From 6df02adc7a5cb7badf748be783f9a552cf19aeee Mon Sep 17 00:00:00 2001
From: Sebastian Ziebell <sebastian.ziebell@asquera.de>
Date: Thu, 14 Feb 2013 15:51:56 +0100
Subject: [PATCH] API: status code 403 returned if new project would exceed
 limit

When the project limit is reached the user is not allowed to create new ones.
Instead of error code 404 the status code 403 (Forbidden) is returned with error
message via API.
---
 app/models/project.rb              |  2 +-
 lib/api/projects.rb                |  3 +++
 spec/requests/api/projects_spec.rb | 13 +++++++++++++
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/app/models/project.rb b/app/models/project.rb
index acc1b8d2328..ce429bc3d75 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -155,7 +155,7 @@ class Project < ActiveRecord::Base
 
   def check_limit
     unless creator.can_create_project?
-      errors[:base] << ("Your own projects limit is #{creator.projects_limit}! Please contact administrator to increase it")
+      errors[:limit_reached] << ("Your own projects limit is #{creator.projects_limit}! Please contact administrator to increase it")
     end
   rescue
     errors[:base] << ("Can't check your ability to create project")
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index ecd3401fd94..87653f04450 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -58,6 +58,9 @@ module Gitlab
         if @project.saved?
           present @project, with: Entities::Project
         else
+          if @project.errors[:limit_reached].present?
+            error!(@project.errors[:limit_reached], 403)
+          end
           not_found!
         end
       end
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index de1b1b09e5f..b635307884b 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -41,6 +41,11 @@ describe Gitlab::API do
       expect { post api("/projects", user) }.to_not change {Project.count}
     end
 
+    it "should return a 400 error if name not given" do
+      post api("/projects", user)
+      response.status.should == 400
+    end
+
     it "should respond with 201 on success" do
       post api("/projects", user), name: 'foo'
       response.status.should == 201
@@ -51,6 +56,14 @@ describe Gitlab::API do
       response.status.should == 400
     end
 
+    it "should return a 403 error if project limit reached" do
+      (1..user.projects_limit).each do |p|
+        post api("/projects", user), name: "foo#{p}"
+      end
+      post api("/projects", user), name: 'bar'
+      response.status.should == 403
+    end
+
     it "should assign attributes to project" do
       project = attributes_for(:project, {
         description: Faker::Lorem.sentence,
-- 
GitLab