Automatic merge of gitlab-org/gitlab-ce master

c5f6aabb · GitLab Bot · bbf7a1fd · 7629421b · c5f6aabb · c5f6aabb
Commit c5f6aabb authored Mar 21, 2019 by GitLab Bot
8 changed files
--- a/app/assets/stylesheets/pages/projects.scss
+++ b/app/assets/stylesheets/pages/projects.scss
@@ -18,12 +18,9 @@
  }
  .input-group {
-    display: flex;
    .select2-container {
      display: unset;
      max-width: unset;
-      width: unset !important;
      flex-grow: 1;
    }

--- a/app/views/projects/_new_project_fields.html.haml
+++ b/app/views/projects/_new_project_fields.html.haml
@@ -12,9 +12,9 @@
  .form-group.project-path.col-sm-6
    = f.label :namespace_id, class: 'label-bold' do
      %span= s_("Project URL")
-    .input-group
+    .input-group.flex-nowrap
      - if current_user.can_select_namespace?
-        .input-group-prepend.has-tooltip{ title: root_url }
+        .input-group-prepend.flex-shrink-0.has-tooltip{ title: root_url }
          .input-group-text
            = root_url
        - namespace_id = namespace_id_from(params)
@@ -23,10 +23,10 @@
                                                                      display_path: true,
                                                                      extra_group: namespace_id),
                   {},
-                   { class: 'select2 js-select-namespace qa-project-namespace-select', tabindex: 1, data: { track_label: "#{track_label}", track_event: "activate_form_input", track_property: "project_path", track_value: "" }})
+                   { class: 'select2 js-select-namespace qa-project-namespace-select block-truncated', tabindex: 1, data: { track_label: "#{track_label}", track_event: "activate_form_input", track_property: "project_path", track_value: "" }})
      - else
-        .input-group-prepend.static-namespace.has-tooltip{ title: user_url(current_user.username) + '/' }
+        .input-group-prepend.static-namespace.flex-shrink-0.has-tooltip{ title: user_url(current_user.username) + '/' }
          .input-group-text.border-0
            #{user_url(current_user.username)}/
        = f.hidden_field :namespace_id, value: current_user.namespace_id

--- a/app/views/projects/protected_branches/shared/_index.html.haml
+++ b/app/views/projects/protected_branches/shared/_index.html.haml
@@ -12,7 +12,7 @@
    %p
      By default, protected branches are designed to:
      %ul
-        %li prevent their creation, if not already created, from everybody except users who are allowed to merge
+        %li prevent their creation, if not already created, from everybody except Maintainers
        %li prevent pushes from everybody except Maintainers
        %li prevent <strong>anyone</strong> from force pushing to the branch
        %li prevent <strong>anyone</strong> from deleting the branch

--- a/changelogs/unreleased/59189-long-names-in-project-path-namespace-dropdown-breaks-past-container.yml
+++ b/changelogs/unreleased/59189-long-names-in-project-path-namespace-dropdown-breaks-past-container.yml
+---
+title: Prevent namespace dropdown in new project form from exceeding container
+merge_request: 26343
+author:
+type: fixed
--- a/changelogs/unreleased/59289-fix-push-to-create-protected-branches.yml
+++ b/changelogs/unreleased/59289-fix-push-to-create-protected-branches.yml
+---
+title: Allow users who can push to protected branches to create protected branches
+  via CLI
+merge_request: 26413
+author:
+type: fixed
--- a/doc/user/project/protected_branches.md
+++ b/doc/user/project/protected_branches.md
@@ -10,7 +10,7 @@ created protected branches.
 By default, a protected branch does four simple things:
 - it prevents its creation, if not already created, from everybody except users
-  who are allowed to merge
+  with Maintainer permission
 - it prevents pushes from everybody except users with Maintainer permission
 - it prevents **anyone** from force pushing to the branch
 - it prevents **anyone** from deleting the branch

