Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
eba4b940
Commit
eba4b940
authored
Mar 08, 2019
by
Jan Beckmann
Committed by
Sean McGivern
Mar 08, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Disallow reopening of locked merge requests
Fixes #56864
parent
66481881
Changes
9
Show whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
68 additions
and
6 deletions
+68
-6
app/policies/issuable_policy.rb
app/policies/issuable_policy.rb
+1
-0
app/policies/merge_request_policy.rb
app/policies/merge_request_policy.rb
+3
-0
app/policies/project_policy.rb
app/policies/project_policy.rb
+1
-0
app/services/merge_requests/reopen_service.rb
app/services/merge_requests/reopen_service.rb
+1
-1
app/views/projects/merge_requests/_mr_title.html.haml
app/views/projects/merge_requests/_mr_title.html.haml
+3
-1
changelogs/unreleased/56864-reopen-locked-mr.yml
changelogs/unreleased/56864-reopen-locked-mr.yml
+5
-0
doc/user/discussions/index.md
doc/user/discussions/index.md
+1
-1
spec/policies/issuable_policy_spec.rb
spec/policies/issuable_policy_spec.rb
+3
-3
spec/policies/merge_request_policy_spec.rb
spec/policies/merge_request_policy_spec.rb
+50
-0
No files found.
app/policies/issuable_policy.rb
View file @
eba4b940
...
@@ -17,6 +17,7 @@ class IssuablePolicy < BasePolicy
...
@@ -17,6 +17,7 @@ class IssuablePolicy < BasePolicy
enable
:reopen_issue
enable
:reopen_issue
enable
:read_merge_request
enable
:read_merge_request
enable
:update_merge_request
enable
:update_merge_request
enable
:reopen_merge_request
end
end
rule
{
locked
&
~
is_project_member
}.
policy
do
rule
{
locked
&
~
is_project_member
}.
policy
do
...
...
app/policies/merge_request_policy.rb
View file @
eba4b940
# frozen_string_literal: true
# frozen_string_literal: true
class
MergeRequestPolicy
<
IssuablePolicy
class
MergeRequestPolicy
<
IssuablePolicy
rule
{
locked
}.
policy
do
prevent
:reopen_merge_request
end
end
end
app/policies/project_policy.rb
View file @
eba4b940
...
@@ -231,6 +231,7 @@ class ProjectPolicy < BasePolicy
...
@@ -231,6 +231,7 @@ class ProjectPolicy < BasePolicy
enable
:admin_merge_request
enable
:admin_merge_request
enable
:admin_milestone
enable
:admin_milestone
enable
:update_merge_request
enable
:update_merge_request
enable
:reopen_merge_request
enable
:create_commit_status
enable
:create_commit_status
enable
:update_commit_status
enable
:update_commit_status
enable
:create_build
enable
:create_build
...
...
app/services/merge_requests/reopen_service.rb
View file @
eba4b940
...
@@ -3,7 +3,7 @@
...
@@ -3,7 +3,7 @@
module
MergeRequests
module
MergeRequests
class
ReopenService
<
MergeRequests
::
BaseService
class
ReopenService
<
MergeRequests
::
BaseService
def
execute
(
merge_request
)
def
execute
(
merge_request
)
return
merge_request
unless
can?
(
current_user
,
:
update
_merge_request
,
merge_request
)
return
merge_request
unless
can?
(
current_user
,
:
reopen
_merge_request
,
merge_request
)
if
merge_request
.
reopen
if
merge_request
.
reopen
create_event
(
merge_request
)
create_event
(
merge_request
)
...
...
app/views/projects/merge_requests/_mr_title.html.haml
View file @
eba4b940
-
can_update_merge_request
=
can?
(
current_user
,
:update_merge_request
,
@merge_request
)
-
can_update_merge_request
=
can?
(
current_user
,
:update_merge_request
,
@merge_request
)
-
can_reopen_merge_request
=
can?
(
current_user
,
:reopen_merge_request
,
@merge_request
)
-
if
@merge_request
.
closed_without_fork?
-
if
@merge_request
.
closed_without_fork?
.alert.alert-danger
.alert.alert-danger
...
@@ -33,10 +34,11 @@
...
@@ -33,10 +34,11 @@
-
if
can_update_merge_request
-
if
can_update_merge_request
%li
{
class:
[
merge_request_button_visibility
(
@merge_request
,
true
),
'js-close-item'
]
}
%li
{
class:
[
merge_request_button_visibility
(
@merge_request
,
true
),
'js-close-item'
]
}
=
link_to
'Close'
,
merge_request_path
(
@merge_request
,
merge_request:
{
state_event: :close
}),
method: :put
,
title:
'Close merge request'
=
link_to
'Close'
,
merge_request_path
(
@merge_request
,
merge_request:
{
state_event: :close
}),
method: :put
,
title:
'Close merge request'
-
if
can_reopen_merge_request
%li
{
class:
merge_request_button_visibility
(
@merge_request
,
false
)
}
%li
{
class:
merge_request_button_visibility
(
@merge_request
,
false
)
}
=
link_to
'Reopen'
,
merge_request_path
(
@merge_request
,
merge_request:
{
state_event: :reopen
}),
method: :put
,
class:
'reopen-mr-link'
,
title:
'Reopen merge request'
=
link_to
'Reopen'
,
merge_request_path
(
@merge_request
,
merge_request:
{
state_event: :reopen
}),
method: :put
,
class:
'reopen-mr-link'
,
title:
'Reopen merge request'
-
if
can_update_merge_request
-
if
can_update_merge_request
=
link_to
'Edit'
,
edit_project_merge_request_path
(
@project
,
@merge_request
),
class:
"d-none d-sm-none d-md-block btn btn-grouped js-issuable-edit qa-edit-button"
=
link_to
'Edit'
,
edit_project_merge_request_path
(
@project
,
@merge_request
),
class:
"d-none d-sm-none d-md-block btn btn-grouped js-issuable-edit qa-edit-button"
=
render
'shared/issuable/close_reopen_button'
,
issuable:
@merge_request
,
can_update:
can_update_merge_request
,
can_reopen:
can_
update
_merge_request
=
render
'shared/issuable/close_reopen_button'
,
issuable:
@merge_request
,
can_update:
can_update_merge_request
,
can_reopen:
can_
reopen
_merge_request
changelogs/unreleased/56864-reopen-locked-mr.yml
0 → 100644
View file @
eba4b940
---
title
:
Disallow reopening of a locked merge request
merge_request
:
24882
author
:
Jan Beckmann
type
:
fixed
doc/user/discussions/index.md
View file @
eba4b940
...
