4 files changed, 83 insertions, 3 deletions

diff --git a/app/serializers/runner_entity.rb b/app/serializers/runner_entity.rb
index 04ec80e0efa..97e5b336a35 100644
--- a/app/serializers/runner_entity.rb
+++ b/app/serializers/runner_entity.rb
@@ -5,8 +5,7 @@ class RunnerEntity < Grape::Entity
 
   expose :id, :description
 
-  expose :edit_path,
-    if: -> (*) { can?(request.current_user, :admin_build, project) && runner.project_type? } do |runner|
+  expose :edit_path, if: -> (*) { can_edit_runner? } do |runner|
     edit_project_runner_path(project, runner)
   end
 
@@ -17,4 +16,8 @@ class RunnerEntity < Grape::Entity
   def project
     request.project
   end
+
+  def can_edit_runner?
+    can?(request.current_user, :update_runner, runner) && runner.project_type?
+  end
 end
diff --git a/spec/controllers/projects/jobs_controller_spec.rb b/spec/controllers/projects/jobs_controller_spec.rb
index 706f801a285..19c46e2f309 100644
--- a/spec/controllers/projects/jobs_controller_spec.rb
+++ b/spec/controllers/projects/jobs_controller_spec.rb
@@ -229,6 +229,65 @@ describe Projects::JobsController, :clean_gitlab_redis_shared_state do
           expect(json_response['deployment_status']["environment"]).not_to be_nil
         end
       end
+
+      context 'when user can edit runner' do
+        context 'that belongs to the project' do
+          let(:runner) { create(:ci_runner, :project, projects: [project]) }
+          let(:job) { create(:ci_build, :success, pipeline: pipeline, runner: runner) }
+
+          before do
+            project.add_maintainer(user)
+            sign_in(user)
+
+            get_show(id: job.id, format: :json)
+          end
+
+          it 'user can edit runner' do
+            expect(response).to have_gitlab_http_status(:ok)
+            expect(response).to match_response_schema('job/job_details')
+            expect(json_response['runner']).to have_key('edit_path')
+          end
+        end
+
+        context 'that belongs to group' do
+          let(:group) { create(:group) }
+          let(:runner) { create(:ci_runner, :group, groups: [group]) }
+          let(:job) { create(:ci_build, :success, pipeline: pipeline, runner: runner) }
+          let(:user) { create(:user, :admin) }
+
+          before do
+            project.add_maintainer(user)
+            sign_in(user)
+
+            get_show(id: job.id, format: :json)
+          end
+
+          it 'user can not edit runner' do
+            expect(response).to have_gitlab_http_status(:ok)
+            expect(response).to match_response_schema('job/job_details')
+            expect(json_response['runner']).not_to have_key('edit_path')
+          end
+        end
+
+        context 'that belongs to instance' do
+          let(:runner) { create(:ci_runner, :instance) }
+          let(:job) { create(:ci_build, :success, pipeline: pipeline, runner: runner) }
+          let(:user) { create(:user, :admin) }
+
+          before do
+            project.add_maintainer(user)
+            sign_in(user)
+
+            get_show(id: job.id, format: :json)
+          end
+
+          it 'user can not edit runner' do
+            expect(response).to have_gitlab_http_status(:ok)
+            expect(response).to match_response_schema('job/job_details')
+            expect(json_response['runner']).not_to have_key('edit_path')
+          end
+        end
+      end
     end
 
     context 'when requesting JSON job is triggered' do
diff --git a/spec/fixtures/api/schemas/job/job_details.json b/spec/fixtures/api/schemas/job/job_details.json
index ab0ade55bbe..78c0fdf83b9 100644
--- a/spec/fixtures/api/schemas/job/job_details.json
+++ b/spec/fixtures/api/schemas/job/job_details.json
@@ -7,6 +7,7 @@
     "artifact": { "$ref": "artifact.json" },
     "terminal_path": { "type": "string" },
     "trigger": { "$ref": "trigger.json" },
-    "deployment_status": { "$ref": "deployment_status.json" }
+    "deployment_status": { "$ref": "deployment_status.json" },
+    "runner": { "$ref": "runner.json" }
   }
 }
diff --git a/spec/fixtures/api/schemas/job/runner.json b/spec/fixtures/api/schemas/job/runner.json
new file mode 100644
index 00000000000..acfeeeeb808
--- /dev/null
+++ b/spec/fixtures/api/schemas/job/runner.json
@@ -0,0 +1,17 @@
+{
+  "oneOf": [
+    { "type": "null" },
+    {
+      "type": "object",
+      "required": [
+        "id",
+        "description"
+      ],
+      "properties": {
+        "id": { "type": "integer" },
+        "description": { "type": "string" },
+        "edit_path": { "type": "string" }
+      }
+    }
+  ]
+}