Merge branch 'security-update-import-export-pr-branches-14-10' into '14-10-stable-ee'

Update Import/Export merge/push access levels & exclude ci config path See merge request gitlab-org/security/gitlab!2404

Merge branch 'security-update-import-export-pr-branches-14-10' into '14-10-stable-ee'
Update Import/Export merge/push access levels & exclude ci config path See merge request gitlab-org/security/gitlab!2404
24ecf93c · GitLab Release Tools Bot · 40088098 · 40f32316 · 24ecf93c · 24ecf93c
Commit 24ecf93c authored Apr 29, 2022 by GitLab Release Tools Bot
6 changed files
--- a/lib/gitlab/import_export/project/import_export.yml
+++ b/lib/gitlab/import_export/project/import_export.yml
@@ -639,7 +639,6 @@ included_attributes:
    - :build_allow_git_fetch
    - :build_coverage_regex
    - :build_timeout
-    - :ci_config_path
    - :delete_error
    - :description
    - :disable_overriding_approvers_per_merge_request

--- a/lib/gitlab/import_export/project/relation_factory.rb
+++ b/lib/gitlab/import_export/project/relation_factory.rb
@@ -87,6 +87,8 @@ module Gitlab
          when *BUILD_MODELS then setup_build
          when :issues then setup_issue
          when :'Ci::PipelineSchedule' then setup_pipeline_schedule
+          when :'ProtectedBranch::MergeAccessLevel' then setup_protected_branch_access_level
+          when :'ProtectedBranch::PushAccessLevel' then setup_protected_branch_access_level
          end

          update_project_references
@@ -152,6 +154,10 @@ module Gitlab
          @relation_hash['active'] = false
        end

+        def setup_protected_branch_access_level
+          @relation_hash['access_level'] = Gitlab::Access::MAINTAINER
+        end
+
        def compute_relative_position
          return unless max_relative_position


--- a/spec/fixtures/lib/gitlab/import_export/complex/project.json
+++ b/spec/fixtures/lib/gitlab/import_export/complex/project.json
@@ -4,6 +4,7 @@
  "creator_id": 123,
  "visibility_level": 10,
  "archived": false,
+  "ci_config_path": "config/path",
  "labels": [
    {
      "id": 2,

--- a/spec/fixtures/lib/gitlab/import_export/complex/tree/project.json
+++ b/spec/fixtures/lib/gitlab/import_export/complex/tree/project.json
@@ -6,5 +6,6 @@
  "archived": false,
  "deploy_keys": [],
  "hooks": [],
-  "shared_runners_enabled": true
+  "shared_runners_enabled": true,
+  "ci_config_path": "config/path"
 }
--- a/spec/lib/gitlab/import_export/project/relation_factory_spec.rb
+++ b/spec/lib/gitlab/import_export/project/relation_factory_spec.rb
@@ -417,4 +417,22 @@ RSpec.describe Gitlab::ImportExport::Project::RelationFactory, :use_clean_rails_
      expect(created_object.project).to equal(project)
    end
  end
+
+  context 'merge request access level object' do
+    let(:relation_sym) { :'ProtectedBranch::MergeAccessLevel' }
+    let(:relation_hash) { { 'access_level' => 30, 'created_at' => '2022-03-29T09:53:13.457Z', 'updated_at' => '2022-03-29T09:54:13.457Z' } }
+
+    it 'sets access level to maintainer' do
+      expect(created_object.access_level).to equal(Gitlab::Access::MAINTAINER)
+    end
+  end
+
+  context 'push access level object' do
+    let(:relation_sym) { :'ProtectedBranch::PushAccessLevel' }
+    let(:relation_hash) { { 'access_level' => 30, 'created_at' => '2022-03-29T09:53:13.457Z', 'updated_at' => '2022-03-29T09:54:13.457Z' } }
+
+    it 'sets access level to maintainer' do
+      expect(created_object.access_level).to equal(Gitlab::Access::MAINTAINER)
+    end
+  end
 end
--- a/spec/lib/gitlab/import_export/project/tree_restorer_spec.rb
+++ b/spec/lib/gitlab/import_export/project/tree_restorer_spec.rb
@@ -111,6 +111,10 @@ RSpec.describe Gitlab::ImportExport::Project::TreeRestorer do
          end
        end

+        it 'does not import ci config path' do
+          expect(@project.ci_config_path).to be_nil
+        end
+
        it 'creates a valid pipeline note' do
          expect(Ci::Pipeline.find_by_sha('sha-notes').notes).not_to be_empty
        end