diff options
| author | Matija Čupić <matteeyah@gmail.com> | 2018-11-13 17:27:00 +0100 |
|---|---|---|
| committer | Matija Čupić <matteeyah@gmail.com> | 2018-11-13 19:00:28 +0100 |
| commit | b7e5f73cd7dca105d2bd0dbab559439ee00aa91a (patch) | |
| tree | 5e1d0908047bd483b55a455878d4817b5948a51d | |
| parent | 0bc14b452218277a55f71ab22bed724b696ecf28 (diff) | |
| download | gitlab-ce-b7e5f73cd7dca105d2bd0dbab559439ee00aa91a.tar.gz | |
Raise exception when user is not authorized
| -rw-r--r-- | app/services/ci/destroy_pipeline_service.rb | 2 | ||||
| -rw-r--r-- | spec/services/ci/destroy_pipeline_service_spec.rb | 10 |
2 files changed, 3 insertions, 9 deletions
diff --git a/app/services/ci/destroy_pipeline_service.rb b/app/services/ci/destroy_pipeline_service.rb index f40e73b3efb..13f892aabb8 100644 --- a/app/services/ci/destroy_pipeline_service.rb +++ b/app/services/ci/destroy_pipeline_service.rb @@ -3,7 +3,7 @@ module Ci class DestroyPipelineService < BaseService def execute(pipeline) - return false unless can?(current_user, :destroy_pipeline, pipeline) + raise Gitlab::Access::AccessDeniedError unless can?(current_user, :destroy_pipeline, pipeline) AuditEventService.new(current_user, pipeline).security_event diff --git a/spec/services/ci/destroy_pipeline_service_spec.rb b/spec/services/ci/destroy_pipeline_service_spec.rb index 9f449dd73e8..097daf67feb 100644 --- a/spec/services/ci/destroy_pipeline_service_spec.rb +++ b/spec/services/ci/destroy_pipeline_service_spec.rb @@ -53,14 +53,8 @@ describe ::Ci::DestroyPipelineService do context 'user is not owner' do let(:user) { create(:user) } - it 'returns false' do - is_expected.to eq(false) - end - - it 'does not destroy the pipeline' do - subject - - expect { pipeline.reload }.not_to raise_error + it 'raises an exception' do + expect { subject }.to raise_error(Gitlab::Access::AccessDeniedError) end end end |