Add latest changes from gitlab-org/gitlab@master

1 files changed, 18 insertions, 5 deletions

diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 6cb9d19a2ad..3489a4b21b3 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -211,18 +211,25 @@ module API
       not_found!('Pipeline')
     end
 
+    def find_organization!(id)
+      organization = Organizations::Organization.find_by_id(id)
+      check_organization_access(organization)
+    end
+
     # rubocop: disable CodeReuse/ActiveRecord
-    def find_group(id)
+    def find_group(id, organization = nil)
+      collection = organization.present? ? Group.in_organization(organization) : Group.all
+
       if id.to_s =~ INTEGER_ID_REGEX
-        Group.find_by(id: id)
+        collection.find_by(id: id)
       else
-        Group.find_by_full_path(id)
+        collection.find_by_full_path(id)
       end
     end
     # rubocop: enable CodeReuse/ActiveRecord
 
-    def find_group!(id)
-      group = find_group(id)
+    def find_group!(id, organization = nil)
+      group = find_group(id, organization)
       check_group_access(group)
     end
 
@@ -835,6 +842,12 @@ module API
       @sudo_identifier ||= params[SUDO_PARAM] || env[SUDO_HEADER]
     end
 
+    def check_organization_access(organization)
+      return organization if can?(current_user, :read_organization, organization)
+
+      not_found!('Organization')
+    end
+
     def secret_token
       Gitlab::Shell.secret_token
     end