2 files changed, 28 insertions, 24 deletions

diff --git a/lib/api/ci/runner.rb b/lib/api/ci/runner.rb
index c4e0b699524..0bac6fe2054 100644
--- a/lib/api/ci/runner.rb
+++ b/lib/api/ci/runner.rb
@@ -7,11 +7,11 @@ module API
 
       content_type :txt, 'text/plain'
 
-      feature_category :continuous_integration
+      feature_category :runner
 
       resource :runners do
         desc 'Registers a new Runner' do
-          success Entities::RunnerRegistrationDetails
+          success Entities::Ci::RunnerRegistrationDetails
           http_codes [[201, 'Runner was created'], [403, 'Forbidden']]
         end
         params do
@@ -34,10 +34,10 @@ module API
             if runner_registration_token_valid?
               # Create shared runner. Requires admin access
               attributes.merge(runner_type: :instance_type)
-            elsif @project = Project.find_by_runners_token(params[:token])
+            elsif runner_registrar_valid?('project') && @project = Project.find_by_runners_token(params[:token])
               # Create a specific runner for the project
               attributes.merge(runner_type: :project_type, projects: [@project])
-            elsif @group = Group.find_by_runners_token(params[:token])
+            elsif runner_registrar_valid?('group') && @group = Group.find_by_runners_token(params[:token])
               # Create a specific runner for the group
               attributes.merge(runner_type: :group_type, groups: [@group])
             else
@@ -47,7 +47,7 @@ module API
           @runner = ::Ci::Runner.create(attributes)
 
           if @runner.persisted?
-            present @runner, with: Entities::RunnerRegistrationDetails
+            present @runner, with: Entities::Ci::RunnerRegistrationDetails
           else
             render_validation_error!(@runner)
           end
@@ -82,7 +82,7 @@ module API
         before { set_application_context }
 
         desc 'Request a job' do
-          success Entities::JobRequest::Response
+          success Entities::Ci::JobRequest::Response
           http_codes [[201, 'Job was scheduled'],
                       [204, 'No job for Runner'],
                       [403, 'Forbidden']]
@@ -214,6 +214,10 @@ module API
             .new(job, content_range: content_range)
             .execute(request.body.read)
 
+          if result.status == 403
+            break error!('403 Forbidden', 403)
+          end
+
           if result.status == 416
             break error!('416 Range Not Satisfiable', 416, { 'Range' => "0-#{result.stream_size}" })
           end
@@ -263,7 +267,7 @@ module API
         end
 
         desc 'Upload artifacts for job' do
-          success Entities::JobRequest::Response
+          success Entities::Ci::JobRequest::Response
           http_codes [[201, 'Artifact uploaded'],
                       [400, 'Bad request'],
                       [403, 'Forbidden'],
diff --git a/lib/api/ci/runners.rb b/lib/api/ci/runners.rb
index 44ffc941cfa..7f755b1a4d4 100644
--- a/lib/api/ci/runners.rb
+++ b/lib/api/ci/runners.rb
@@ -7,11 +7,11 @@ module API
 
       before { authenticate! }
 
-      feature_category :continuous_integration
+      feature_category :runner
 
       resource :runners do
         desc 'Get runners available for user' do
-          success Entities::Runner
+          success Entities::Ci::Runner
         end
         params do
           optional :scope, type: String, values: ::Ci::Runner::AVAILABLE_STATUSES,
@@ -30,11 +30,11 @@ module API
           runners = filter_runners(runners, params[:status], allowed_scopes: ::Ci::Runner::AVAILABLE_STATUSES)
           runners = runners.tagged_with(params[:tag_list]) if params[:tag_list]
 
-          present paginate(runners), with: Entities::Runner
+          present paginate(runners), with: Entities::Ci::Runner
         end
 
         desc 'Get all runners - shared and specific' do
-          success Entities::Runner
+          success Entities::Ci::Runner
         end
         params do
           optional :scope, type: String, values: ::Ci::Runner::AVAILABLE_SCOPES,
@@ -55,11 +55,11 @@ module API
           runners = filter_runners(runners, params[:status], allowed_scopes: ::Ci::Runner::AVAILABLE_STATUSES)
           runners = runners.tagged_with(params[:tag_list]) if params[:tag_list]
 
-          present paginate(runners), with: Entities::Runner
+          present paginate(runners), with: Entities::Ci::Runner
         end
 
         desc "Get runner's details" do
-          success Entities::RunnerDetails
+          success Entities::Ci::RunnerDetails
         end
         params do
           requires :id, type: Integer, desc: 'The ID of the runner'
@@ -68,11 +68,11 @@ module API
           runner = get_runner(params[:id])
           authenticate_show_runner!(runner)
 
-          present runner, with: Entities::RunnerDetails, current_user: current_user
+          present runner, with: Entities::Ci::RunnerDetails, current_user: current_user
         end
 
         desc "Update runner's details" do
-          success Entities::RunnerDetails
+          success Entities::Ci::RunnerDetails
         end
         params do
           requires :id, type: Integer, desc: 'The ID of the runner'
@@ -92,14 +92,14 @@ module API
           update_service = ::Ci::UpdateRunnerService.new(runner)
 
           if update_service.update(declared_params(include_missing: false))
-            present runner, with: Entities::RunnerDetails, current_user: current_user
+            present runner, with: Entities::Ci::RunnerDetails, current_user: current_user
           else
             render_validation_error!(runner)
           end
         end
 
         desc 'Remove a runner' do
-          success Entities::Runner
+          success Entities::Ci::Runner
         end
         params do
           requires :id, type: Integer, desc: 'The ID of the runner'
@@ -139,7 +139,7 @@ module API
         before { authorize_admin_project }
 
         desc 'Get runners available for project' do
-          success Entities::Runner
+          success Entities::Ci::Runner
         end
         params do
           optional :scope, type: String, values: ::Ci::Runner::AVAILABLE_SCOPES,
@@ -158,11 +158,11 @@ module API
           runners = filter_runners(runners, params[:scope])
           runners = apply_filter(runners, params)
 
-          present paginate(runners), with: Entities::Runner
+          present paginate(runners), with: Entities::Ci::Runner
         end
 
         desc 'Enable a runner for a project' do
-          success Entities::Runner
+          success Entities::Ci::Runner
         end
         params do
           requires :runner_id, type: Integer, desc: 'The ID of the runner'
@@ -172,14 +172,14 @@ module API
           authenticate_enable_runner!(runner)
 
           if runner.assign_to(user_project)
-            present runner, with: Entities::Runner
+            present runner, with: Entities::Ci::Runner
           else
             render_validation_error!(runner)
           end
         end
 
         desc "Disable project's runner" do
-          success Entities::Runner
+          success Entities::Ci::Runner
         end
         params do
           requires :runner_id, type: Integer, desc: 'The ID of the runner'
@@ -204,7 +204,7 @@ module API
         before { authorize_admin_group }
 
         desc 'Get runners available for group' do
-          success Entities::Runner
+          success Entities::Ci::Runner
         end
         params do
           optional :type, type: String, values: ::Ci::Runner::AVAILABLE_TYPES,
@@ -218,7 +218,7 @@ module API
           runners = ::Ci::Runner.belonging_to_group(user_group.id, include_ancestors: true)
           runners = apply_filter(runners, params)
 
-          present paginate(runners), with: Entities::Runner
+          present paginate(runners), with: Entities::Ci::Runner
         end
       end