API: status code 403 returned if new project would exceed limit

When the project limit is reached the user is not allowed to create new ones. Instead of error code 404 the status code 403 (Forbidden) is returned with error message via API.

API: status code 403 returned if new project would exceed limit
6df02adc · Sebastian Ziebell · 6fc3263e · 6df02adc · 6df02adc · 6df02adc
Commit 6df02adc authored Feb 14, 2013 by Sebastian Ziebell
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 1 deletion

project.rb app/models/project.rb +1 -1

projects.rb lib/api/projects.rb +3 -0

projects_spec.rb spec/requests/api/projects_spec.rb +13 -0

No files found.
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -155,7 +155,7 @@ class Project < ActiveRecord::Base
  def check_limit
    unless creator.can_create_project?
-      errors[:base] << ("Your own projects limit is #{creator.projects_limit}! Please contact administrator to increase it")
+      errors[:limit_reached] << ("Your own projects limit is #{creator.projects_limit}! Please contact administrator to increase it")
    end
  rescue
    errors[:base] << ("Can't check your ability to create project")

--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -58,6 +58,9 @@ module Gitlab
        if @project.saved?
          present @project, with: Entities::Project
        else
+          if @project.errors[:limit_reached].present?
+            error!(@project.errors[:limit_reached], 403)
+          end
          not_found!
        end
      end

--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -41,6 +41,11 @@ describe Gitlab::API do
      expect { post api("/projects", user) }.to_not change {Project.count}
    end
+    it "should return a 400 error if name not given" do
+      post api("/projects", user)
+      response.status.should == 400
+    end
    it "should respond with 201 on success" do
      post api("/projects", user), name: 'foo'
      response.status.should == 201
@@ -51,6 +56,14 @@ describe Gitlab::API do
      response.status.should == 400
    end
+    it "should return a 403 error if project limit reached" do
+      (1..user.projects_limit).each do |p|
+        post api("/projects", user), name: "foo#{p}"
+      end
+      post api("/projects", user), name: 'bar'
+      response.status.should == 403
+    end
    it "should assign attributes to project" do
      project = attributes_for(:project, {
        description: Faker::Lorem.sentence,