate_permission!
(
permission
)
raise
UserNotFoundError
unless
author
raise
UserNotFoundError
unless
author
raise
UserBlockedError
if
author
.
blocked?
raise
UserBlockedError
if
author
.
blocked?
# TODO: Give project not found error if author cannot read project
raise
ProjectNotFound
unless
author
.
can?
(
:read_project
,
project
)
raise
UserNotAuthorizedError
unless
author
.
can?
(
permission
,
project
)
raise
UserNotAuthorizedError
unless
author
.
can?
(
permission
,
project
)
end
end
...
...
lib/gitlab/email/handler/create_issue.rb
View file @
a7c823a5
...
@@ -10,9 +10,6 @@ module Gitlab
...
@@ -10,9 +10,6 @@ module Gitlab
end
end
def
execute
def
execute
# Must be private project without access
raise
ProjectNotFound
unless
author
.
can?
(
:read_project
,
project
)
validate_permission!
(
:create_issue
)
validate_permission!
(
:create_issue
)
validate_authentication_token!
validate_authentication_token!
...
...
spec/lib/gitlab/email/receiver_spec.rb
View file @
a7c823a5
...
@@ -88,8 +88,8 @@ describe Gitlab::Email::Receiver, lib: true do
...
@@ -88,8 +88,8 @@ describe Gitlab::Email::Receiver, lib: true do
project
.
update_attribute
(
:visibility_level
,
Project
::
PRIVATE
)
project
.
update_attribute
(
:visibility_level
,
Project
::
PRIVATE
)
end
end
it
"raises a
UserNotAuthorizedError
"
do
it
"raises a
ProjectNotFound
"
do
expect
{
receiver
.
execute
}.
to
raise_error
(
Gitlab
::
Email
::
UserNotAuthorizedError
)
expect
{
receiver
.
execute
}.
to
raise_error
(
Gitlab
::
Email
::
ProjectNotFound
)
end
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment