Commit 1f1ac58d authored by Sean McGivern's avatar Sean McGivern

Merge branch '59572-remove-protected-branch-creation-flag' into 'master'

Remove protected_branch_creation feature flag

Closes #59572

See merge request gitlab-org/gitlab-ce!27543
parents 383642e1 42c631b1
...@@ -48,7 +48,7 @@ module Gitlab ...@@ -48,7 +48,7 @@ module Gitlab
if project.empty_repo? if project.empty_repo?
protected_branch_push_checks protected_branch_push_checks
elsif creation? && protected_branch_creation_enabled? elsif creation?
protected_branch_creation_checks protected_branch_creation_checks
elsif deletion? elsif deletion?
protected_branch_deletion_checks protected_branch_deletion_checks
...@@ -124,10 +124,6 @@ module Gitlab ...@@ -124,10 +124,6 @@ module Gitlab
Gitlab::Routing.url_helpers.project_project_members_url(project) Gitlab::Routing.url_helpers.project_project_members_url(project)
end end
def protected_branch_creation_enabled?
Feature.enabled?(:protected_branch_creation, project, default_enabled: true)
end
def matching_merge_request? def matching_merge_request?
Checks::MatchingMergeRequest.new(newrev, branch_name, project).match? Checks::MatchingMergeRequest.new(newrev, branch_name, project).match?
end end
......
...@@ -77,117 +77,85 @@ describe Gitlab::Checks::BranchCheck do ...@@ -77,117 +77,85 @@ describe Gitlab::Checks::BranchCheck do
let(:oldrev) { '0000000000000000000000000000000000000000' } let(:oldrev) { '0000000000000000000000000000000000000000' }
let(:ref) { 'refs/heads/feature' } let(:ref) { 'refs/heads/feature' }
context 'protected branch creation feature is disabled' do context 'user can push to branch' do
before do before do
stub_feature_flags(protected_branch_creation: false) allow(user_access)
.to receive(:can_push_to_branch?)
.with('feature')
.and_return(true)
end end
context 'user is not allowed to push to protected branch' do it 'does not raise an error' do
before do expect { subject.validate! }.not_to raise_error
allow(user_access)
.to receive(:can_push_to_branch?)
.and_return(false)
end
it 'raises an error' do
expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You are not allowed to push code to protected branches on this project.')
end
end end
end
context 'user is allowed to push to protected branch' do context 'user cannot push to branch' do
before do before do
allow(user_access) allow(user_access)
.to receive(:can_push_to_branch?) .to receive(:can_push_to_branch?)
.and_return(true) .with('feature')
end .and_return(false)
it 'does not raise an error' do
expect { subject.validate! }.not_to raise_error
end
end end
end
context 'protected branch creation feature is enabled' do context 'user cannot merge to branch' do
context 'user can push to branch' do
before do before do
allow(user_access) allow(user_access)
.to receive(:can_push_to_branch?) .to receive(:can_merge_to_branch?)
.with('feature') .with('feature')
.and_return(true) .and_return(false)
end end
it 'does not raise an error' do it 'raises an error' do
expect { subject.validate! }.not_to raise_error expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You are not allowed to create protected branches on this project.')
end end
end end
context 'user cannot push to branch' do context 'user can merge to branch' do
before do before do
allow(user_access) allow(user_access)
.to receive(:can_push_to_branch?) .to receive(:can_merge_to_branch?)
.with('feature') .with('feature')
.and_return(false) .and_return(true)
allow(project.repository)
.to receive(:branch_names_contains_sha)
.with(newrev)
.and_return(['branch'])
end end
context 'user cannot merge to branch' do context "newrev isn't in any protected branches" do
before do before do
allow(user_access) allow(ProtectedBranch)
.to receive(:can_merge_to_branch?) .to receive(:any_protected?)
.with('feature') .with(project, ['branch'])
.and_return(false) .and_return(false)
end end
it 'raises an error' do it 'raises an error' do
expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You are not allowed to create protected branches on this project.') expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You can only use an existing protected branch ref as the basis of a new protected branch.')
end end
end end
context 'user can merge to branch' do context 'newrev is included in a protected branch' do
before do before do
allow(user_access) allow(ProtectedBranch)
.to receive(:can_merge_to_branch?) .to receive(:any_protected?)
.with('feature') .with(project, ['branch'])
.and_return(true) .and_return(true)
allow(project.repository)
.to receive(:branch_names_contains_sha)
.with(newrev)
.and_return(['branch'])
end end
context "newrev isn't in any protected branches" do context 'via web interface' do
before do let(:protocol) { 'web' }
allow(ProtectedBranch)
.to receive(:any_protected?)
.with(project, ['branch'])
.and_return(false)
end
it 'raises an error' do it 'allows branch creation' do
expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You can only use an existing protected branch ref as the basis of a new protected branch.') expect { subject.validate! }.not_to raise_error
end end
end end
context 'newrev is included in a protected branch' do context 'via SSH' do
before do it 'raises an error' do
allow(ProtectedBranch) expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You can only create protected branches using the web interface and API.')
.to receive(:any_protected?)
.with(project, ['branch'])
.and_return(true)
end
context 'via web interface' do
let(:protocol) { 'web' }
it 'allows branch creation' do
expect { subject.validate! }.not_to raise_error
end
end
context 'via SSH' do
it 'raises an error' do
expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You can only create protected branches using the web interface and API.')
end
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment