From 2994a84f0137ecf313e87bd3a79f433ab615f984 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Sat, 23 Dec 2023 00:10:18 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 lib/api/helpers.rb | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

(limited to 'lib/api/helpers.rb')

diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 6cb9d19a2ad..a59734d643d 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -211,18 +211,25 @@ module API
       not_found!('Pipeline')
     end
 
+    def find_organization!(id)
+      organization = Organizations::Organization.find_by_id(id)
+      check_organization_access(organization)
+    end
+
     # rubocop: disable CodeReuse/ActiveRecord
-    def find_group(id)
+    def find_group(id, organization: nil)
+      collection = organization.present? ? Group.in_organization(organization) : Group.all
+
       if id.to_s =~ INTEGER_ID_REGEX
-        Group.find_by(id: id)
+        collection.find_by(id: id)
       else
-        Group.find_by_full_path(id)
+        collection.find_by_full_path(id)
       end
     end
     # rubocop: enable CodeReuse/ActiveRecord
 
-    def find_group!(id)
-      group = find_group(id)
+    def find_group!(id, organization: nil)
+      group = find_group(id, organization: organization)
       check_group_access(group)
     end
 
@@ -835,6 +842,12 @@ module API
       @sudo_identifier ||= params[SUDO_PARAM] || env[SUDO_HEADER]
     end
 
+    def check_organization_access(organization)
+      return organization if can?(current_user, :read_organization, organization)
+
+      not_found!('Organization')
+    end
+
     def secret_token
       Gitlab::Shell.secret_token
     end
-- 
cgit v1.2.3