Commit 37dae5be authored by Mikołaj Wawrzyniak's avatar Mikołaj Wawrzyniak

Merge branch...

Merge branch '27934-archived-project-settings-gets-an-error-occurred-fetching-the-approval-rules-2' into 'master'

Resolve: Archived project settings gets "An error occurred fetching the approval rules"

See merge request gitlab-org/gitlab!80652
parents dc9afe9f b103c49e
...@@ -5,7 +5,6 @@ module API ...@@ -5,7 +5,6 @@ module API
feature_category :source_code_management feature_category :source_code_management
before { authenticate! } before { authenticate! }
before { authorize! :update_approvers, user_project }
helpers do helpers do
def filter_forbidden_param(params, permission, param) def filter_forbidden_param(params, permission, param)
...@@ -30,6 +29,9 @@ module API ...@@ -30,6 +29,9 @@ module API
success EE::API::Entities::ApprovalSettings success EE::API::Entities::ApprovalSettings
end end
get '/', urgency: :low do get '/', urgency: :low do
# If the project is archived, the project admin should still be able to read the approvers
authorize!(:update_approvers, user_project) unless can?(current_user, :admin_project, user_project)
present user_project.present(current_user: current_user), with: EE::API::Entities::ApprovalSettings present user_project.present(current_user: current_user), with: EE::API::Entities::ApprovalSettings
end end
...@@ -47,6 +49,8 @@ module API ...@@ -47,6 +49,8 @@ module API
at_least_one_of :approvals_before_merge, :reset_approvals_on_push, :disable_overriding_approvers_per_merge_request, :merge_requests_author_approval, :merge_requests_disable_committers_approval, :require_password_to_approve at_least_one_of :approvals_before_merge, :reset_approvals_on_push, :disable_overriding_approvers_per_merge_request, :merge_requests_author_approval, :merge_requests_disable_committers_approval, :require_password_to_approve
end end
post '/' do post '/' do
authorize! :update_approvers, user_project
declared_params = declared(params, include_missing: false, include_parent_namespaces: false) declared_params = declared(params, include_missing: false, include_parent_namespaces: false)
project_params = filter_params(declared_params) project_params = filter_params(declared_params)
result = ::Projects::UpdateService.new(user_project, current_user, project_params).execute result = ::Projects::UpdateService.new(user_project, current_user, project_params).execute
......
...@@ -45,6 +45,32 @@ RSpec.describe API::ProjectApprovals do ...@@ -45,6 +45,32 @@ RSpec.describe API::ProjectApprovals do
expect(response).to match_response_schema('public_api/v4/project_approvers', dir: 'ee') expect(response).to match_response_schema('public_api/v4/project_approvers', dir: 'ee')
expect(json_response["approver_groups"]).to be_empty expect(json_response["approver_groups"]).to be_empty
end end
context 'when project is archived' do
let_it_be(:archived_project) { create(:project, :archived, creator: user) }
let(:url) { "/projects/#{archived_project.id}/approvals" }
context 'when user has normal permissions' do
it 'returns 403' do
archived_project.add_developer(user2)
get api(url, user2)
expect(response).to have_gitlab_http_status(:forbidden)
end
end
context 'when user has project admin permissions' do
it 'allows access' do
archived_project.add_maintainer(user2)
get api(url, user2)
expect(response).to have_gitlab_http_status(:ok)
end
end
end
end end
describe 'POST /projects/:id/approvals' do describe 'POST /projects/:id/approvals' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment