Stop passing push_rule by making it an attribute

ee/lib/ee/gitlab/checks/change_access.rb

@@ -13,6 +13,8 @@ module EE
           push_rule_committer_not_allowed: "You cannot push commits for '%{committer_email}'. You can only push commits that were committed with one of your own verified emails."
         }.freeze
 
+        attr_reader :push_rule
+
         override :exec
         def exec
           return true if skip_authorization
@@ -29,23 +31,23 @@ module EE
         def push_rule_check
           return unless newrev && oldrev && project.feature_available?(:push_rules)
 
-          push_rule = project.push_rule
+          @push_rule = project.push_rule
 
           if tag_name
-            push_rule_tag_check(push_rule)
+            push_rule_tag_check
           else
-            push_rule_branch_check(push_rule)
+            push_rule_branch_check
           end
         end
 
-        def push_rule_tag_check(push_rule)
-          if tag_deletion_denied_by_push_rule?(push_rule)
+        def push_rule_tag_check
+          if tag_deletion_denied_by_push_rule?
             raise ::Gitlab::GitAccess::UnauthorizedError, 'You cannot delete a tag'
           end
         end
 
-        def push_rule_branch_check(push_rule)
-          unless branch_name_allowed_by_push_rule?(push_rule)
+        def push_rule_branch_check
+          unless branch_name_allowed_by_push_rule?
             message = ERROR_MESSAGES[:push_rule_branch_name] % { branch_name_regex: push_rule.branch_name_regex }
             raise ::Gitlab::GitAccess::UnauthorizedError.new(message)
           end
@@ -57,40 +59,40 @@ module EE
           # n+1: https://gitlab.com/gitlab-org/gitlab-ee/issues/3593
           ::Gitlab::GitalyClient.allow_n_plus_1_calls do
             commits.each do |commit|
-              push_rule_commit_check(commit, push_rule)
+              push_rule_commit_check(commit)
             end
           end
         rescue ::PushRule::MatchError => e
           raise ::Gitlab::GitAccess::UnauthorizedError, e.message
         end
 
-        def branch_name_allowed_by_push_rule?(push_rule)
-          return true if skip_branch_name_push_rule?(push_rule)
+        def branch_name_allowed_by_push_rule?
+          return true if skip_branch_name_push_rule?
 
           push_rule.branch_name_allowed?(branch_name)
         end
 
-        def skip_branch_name_push_rule?(push_rule)
+        def skip_branch_name_push_rule?
           push_rule.nil? ||
             deletion? ||
             branch_name.blank? ||
             branch_name == project.default_branch
         end
 
-        def tag_deletion_denied_by_push_rule?(push_rule)
+        def tag_deletion_denied_by_push_rule?
           push_rule.try(:deny_delete_tag) &&
             !updated_from_web? &&
             deletion? &&
             tag_exists?
         end
 
-        def push_rule_commit_check(commit, push_rule)
+        def push_rule_commit_check(commit)
           if push_rule.try(:commit_validation?)
-            error = check_commit(commit, push_rule)
+            error = check_commit(commit)
             raise ::Gitlab::GitAccess::UnauthorizedError, error if error
           end
 
-          if error = check_commit_diff(commit, push_rule)
+          if error = check_commit_diff(commit)
             raise ::Gitlab::GitAccess::UnauthorizedError, error
           end
         end
@@ -98,7 +100,7 @@ module EE
         # If commit does not pass push rule validation the whole push should be rejected.
         # This method should return nil if no error found or a string if error.
         # In case of errors - all other checks will be canceled and push will be rejected.
-        def check_commit(commit, push_rule)
+        def check_commit(commit)
           unless push_rule.commit_message_allowed?(commit.safe_message)
             return "Commit message does not follow the pattern '#{push_rule.commit_message_regex}'"
           end
@@ -111,7 +113,7 @@ module EE
             return "Author's email '#{commit.author_email}' does not follow the pattern '#{push_rule.author_email_regex}'"
           end
 
-          committer_error_message = committer_check(commit, push_rule)
+          committer_error_message = committer_check(commit)
           return committer_error_message if committer_error_message
 
           if !updated_from_web? && !push_rule.commit_signature_allowed?(commit)
@@ -134,7 +136,7 @@ module EE
           nil
         end
 
-        def committer_check(commit, push_rule)
+        def committer_check(commit)
           unless push_rule.committer_allowed?(commit.committer_email, user_access.user)
             committer_is_current_user = commit.committer == user_access.user
 
@@ -146,8 +148,8 @@ module EE
           end
         end
 
-        def check_commit_diff(commit, push_rule)
-          validations = validations_for_commit(commit, push_rule)
+        def check_commit_diff(commit)
+          validations = validations_for_commit(commit)
 
           return if validations.empty?
 
@@ -162,12 +164,12 @@ module EE
           nil
         end
 
-        def validations_for_commit(commit, push_rule)
+        def validations_for_commit(commit)
           validations = base_validations
 
           return validations unless push_rule
 
-          validations << file_name_validation(push_rule)
+          validations << file_name_validation
 
           if push_rule.max_file_size > 0
             validations << file_size_validation(commit, push_rule.max_file_size)
@@ -200,7 +202,7 @@ module EE
           end
         end
 
-        def file_name_validation(push_rule)
+        def file_name_validation
           lambda do |diff|
             if (diff.renamed_file || diff.new_file) && blacklisted_regex = push_rule.filename_blacklisted?(diff.new_path)
               return nil unless blacklisted_regex.present?