diff options
| author | Zeger-Jan van de Weg <zegerjan@gitlab.com> | 2016-05-14 11:33:14 +0200 |
|---|---|---|
| committer | Stan Hu <stanhu@gmail.com> | 2016-05-28 03:14:43 -0700 |
| commit | be613de2cfa96c7a17f734e532ba6ada0d81c7fe (patch) | |
| tree | 2c318719a940e2a1ecdc33ff0bb0305bb3930958 | |
| parent | f9bb9151b595fdc1afc1742bb51c816965908f53 (diff) | |
| download | gitlab-ce-zj-race-condition-pending-delete.tar.gz | |
Project#show on projects pending deletion will 404zj-race-condition-pending-delete
fixes #17508
| -rw-r--r-- | CHANGELOG | 1 | ||||
| -rw-r--r-- | app/controllers/projects/application_controller.rb | 2 | ||||
| -rw-r--r-- | spec/controllers/projects_controller_spec.rb | 11 |
3 files changed, 13 insertions, 1 deletions
diff --git a/CHANGELOG b/CHANGELOG index a0194a1ba25..5dc56d18c3a 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -11,6 +11,7 @@ v 8.9.0 (unreleased) - Fix issues filter when ordering by milestone - Todos will display target state if issuable target is 'Closed' or 'Merged' - Remove 'main language' feature + - Projects pending deletion will render a 404 page - Measure queue duration between gitlab-workhorse and Rails v 8.8.3 diff --git a/app/controllers/projects/application_controller.rb b/app/controllers/projects/application_controller.rb index be872a93fee..776ba92c9ab 100644 --- a/app/controllers/projects/application_controller.rb +++ b/app/controllers/projects/application_controller.rb @@ -26,7 +26,7 @@ class Projects::ApplicationController < ApplicationController project_path = "#{namespace}/#{id}" @project = Project.find_with_namespace(project_path) - if @project && can?(current_user, :read_project, @project) + if can?(current_user, :read_project, @project) && !@project.pending_delete? if @project.path_with_namespace != project_path redirect_to request.original_url.gsub(project_path, @project.path_with_namespace) end diff --git a/spec/controllers/projects_controller_spec.rb b/spec/controllers/projects_controller_spec.rb index 91b46c4d65c..fba545560c7 100644 --- a/spec/controllers/projects_controller_spec.rb +++ b/spec/controllers/projects_controller_spec.rb @@ -115,6 +115,17 @@ describe ProjectsController do expect(public_project_with_dot_atom).not_to be_valid end end + + context 'when the project is pending deletions' do + it 'renders a 404 error' do + project = create(:project, pending_delete: true) + sign_in(user) + + get :show, namespace_id: project.namespace.path, id: project.path + + expect(response.status).to eq 404 + end + end end describe "#update" do |