Catch any undefined API routing and return 400 Bad Request

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

3 files changed, 9 insertions, 3 deletions

diff --git a/lib/api/api.rb b/lib/api/api.rb
index 0bbf73a1b63..95a64f14ac7 100644
--- a/lib/api/api.rb
+++ b/lib/api/api.rb
@@ -73,5 +73,9 @@ module API
     mount ::API::Triggers
     mount ::API::Users
     mount ::API::Variables
+
+    route :any, '*path' do
+      error!('400 Bad Request', 400)
+    end
   end
 end
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb
index f4ea3bebb4c..c040000e8bb 100644
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -90,9 +90,9 @@ describe API::API, api: true  do
       expect(json_response['message']).to eq('404 Not found')
     end
 
-    it "returns a 404 if invalid ID" do
+    it "returns a 400 if invalid ID" do
       get api("/users/1ASDF", user)
-      expect(response).to have_http_status(404)
+      expect(response).to have_http_status(400)
     end
   end
 
diff --git a/spec/routing/routing_spec.rb b/spec/routing/routing_spec.rb
index 0dd00af878d..0ee1c811dfb 100644
--- a/spec/routing/routing_spec.rb
+++ b/spec/routing/routing_spec.rb
@@ -266,7 +266,9 @@ describe "Groups", "routing" do
   end
 
   it "also display group#show on the short path" do
-    expect(get('/1')).to route_to('namespaces#show', id: '1')
+    allow(Group).to receive(:find_by_path).and_return(true)
+
+    expect(get('/1')).to route_to('groups#show', id: '1')
   end
 end