Commit a7c823a5 authored by Lin Jen-Shin's avatar Lin Jen-Shin

Give ProjectNotFound when the project is not readable

parent e7a6d17b
...@@ -25,7 +25,7 @@ module Gitlab ...@@ -25,7 +25,7 @@ module Gitlab
def validate_permission!(permission) def validate_permission!(permission)
raise UserNotFoundError unless author raise UserNotFoundError unless author
raise UserBlockedError if author.blocked? raise UserBlockedError if author.blocked?
# TODO: Give project not found error if author cannot read project raise ProjectNotFound unless author.can?(:read_project, project)
raise UserNotAuthorizedError unless author.can?(permission, project) raise UserNotAuthorizedError unless author.can?(permission, project)
end end
......
...@@ -10,9 +10,6 @@ module Gitlab ...@@ -10,9 +10,6 @@ module Gitlab
end end
def execute def execute
# Must be private project without access
raise ProjectNotFound unless author.can?(:read_project, project)
validate_permission!(:create_issue) validate_permission!(:create_issue)
validate_authentication_token! validate_authentication_token!
......
...@@ -88,8 +88,8 @@ describe Gitlab::Email::Receiver, lib: true do ...@@ -88,8 +88,8 @@ describe Gitlab::Email::Receiver, lib: true do
project.update_attribute(:visibility_level, Project::PRIVATE) project.update_attribute(:visibility_level, Project::PRIVATE)
end end
it "raises a UserNotAuthorizedError" do it "raises a ProjectNotFound" do
expect { receiver.execute }.to raise_error(Gitlab::Email::UserNotAuthorizedError) expect { receiver.execute }.to raise_error(Gitlab::Email::ProjectNotFound)
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment