Allow request namespace by ID or path

doc/api/namespaces.md

@@ -101,7 +101,7 @@ GET /namespaces/:id
 
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
-| `id`      | integer | yes | ID of the namespace |
+| `id`      | integer/string | yes | ID or path of the namespace |
 
 Example request:
 
@@ -122,3 +122,23 @@ Example response:
   "members_count_with_descendants": 2
 }
 ```
+
+Example request:
+
+```bash
+curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/namespaces/group1
+```
+
+Example response:
+
+```json
+{
+  "id": 2,
+  "name": "group1",
+  "path": "group1",
+  "kind": "group",
+  "full_path": "group1",
+  "parent_id": "null",
+  "members_count_with_descendants": 2
+}
+```

lib/api/helpers.rb

@@ -52,6 +52,10 @@ module API
       initial_current_user != current_user
     end
 
+    def user_namespace
+      @user_namespace ||= find_namespace!(params[:id])
+    end
+
     def user_group
       @group ||= find_group!(params[:id])
     end
@@ -109,14 +113,6 @@ module API
       end
     end
 
-    def find_namespace(id)
-      if id =~ /^\d+$/
-        Namespace.find_by(id: id)
-      else
-        Namespace.find_by_full_path(id)
-      end
-    end
-
     def find_group!(id)
       # CI job token authentication:
       # currently we do not allow any group access for CI job token
@@ -131,6 +127,24 @@ module API
       end
     end
 
+    def find_namespace(id)
+      if id.to_s =~ /^\d+$/
+        Namespace.find_by(id: id)
+      else
+        Namespace.find_by_full_path(id)
+      end
+    end
+
+    def find_namespace!(id)
+      namespace = find_namespace(id)
+
+      if can?(current_user, :admin_namespace, namespace)
+        namespace
+      else
+        not_found!('Namespace')
+      end
+    end
+
     def find_project_label(id)
       label = available_labels.find_by_id(id) || available_labels.find_by_title(id)
       label || not_found!('Label')

lib/api/namespaces.rb

@@ -45,24 +45,10 @@ module API
         success Entities::Namespace
       end
       params do
-        requires :id, type: Integer, desc: "Namespace's ID"
+        requires :id, type: String, desc: "Namespace's ID or path"
       end
       get ':id' do
-        namespace = Namespace.find(params[:id])
-        authenticate_get_namespace!(namespace)
-
-        present namespace, with: Entities::Namespace, current_user: current_user
-      end
-    end
-
-    helpers do
-      def authenticate_get_namespace!(namespace)
-        return if current_user.admin?
-        forbidden!('No access granted') unless user_can_access_namespace?(namespace)
-      end
-
-      def user_can_access_namespace?(namespace)
-        namespace.has_owner?(current_user)
+        present user_namespace, with: Entities::Namespace, current_user: current_user
       end
     end
   end

spec/requests/api/namespaces_spec.rb

@@ -143,19 +143,36 @@ describe API::Namespaces do
   describe 'GET /namespaces/:id' do
     let(:owned_group) { group1 }
 
+    shared_examples 'can access namespace' do
+      it 'returns namespace details' do
+        get api("/namespaces/#{namespace_id}", request_actor)
+
+        expect(response).to have_gitlab_http_status(200)
+
+        expect(json_response['id']).to eq(requested_namespace.id)
+        expect(json_response['path']).to eq(requested_namespace.path)
+        expect(json_response['name']).to eq(requested_namespace.name)
+      end
+    end
+
     shared_examples 'namespace reader' do
+      let(:requested_namespace) { owned_group }
+
       before do
         owned_group.add_owner(request_actor)
       end
 
       context 'when namespace exists' do
-        it 'returns namespace details' do
-          get api("/namespaces/#{owned_group.id}", request_actor)
+        context 'when requested by ID' do
+          let(:namespace_id) { owned_group.id }
 
-          expect(response).to have_gitlab_http_status(200)
+          it_behaves_like 'can access namespace'
+        end
+
+        context 'when requested by path' do
+          let(:namespace_id) { owned_group.path }
 
-          expect(json_response['id']).to eq(owned_group.id)
-          expect(json_response['name']).to eq(owned_group.name)
+          it_behaves_like 'can access namespace'
         end
       end
 
@@ -180,10 +197,10 @@ describe API::Namespaces do
       let(:request_actor) { user }
 
       context 'when requested namespace is not owned by user' do
-        it 'returns authentication error' do
+        it 'returns not-found' do
           get api("/namespaces/#{group2.id}", request_actor)
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(404)
         end
       end
 
@@ -196,11 +213,10 @@ describe API::Namespaces do
       let(:request_actor) { admin }
 
       context 'when requested namespace is not owned by user' do
-        it 'returns authentication error' do
-          get api("/namespaces/#{group2.id}", request_actor)
+        let(:namespace_id) { group2.id }
+        let(:requested_namespace) { group2 }
 
-          expect(response).to have_gitlab_http_status(200)
-        end
+        it_behaves_like 'can access namespace'
       end
 
       context 'when requested namespace is owned by user' do