diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/api/groups.rb | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/lib/api/groups.rb b/lib/api/groups.rb index 396554404af..265417fd6bc 100644 --- a/lib/api/groups.rb +++ b/lib/api/groups.rb @@ -7,12 +7,14 @@ module API helpers do def find_group(id) group = Group.find(id) - if current_user.admin or current_user.groups.include? group + + if can?(current_user, :read_group, group) group else render_api_error!("403 Forbidden - #{current_user.username} lacks sufficient access to #{group.name}", 403) end end + def validate_access_level?(level) Gitlab::Access.options_with_owner.values.include? level.to_i end @@ -64,6 +66,19 @@ module API present group, with: Entities::GroupDetail end + + # Remove group + # + # Parameters: + # id (required) - The ID of a group + # Example Request: + # DELETE /groups/:id + delete ":id" do + group = find_group(params[:id]) + authorize! :manage_group, group + group.destroy + end + # Transfer a project to the Group namespace # # Parameters: @@ -132,7 +147,6 @@ module API member.destroy end end - end end end |