1 files changed, 14 insertions, 13 deletions

diff --git a/lib/ci/api/projects.rb b/lib/ci/api/projects.rb
index 556de3bff9f..138667c980f 100644
--- a/lib/ci/api/projects.rb
+++ b/lib/ci/api/projects.rb
@@ -17,7 +17,7 @@ module Ci
 
           project = Ci::Project.find(params[:project_id])
 
-          unauthorized! unless current_user.can_manage_project?(project.gitlab_id)
+          unauthorized! unless can?(current_user, :manage_project, project.gl_project)
 
           web_hook = project.web_hooks.new({ url: params[:web_hook] })
 
@@ -34,9 +34,10 @@ module Ci
         # Example Request:
         #   GET /projects
         get do
-          gitlab_projects = Ci::Project.from_gitlab(
-            current_user, :authorized, { page: params[:page], per_page: params[:per_page], ci_enabled_first: true }
-          )
+          gitlab_projects = current_user.authorized_projects
+          gitlab_projects = filter_projects(gitlab_projects)
+          gitlab_projects = paginate gitlab_projects
+
           ids = gitlab_projects.map { |project| project.id }
 
           projects = Ci::Project.where("gitlab_id IN (?)", ids).load
@@ -48,9 +49,10 @@ module Ci
         # Example Request:
         #   GET /projects/owned
         get "owned" do
-          gitlab_projects = Ci::Project.from_gitlab(
-            current_user, :owned, { page: params[:page], per_page: params[:per_page], ci_enabled_first: true }
-          )
+          gitlab_projects = current_user.owned_projects
+          gitlab_projects = filter_projects(gitlab_projects)
+          gitlab_projects = paginate gitlab_projects
+
           ids = gitlab_projects.map { |project| project.id }
 
           projects = Ci::Project.where("gitlab_id IN (?)", ids).load
@@ -65,8 +67,7 @@ module Ci
         #   GET /projects/:id
         get ":id" do
           project = Ci::Project.find(params[:id])
-
-          unauthorized! unless can?(current_user, :read_project, gl_project)
+          unauthorized! unless can?(current_user, :read_project, project.gl_project)
 
           present project, with: Entities::Project
         end
@@ -118,7 +119,7 @@ module Ci
         put ":id" do
           project = Ci::Project.find(params[:id])
 
-          unauthorized! unless can?(current_user, :manage_project, gl_project)
+          unauthorized! unless can?(current_user, :manage_project, project.gl_project)
 
           attrs = attributes_for_keys [:name, :gitlab_id, :path, :gitlab_url, :default_ref, :ssh_url_to_repo]
 
@@ -144,7 +145,7 @@ module Ci
         delete ":id" do
           project = Ci::Project.find(params[:id])
 
-          unauthorized! unless can?(current_user, :manage_project, gl_project)
+          unauthorized! unless can?(current_user, :manage_project, project.gl_project)
 
           project.destroy
         end
@@ -160,7 +161,7 @@ module Ci
           project = Ci::Project.find(params[:id])
           runner  = Ci::Runner.find(params[:runner_id])
 
-          unauthorized! unless can?(current_user, :manage_project, gl_project)
+          unauthorized! unless can?(current_user, :manage_project, project.gl_project)
 
           options = {
             project_id: project.id,
@@ -188,7 +189,7 @@ module Ci
           project = Ci::Project.find(params[:id])
           runner  = Ci::Runner.find(params[:runner_id])
 
-          unauthorized! unless can?(current_user, :manage_project, gl_project)
+          unauthorized! unless can?(current_user, :manage_project, project.gl_project)
 
           options = {
             project_id: project.id,