Skip to content

G
gitlab-ce
Commit e7e9d41f authored by Timothy Andrew's avatar Timothy Andrew Committed by Alfredo Sumaran
Browse files
Options

A protected branch can only have a single access level for a given group. 

1. Builds on dd26f4e7fa418df7baeb8de057b28554c29ea826
parent 5898fa26
Hide whitespace changes
Inline Side-by-side
Showing with 46 additions and 2 deletions
app/models/concerns/protected_branch_access.rb
View file @ e7e9d41f
...@@ -2,8 +2,12 @@ module ProtectedBranchAccess ...@@ -2,8 +2,12 @@ module ProtectedBranchAccess
extend ActiveSupport::Concern extend ActiveSupport::Concern
included do included do
validates :user_id, uniqueness: { scope: :protected_branch, allow_nil: true } validates_uniqueness_of :group_id, scope: :protected_branch, allow_nil: true
validates :access_level, uniqueness: { scope: :protected_branch, unless: :user_id?, conditions: -> { where(user_id: nil) } } validates_uniqueness_of :user_id, scope: :protected_branch, allow_nil: true
validates_uniqueness_of :access_level,
scope: :protected_branch,
unless: Proc.new { |access_level| access_level.user_id? || access_level.group_id? },
conditions: -> { where(user_id: nil, group_id: nil) }
end end
def type def type
......
spec/factories/protected_branches/merge_access_levels.rb
View file @ e7e9d41f
FactoryGirl.define do FactoryGirl.define do
factory :protected_branch_merge_access_level, class: ProtectedBranch::MergeAccessLevel do factory :protected_branch_merge_access_level, class: ProtectedBranch::MergeAccessLevel do
user nil user nil
group nil
protected_branch protected_branch
access_level { Gitlab::Access::DEVELOPER } access_level { Gitlab::Access::DEVELOPER }
end end
......
spec/factories/protected_branches/push_access_levels.rb
View file @ e7e9d41f
FactoryGirl.define do FactoryGirl.define do
factory :protected_branch_push_access_level, class: ProtectedBranch::PushAccessLevel do factory :protected_branch_push_access_level, class: ProtectedBranch::PushAccessLevel do
user nil user nil
group nil
protected_branch protected_branch
access_level { Gitlab::Access::DEVELOPER } access_level { Gitlab::Access::DEVELOPER }
end end
......
spec/models/protected_branch_spec.rb
View file @ e7e9d41f
...@@ -38,6 +38,16 @@ describe ProtectedBranch, models: true do ...@@ -38,6 +38,16 @@ describe ProtectedBranch, models: true do
expect(protected_branch).to be_valid expect(protected_branch).to be_valid
end end
it "does not count a group-based #{human_association_name} with an `access_level` set" do
group = create(:group)
protected_branch = create(:protected_branch, :remove_default_access_levels)
protected_branch.send(association_name) << build(factory_name, group: group, access_level: Gitlab::Access::MASTER)
protected_branch.send(association_name) << build(factory_name, access_level: Gitlab::Access::MASTER)
expect(protected_branch).to be_valid
end
end end
context "while checking uniqueness of a user-based #{human_association_name}" do context "while checking uniqueness of a user-based #{human_association_name}" do
...@@ -65,6 +75,34 @@ describe ProtectedBranch, models: true do ...@@ -65,6 +75,34 @@ describe ProtectedBranch, models: true do
expect(protected_branch).to be_valid expect(protected_branch).to be_valid
end end
end end
context "while checking uniqueness of a group-based #{human_association_name}" do
let(:group) { create(:group) }
it "allows a single #{human_association_name} for a group (per protected branch)" do
first_protected_branch = create(:protected_branch, :remove_default_access_levels)
second_protected_branch = create(:protected_branch, :remove_default_access_levels)
first_protected_branch.send(association_name) << build(factory_name, group: group)
second_protected_branch.send(association_name) << build(factory_name, group: group)
expect(first_protected_branch).to be_valid
expect(second_protected_branch).to be_valid
first_protected_branch.send(association_name) << build(factory_name, group: group)
expect(first_protected_branch).to be_invalid
expect(first_protected_branch.errors.full_messages.first).to match("group has already been taken")
end
it "ignores the `access_level` while validating a group-based #{human_association_name}" do
protected_branch = create(:protected_branch, :remove_default_access_levels)
protected_branch.send(association_name) << build(factory_name, access_level: Gitlab::Access::MASTER)
protected_branch.send(association_name) << build(factory_name, group: group, access_level: Gitlab::Access::MASTER)
expect(protected_branch).to be_valid
end
end
end end
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7