Block project deletion by non-admins.

This isn't supported properly, and would likely cause issues if
teams stared actually using it on the live IDE (the endpoint has
been found and highlighted on the forums). Rather than need to
pick up the pieces, blocking its use should prevent too many issues.

I've left it in place so that the test teardowns which use this can
continue to do so, and to simplifiy the process of implementing this
if/when we do want to support it properly (once we figure out how).

Change-Id: Ide6d69bd4a1c9ce39e39df71885a6bb3ecb2d8e3

modules/proj.php

@@ -82,6 +82,17 @@ public function deleteProject()
 	{
 		$this->verifyTeam();
 		AuthBackend::ensureWrite($this->team);
+
+		// Project deletion isn't really supported yet, but is used in a limited way
+		// in some of the tests. Rather than have them need to do something else,
+		// requiring that the user is an admin is a quick way to prevent unauthorised
+		// access to this unsupported endpoint.
+		$auth = AuthBackend::getInstance();
+		if (!$auth->isCurrentUserAdmin())
+		{
+			throw new Exception('You are not allowed to delete projects.', E_PERM_DENIED);
+		}
+
 		$this->projectManager->deleteRepository($this->team, $this->projectName);
 		return true;
 	}

tests/proj/del.php

@@ -28,6 +28,19 @@
 test_existent($repopath, "must have created repo to be deleted");
 
 $proj = $mm->getModule("proj");
-$proj->dispatchCommand("del");
+$del = function() use($proj) {
+	$proj->dispatchCommand("del");
+};
+
+$del();
 
 test_nonexistent($repopath, "deleted repo existed");
+
+// Prove that it's admin-only
+GitRepository::createRepository($repopath, true);
+test_existent($repopath, "must have created repo to be deleted");
+
+$config->override("user.default.is_admin", false);
+
+test_exception($del, E_PERM_DENIED, "Non-admins must not be able to delete projects.");
+test_existent($repopath, "Repo should have still existed after delete was blocked.");