6 files changed, 66 insertions, 9 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 517ad4f03f3..6f3ae9bf8eb 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -49,6 +49,14 @@ class ApplicationController < ActionController::Base
     render_404
   end
 
+  def route_not_found
+    if current_user
+      not_found
+    else
+      redirect_to new_user_session_path
+    end
+  end
+
   protected
 
   # This filter handles both private tokens and personal access tokens
diff --git a/app/models/project.rb b/app/models/project.rb
index f8a54324341..4976d3ab680 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -174,6 +174,7 @@ class Project < ActiveRecord::Base
               message: Gitlab::Regex.project_name_regex_message }
   validates :path,
     presence: true,
+    project_path: true,
     length: { within: 0..255 },
     format: { with: Gitlab::Regex.project_path_regex,
               message: Gitlab::Regex.project_path_regex_message }
diff --git a/app/models/user.rb b/app/models/user.rb
index 29fb849940a..e3d2c57e47f 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -291,8 +291,12 @@ class User < ActiveRecord::Base
       end
     end
 
+    def find_by_username(username)
+      iwhere(username: username).take
+    end
+
     def find_by_username!(username)
-      find_by!('lower(username) = ?', username.downcase)
+      iwhere(username: username).take!
     end
 
     def find_by_personal_access_token(token_string)
diff --git a/app/validators/namespace_validator.rb b/app/validators/namespace_validator.rb
index 2821ecf0a88..eb3ed31b65b 100644
--- a/app/validators/namespace_validator.rb
+++ b/app/validators/namespace_validator.rb
@@ -35,8 +35,22 @@ class NamespaceValidator < ActiveModel::EachValidator
     users
   ].freeze
 
+  def self.valid?(value)
+    !reserved?(value) && follow_format?(value)
+  end
+
+  def self.reserved?(value)
+    RESERVED.include?(value)
+  end
+
+  def self.follow_format?(value)
+    value =~ Gitlab::Regex.namespace_regex
+  end
+
+  delegate :reserved?, :follow_format?, to: :class
+
   def validate_each(record, attribute, value)
-    unless value =~ Gitlab::Regex.namespace_regex
+    unless follow_format?(value)
       record.errors.add(attribute, Gitlab::Regex.namespace_regex_message)
     end
 
@@ -44,10 +58,4 @@ class NamespaceValidator < ActiveModel::EachValidator
       record.errors.add(attribute, "#{value} is a reserved name")
     end
   end
-
-  private
-
-  def reserved?(value)
-    RESERVED.include?(value)
-  end
 end
diff --git a/app/validators/project_path_validator.rb b/app/validators/project_path_validator.rb
new file mode 100644
index 00000000000..927c67b65b0
--- /dev/null
+++ b/app/validators/project_path_validator.rb
@@ -0,0 +1,36 @@
+# ProjectPathValidator
+#
+# Custom validator for GitLab project path values.
+#
+# Values are checked for formatting and exclusion from a list of reserved path
+# names.
+class ProjectPathValidator < ActiveModel::EachValidator
+  # All project routes with wildcard argument must be listed here.
+  # Otherwise it can lead to routing issues when route considered as project name.
+  #
+  # Example:
+  #  /group/project/tree/deploy_keys
+  #
+  #  without tree as reserved name routing can match 'group/project' as group name,
+  #  'tree' as project name and 'deploy_keys' as route.
+  #
+  RESERVED = (NamespaceValidator::RESERVED +
+              %w[tree commits wikis new edit create update logs_tree
+                 preview blob blame raw files create_dir find_file]).freeze
+
+  def self.valid?(value)
+    !reserved?(value)
+  end
+
+  def self.reserved?(value)
+    RESERVED.include?(value)
+  end
+
+  delegate :reserved?, to: :class
+
+  def validate_each(record, attribute, value)
+    if reserved?(value)
+      record.errors.add(attribute, "#{value} is a reserved name")
+    end
+  end
+end
diff --git a/app/views/projects/wikis/_nav.html.haml b/app/views/projects/wikis/_nav.html.haml
index 09c4411d67e..afdef70e1cf 100644
--- a/app/views/projects/wikis/_nav.html.haml
+++ b/app/views/projects/wikis/_nav.html.haml
@@ -7,7 +7,7 @@
           = link_to 'Home', namespace_project_wiki_path(@project.namespace, @project, :home)
 
         = nav_link(path: 'wikis#pages') do
-          = link_to 'Pages', namespace_project_wiki_pages_path(@project.namespace, @project)
+          = link_to 'Pages', namespace_project_wikis_pages_path(@project.namespace, @project)
 
         = nav_link(path: 'wikis#git_access') do
           = link_to namespace_project_wikis_git_access_path(@project.namespace, @project) do