diff options
author | Valery Sizov <vsv2711@gmail.com> | 2015-05-06 16:02:02 +0300 |
---|---|---|
committer | Valery Sizov <vsv2711@gmail.com> | 2015-05-06 16:02:02 +0300 |
commit | 0a0d201e266d6f6dfb473e1e305ecb4c2647f7c3 (patch) | |
tree | fc61cb85e77bafa917bb30ca6957b7d17da78689 | |
parent | afcdd6f1030880ac107afefde02cd3c03f364195 (diff) | |
download | gitlab-ci-0a0d201e266d6f6dfb473e1e305ecb4c2647f7c3.tar.gz |
More explicit permission error for developers
-rw-r--r-- | app/controllers/projects_controller.rb | 4 | ||||
-rw-r--r-- | spec/controllers/projects_controller_spec.rb | 14 |
2 files changed, 17 insertions, 1 deletions
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 33cec6a..57a29fe 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -51,6 +51,10 @@ class ProjectsController < ApplicationController end def create + unless current_user.can_manage_project?(YAML.load(params["project"])[:id]) + return redirect_to root_path, alert: 'You have to have at least master role to enable CI for this project' + end + @project = CreateProjectService.new.execute(current_user, params[:project], project_url(":project_id")) if @project.persisted? diff --git a/spec/controllers/projects_controller_spec.rb b/spec/controllers/projects_controller_spec.rb index cea3986..17f6417 100644 --- a/spec/controllers/projects_controller_spec.rb +++ b/spec/controllers/projects_controller_spec.rb @@ -59,11 +59,23 @@ describe ProjectsController do allow(controller).to receive(:reset_cache) { true } allow(controller).to receive(:current_user) { user } Network.any_instance.stub(:enable_ci).and_return(true) + Network.any_instance.stub(:project_hooks).and_return(true) post :create, { project: project_dump }.with_indifferent_access - Project.exists?(gitlab_id: 189).should be_true expect(response.code).to eq('302') + expect(assigns(:project)).not_to be_a_new(Project) + end + + it "shows error" do + allow(controller).to receive(:reset_cache) { true } + allow(controller).to receive(:current_user) { user } + User.any_instance.stub(:can_manage_project?).and_return(false) + + post :create, { project: project_dump }.with_indifferent_access + + expect(response.code).to eq('302') + expect(flash[:alert]).to include("You have to have at least master role to enable CI for this project") end end |