diff options
author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-10-07 11:32:25 +0000 |
---|---|---|
committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-10-07 11:32:25 +0000 |
commit | dc825ae33016b91235e210c2d37323c076fcf572 (patch) | |
tree | b6ec25a237eb7e145cde1e8f3d506ee67864cf05 /lib | |
parent | 2eb76186f503410df5018765bc32337a8754159a (diff) | |
parent | 93341579b6fd11c57b464a974079bbd9fcc28ef5 (diff) | |
download | gitlab-ce-dc825ae33016b91235e210c2d37323c076fcf572.tar.gz |
Merge branch 'feature/api_remove_group' of /home/git/repositories/gitlab/gitlabhq
Diffstat (limited to 'lib')
-rw-r--r-- | lib/api/groups.rb | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/lib/api/groups.rb b/lib/api/groups.rb index 396554404af..265417fd6bc 100644 --- a/lib/api/groups.rb +++ b/lib/api/groups.rb @@ -7,12 +7,14 @@ module API helpers do def find_group(id) group = Group.find(id) - if current_user.admin or current_user.groups.include? group + + if can?(current_user, :read_group, group) group else render_api_error!("403 Forbidden - #{current_user.username} lacks sufficient access to #{group.name}", 403) end end + def validate_access_level?(level) Gitlab::Access.options_with_owner.values.include? level.to_i end @@ -64,6 +66,19 @@ module API present group, with: Entities::GroupDetail end + + # Remove group + # + # Parameters: + # id (required) - The ID of a group + # Example Request: + # DELETE /groups/:id + delete ":id" do + group = find_group(params[:id]) + authorize! :manage_group, group + group.destroy + end + # Transfer a project to the Group namespace # # Parameters: @@ -132,7 +147,6 @@ module API member.destroy end end - end end end |