diff options
author | Rémy Coutable <remy@rymai.me> | 2016-11-24 18:58:32 +0300 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2016-11-24 18:58:32 +0300 |
commit | 81ba3f9177fcfd76f6b3b715c572ce4920398345 (patch) | |
tree | bfcefba5a558d69051bf67f2cef2a259c0928942 /lib/api/groups.rb | |
parent | 4f5ed812325845f263fc9b566651c1179b5c24bc (diff) |
API: Introduce `#find_group!` which also check access permission
Signed-off-by: Rémy Coutable <remy@rymai.me>
Diffstat (limited to 'lib/api/groups.rb')
-rw-r--r-- | lib/api/groups.rb | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/api/groups.rb b/lib/api/groups.rb index 48ad3b80ae0..a3489c4eb92 100644 --- a/lib/api/groups.rb +++ b/lib/api/groups.rb @@ -82,7 +82,7 @@ module API :lfs_enabled, :request_access_enabled end put ':id' do - group = find_group(params[:id]) + group = find_group!(params[:id]) authorize! :admin_group, group if ::Groups::UpdateService.new(group, current_user, declared_params(include_missing: false)).execute @@ -96,13 +96,13 @@ module API success Entities::GroupDetail end get ":id" do - group = find_group(params[:id]) + group = find_group!(params[:id]) present group, with: Entities::GroupDetail end desc 'Remove a group.' delete ":id" do - group = find_group(params[:id]) + group = find_group!(params[:id]) authorize! :admin_group, group DestroyGroupService.new(group, current_user).execute end @@ -111,7 +111,7 @@ module API success Entities::Project end get ":id/projects" do - group = find_group(params[:id]) + group = find_group!(params[:id]) projects = GroupProjectsFinder.new(group).execute(current_user) projects = paginate projects present projects, with: Entities::Project, user: current_user |