diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 34657813cbd8787926e18783973a465d85156aeb..26c14276535e36627914b92056c65d7d65bff7e2 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -181,7 +181,9 @@ module API end expose :group_access, using: Entities::GroupAccess do |project, options| - project.group.users_groups.find_by(user_id: options[:user].id) + if project.group + project.group.users_groups.find_by(user_id: options[:user].id) + end end end end diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb index b4b5f606eee5e825fa33d27f9bf77925f84dd38f..cb30c98b4d22e682bbe25ce6d42c51b10060adea 100644 --- a/spec/requests/api/projects_spec.rb +++ b/spec/requests/api/projects_spec.rb @@ -259,6 +259,7 @@ describe API::API do describe "GET /projects/:id" do before { project } + before { users_project } it "should return a project by id" do get api("/projects/#{project.id}", user) @@ -284,6 +285,28 @@ describe API::API do get api("/projects/#{project.id}", other_user) response.status.should == 404 end + + describe 'permissions' do + context 'personal project' do + before { get api("/projects/#{project.id}", user) } + + it { response.status.should == 200 } + it { json_response['permissions']["project_access"]["access_level"].should == Gitlab::Access::MASTER } + it { json_response['permissions']["group_access"].should be_nil } + end + + context 'group project' do + before do + project2 = create(:project, group: create(:group)) + project2.group.add_owner(user) + get api("/projects/#{project2.id}", user) + end + + it { response.status.should == 200 } + it { json_response['permissions']["project_access"].should be_nil } + it { json_response['permissions']["group_access"]["access_level"].should == Gitlab::Access::OWNER } + end + end end describe "GET /projects/:id/events" do