3 files changed, 29 insertions, 2 deletions

diff --git a/lib/gitlab/git_access.rb b/lib/gitlab/git_access.rb
index 040d350b5b5..58ab8290aac 100644
--- a/lib/gitlab/git_access.rb
+++ b/lib/gitlab/git_access.rb
@@ -51,6 +51,8 @@ module Gitlab
 
     def push_access_check(changes)
       if user
+        return build_status_object(false, render_above_size_limit_message) if project.above_size_limit?
+
         user_push_access_check(changes)
       elsif deploy_key
         build_status_object(false, "Deploy keys are not allowed to push code.")
@@ -76,8 +78,6 @@ module Gitlab
         return build_status_object(false, "A repository for this project does not exist yet.")
       end
 
-      return build_status_object(false, render_above_size_limit_message) if project.above_size_limit?
-
       changes_list = Gitlab::ChangesList.new(changes)
 
       # Iterate over all changes to find if user allowed all of them to be applied
diff --git a/spec/controllers/projects/merge_requests_controller_spec.rb b/spec/controllers/projects/merge_requests_controller_spec.rb
index a219400d75f..971dc0d90c5 100644
--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -224,6 +224,17 @@ describe Projects::MergeRequestsController do
       end
     end
 
+    context 'when the repository is above size limit' do
+      before do
+        allow_any_instance_of(Project).to receive(:above_size_limit?).and_return(true)
+        post :merge, base_params.merge(sha: merge_request.diff_head_sha)
+      end
+
+      it 'returns :size_limit_reached' do
+        expect(assigns(:status)).to eq(:size_limit_reached)
+      end
+    end
+
     context 'when the merge request is not mergeable' do
       before do
         merge_request.update_attributes(title: "WIP: #{merge_request.title}")
diff --git a/spec/requests/git_http_spec.rb b/spec/requests/git_http_spec.rb
index afaf4b7cefb..08ac852d4e9 100644
--- a/spec/requests/git_http_spec.rb
+++ b/spec/requests/git_http_spec.rb
@@ -122,6 +122,22 @@ describe 'Git HTTP requests', lib: true do
         end
       end
 
+      context "when repository is above size limit" do
+        let(:env) { { user: user.username, password: user.password } }
+
+        before do
+          project.team << [user, :master]
+        end
+
+        it 'responds with status 403' do
+          allow_any_instance_of(Project).to receive(:above_size_limit?).and_return(true)
+
+          upload(path, env) do |response|
+            expect(response).to have_http_status(403)
+          end
+        end
+      end
+
       context "when username and password are provided" do
         let(:env) { { user: user.username, password: 'nope' } }