--- a/lib/gitlab/checks/branch_check.rb
+++ b/lib/gitlab/checks/branch_check.rb
@@ -59,6 +59,8 @@ module Gitlab
      def protected_branch_creation_checks
        logger.log_timed(LOG_MESSAGES[:protected_branch_creation_checks]) do
+          break if user_access.can_push_to_branch?(branch_name)
          unless user_access.can_merge_to_branch?(branch_name)
            raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:create_protected_branch]
          end

--- a/spec/lib/gitlab/checks/branch_check_spec.rb
+++ b/spec/lib/gitlab/checks/branch_check_spec.rb
@@ -108,64 +108,86 @@ describe Gitlab::Checks::BranchCheck do
        end
        context 'protected branch creation feature is enabled' do
-          context 'user is not allowed to create protected branches' do
+          context 'user can push to branch' do
            before do
              allow(user_access)
-                .to receive(:can_merge_to_branch?)
+                .to receive(:can_push_to_branch?)
                .with('feature')
-                .and_return(false)
+                .and_return(true)
            end
-            it 'raises an error' do
+            it 'does not raise an error' do
-              expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You are not allowed to create protected branches on this project.')
+              expect { subject.validate! }.not_to raise_error
            end
          end
-          context 'user is allowed to create protected branches' do
+          context 'user cannot push to branch' do
            before do
              allow(user_access)
-                .to receive(:can_merge_to_branch?)
+                .to receive(:can_push_to_branch?)
                .with('feature')
-                .and_return(true)
+                .and_return(false)
-              allow(project.repository)
-                .to receive(:branch_names_contains_sha)
-                .with(newrev)
-                .and_return(['branch'])
            end
-            context "newrev isn't in any protected branches" do
+            context 'user cannot merge to branch' do
              before do
-                allow(ProtectedBranch)
+                allow(user_access)
-                  .to receive(:any_protected?)
+                  .to receive(:can_merge_to_branch?)
-                  .with(project, ['branch'])
+                  .with('feature')
                  .and_return(false)
              end
              it 'raises an error' do
-                expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You can only use an existing protected branch ref as the basis of a new protected branch.')
+                expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You are not allowed to create protected branches on this project.')
              end
            end
-            context 'newrev is included in a protected branch' do
+            context 'user can merge to branch' do
              before do
-                allow(ProtectedBranch)
+                allow(user_access)
-                  .to receive(:any_protected?)
+                  .to receive(:can_merge_to_branch?)
-                  .with(project, ['branch'])
+                  .with('feature')
                  .and_return(true)
+                allow(project.repository)
+                  .to receive(:branch_names_contains_sha)
+                  .with(newrev)
+                  .and_return(['branch'])
              end
-              context 'via web interface' do
+              context "newrev isn't in any protected branches" do
-                let(:protocol) { 'web' }
+                before do
+                  allow(ProtectedBranch)
+                    .to receive(:any_protected?)
+                    .with(project, ['branch'])
+                    .and_return(false)
+                end
-                it 'allows branch creation' do
+                it 'raises an error' do
-                  expect { subject.validate! }.not_to raise_error
+                  expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You can only use an existing protected branch ref as the basis of a new protected branch.')
                end
              end
-              context 'via SSH' do
+              context 'newrev is included in a protected branch' do
-                it 'raises an error' do
+                before do
-                  expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You can only create protected branches using the web interface and API.')
+                  allow(ProtectedBranch)
+                    .to receive(:any_protected?)
+                    .with(project, ['branch'])
+                    .and_return(true)
+                end
+                context 'via web interface' do
+                  let(:protocol) { 'web' }
+                  it 'allows branch creation' do
+                    expect { subject.validate! }.not_to raise_error
+                  end
+                end
+                context 'via SSH' do
+                  it 'raises an error' do
+                    expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You can only create protected branches using the web interface and API.')
+                  end
                end
              end
            end