Add structure to support EE feature of COAR

These are the structural changes for supporting the EE feature of moving "code_owner_approval_required" state from existing on a project to being on the protected branches individually, allowing for CODEOWNER validation on push events.

Add structure to support EE feature of COAR
These are the structural changes for supporting the EE feature of moving "code_owner_approval_required" state from existing on a project to being on the protected branches individually, allowing for CODEOWNER validation on push events.
0e40b41e · Kerri Miller · Nick Thomas · 95ef2725 · 0e40b41e · 0e40b41e
Commit 0e40b41e authored Sep 05, 2019 by Kerri Miller Committed by Nick Thomas Sep 05, 2019
7 changed files
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -174,6 +174,7 @@ class MergeRequest < ApplicationRecord
  scope :from_project, ->(project) { where(source_project_id: project.id) }
  scope :merged, -> { with_state(:merged) }
  scope :closed_and_merged, -> { with_states(:closed, :merged) }
+  scope :open_and_closed, -> { with_states(:opened, :closed) }
  scope :from_source_branches, ->(branches) { where(source_branch: branches) }
  scope :by_commit_sha, ->(sha) do
    where('EXISTS (?)', MergeRequestDiff.select(1).where('merge_requests.latest_merge_request_diff_id = merge_request_diffs.id').by_commit_sha(sha)).reorder(nil)
@@ -187,6 +188,11 @@ class MergeRequest < ApplicationRecord
            target_project: [:route, { namespace: :route }],
            source_project: [:route, { namespace: :route }])
  }
+  scope :by_target_branch_wildcard, ->(wildcard_branch_name) do
+    where("target_branch LIKE ?", ApplicationRecord.sanitize_sql_like(wildcard_branch_name).tr('*', '%'))
+  end
+  scope :by_target_branch, ->(branch_name) { where(target_branch: branch_name) }
+  scope :preload_source_project, -> { preload(:source_project) }
  after_save :keep_around_commit

--- a/app/models/protected_branch.rb
+++ b/app/models/protected_branch.rb
@@ -3,6 +3,9 @@
 class ProtectedBranch < ApplicationRecord
  include ProtectedRef
+  scope :requiring_code_owner_approval,
+        -> { where(code_owner_approval_required: true) }
  protected_ref_access_levels :merge, :push
  def self.protected_ref_accessible_to?(ref, user, project:, action:, protected_refs: nil)

--- a/app/services/protected_branches/create_service.rb
+++ b/app/services/protected_branches/create_service.rb
@@ -5,7 +5,8 @@ module ProtectedBranches
    def execute(skip_authorization: false)
      raise Gitlab::Access::AccessDeniedError unless skip_authorization || authorized?
-      protected_branch.save
+      save_protected_branch
      protected_branch
    end
@@ -15,6 +16,10 @@ module ProtectedBranches
    private
+    def save_protected_branch
+      protected_branch.save
+    end
    def protected_branch
      @protected_branch ||= project.protected_branches.new(params)
    end

--- a/db/migrate/20190729180447_add_merge_requests_require_code_owner_approval_to_protected_branches.rb
+++ b/db/migrate/20190729180447_add_merge_requests_require_code_owner_approval_to_protected_branches.rb
+# frozen_string_literal: true
+class AddMergeRequestsRequireCodeOwnerApprovalToProtectedBranches < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+  disable_ddl_transaction!
+  def up
+    add_column_with_default(
+      :protected_branches,
+      :code_owner_approval_required,
+      :boolean,
+      default: false
+    )
+    add_concurrent_index(
+      :protected_branches,
+      [:project_id, :code_owner_approval_required],
+      name: "code_owner_approval_required",
+      where: "code_owner_approval_required = #{Gitlab::Database.true_value}")
+  end
+  def down
+    remove_concurrent_index(:protected_branches, name: "code_owner_approval_required")
+    remove_column(:protected_branches, :code_owner_approval_required)
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2932,6 +2932,8 @@ ActiveRecord::Schema.define(version: 2019_09_04_173203) do
    t.string "name", null: false
    t.datetime "created_at"
    t.datetime "updated_at"
+    t.boolean "code_owner_approval_required", default: false, null: false
+    t.index ["project_id", "code_owner_approval_required"], name: "code_owner_approval_required", where: "(code_owner_approval_required = true)"
    t.index ["project_id"], name: "index_protected_branches_on_project_id"
  end

--- a/spec/lib/gitlab/checks/diff_check_spec.rb
+++ b/spec/lib/gitlab/checks/diff_check_spec.rb
@@ -20,9 +20,8 @@ describe Gitlab::Checks::DiffCheck do
        allow(project).to receive(:lfs_enabled?).and_return(false)
      end
-      it 'skips the validation' do
+      it 'does not invoke :lfs_file_locks_validation' do
-        expect(subject).not_to receive(:validate_diff)
+        expect(subject).not_to receive(:lfs_file_locks_validation)
-        expect(subject).not_to receive(:validate_file_paths)
        subject.validate!
      end

--- a/spec/lib/gitlab/import_export/safe_model_attributes.yml
+++ b/spec/lib/gitlab/import_export/safe_model_attributes.yml
@@ -467,6 +467,7 @@ ProtectedBranch:
 - name
 - created_at
 - updated_at
+- code_owner_approval_required
 ProtectedTag:
 - id
 - project_id