@@ -276,7 +276,7 @@ edit existing comments. Non-team members are restricted from adding or editing c
...
@@ -276,7 +276,7 @@ edit existing comments. Non-team members are restricted from adding or editing c
| :-----------: | :----------: |
| :-----------: | :----------: |
| !
[
Comment form member
](
img/lock_form_member.png
)
| !
[
Comment form non-member
](
img/lock_form_non_member.png
)
|
| !
[
Comment form member
](
img/lock_form_member.png
)
| !
[
Comment form non-member
](
img/lock_form_non_member.png
)
|
Additionally
locked issue
s can not be reopened.
Additionally
, locked issues and merge request
s can not be reopened.
## Filtering notes
## Filtering notes
...
...
spec/policies/issuable_policy_spec.rb
View file @
eba4b940
...
@@ -13,7 +13,7 @@ describe IssuablePolicy, models: true do
...
@@ -13,7 +13,7 @@ describe IssuablePolicy, models: true do
context
'when user is able to read project'
do
context
'when user is able to read project'
do
it
'enables user to read and update issuables'
do
it
'enables user to read and update issuables'
do
expect
(
policies
).
to
be_allowed
(
:read_issue
,
:update_issue
,
:reopen_issue
,
:read_merge_request
,
:update_merge_request
)
expect
(
policies
).
to
be_allowed
(
:read_issue
,
:update_issue
,
:reopen_issue
,
:read_merge_request
,
:update_merge_request
,
:reopen_merge_request
)
end
end
end
end
...
@@ -24,12 +24,12 @@ describe IssuablePolicy, models: true do
...
@@ -24,12 +24,12 @@ describe IssuablePolicy, models: true do
it
'enables user to read and update issuables'
do
it
'enables user to read and update issuables'
do
project
.
add_maintainer
(
user
)
project
.
add_maintainer
(
user
)
expect
(
policies
).
to
be_allowed
(
:read_issue
,
:update_issue
,
:reopen_issue
,
:read_merge_request
,
:update_merge_request
)
expect
(
policies
).
to
be_allowed
(
:read_issue
,
:update_issue
,
:reopen_issue
,
:read_merge_request
,
:update_merge_request
,
:reopen_merge_request
)
end
end
end
end
it
'disallows user from reading and updating issuables from that project'
do
it
'disallows user from reading and updating issuables from that project'
do
expect
(
policies
).
to
be_disallowed
(
:read_issue
,
:update_issue
,
:reopen_issue
,
:read_merge_request
,
:update_merge_request
)
expect
(
policies
).
to
be_disallowed
(
:read_issue
,
:update_issue
,
:reopen_issue
,
:read_merge_request
,
:update_merge_request
,
:reopen_merge_request
)
end
end
end
end
end
end
...
...
spec/policies/merge_request_policy_spec.rb
0 → 100644
View file @
eba4b940
require
'spec_helper'
describe
MergeRequestPolicy
do
let
(
:guest
)
{
create
(
:user
)
}
let
(
:author
)
{
create
(
:user
)
}
let
(
:developer
)
{
create
(
:user
)
}
let
(
:project
)
{
create
(
:project
,
:public
)
}
def
permissions
(
user
,
merge_request
)
described_class
.
new
(
user
,
merge_request
)
end
before
do
project
.
add_guest
(
guest
)
project
.
add_guest
(
author
)
project
.
add_developer
(
developer
)
end
context
'when merge request is unlocked'
do
let
(
:merge_request
)
{
create
(
:merge_request
,
:closed
,
source_project:
project
,
target_project:
project
,
author:
author
)
}
it
'allows author to reopen merge request'
do
expect
(
permissions
(
author
,
merge_request
)).
to
be_allowed
(
:reopen_merge_request
)
end
it
'allows developer to reopen merge request'
do
expect
(
permissions
(
developer
,
merge_request
)).
to
be_allowed
(
:reopen_merge_request
)
end
it
'prevents guest from reopening merge request'
do
expect
(
permissions
(
guest
,
merge_request
)).
to
be_disallowed
(
:reopen_merge_request
)
end
end
context
'when merge request is locked'
do
let
(
:merge_request_locked
)
{
create
(
:merge_request
,
:closed
,
discussion_locked:
true
,
source_project:
project
,
target_project:
project
,
author:
author
)
}
it
'prevents author from reopening merge request'
do
expect
(
permissions
(
author
,
merge_request_locked
)).
to
be_disallowed
(
:reopen_merge_request
)
end
it
'prevents developer from reopening merge request'
do
expect
(
permissions
(
developer
,
merge_request_locked
)).
to
be_disallowed
(
:reopen_merge_request
)
end
it
'prevents guests from reopening merge request'
do
expect
(
permissions
(
guest
,
merge_request_locked
)).
to
be_disallowed
(
:reopen_merge_request
)
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment