Commit 0d77b99c authored by Douwe Maan's avatar Douwe Maan

Merge branch '22638-creating-a-branch-matching-a-wildcard-fails' into 'master'

Allow creating protected branches when user can merge to such branch

Closes #22638

See merge request !8458
parents bf04a3a9 eb9b9640
---
title: Allow creating protected branches when user can merge to such branch
merge_request: 8458
author:
...@@ -35,7 +35,9 @@ module Gitlab ...@@ -35,7 +35,9 @@ module Gitlab
return true if project.empty_repo? && project.user_can_push_to_empty_repo?(user) return true if project.empty_repo? && project.user_can_push_to_empty_repo?(user)
access_levels = project.protected_branches.matching(ref).map(&:push_access_levels).flatten access_levels = project.protected_branches.matching(ref).map(&:push_access_levels).flatten
access_levels.any? { |access_level| access_level.check_access(user) } has_access = access_levels.any? { |access_level| access_level.check_access(user) }
has_access || !project.repository.branch_exists?(ref) && can_merge_to_branch?(ref)
else else
user.can?(:push_code, project) user.can?(:push_code, project)
end end
......
...@@ -66,7 +66,8 @@ describe Gitlab::UserAccess, lib: true do ...@@ -66,7 +66,8 @@ describe Gitlab::UserAccess, lib: true do
end end
describe 'push to protected branch' do describe 'push to protected branch' do
let(:branch) { create :protected_branch, project: project } let(:branch) { create :protected_branch, project: project, name: "test" }
let(:not_existing_branch) { create :protected_branch, :developers_can_merge, project: project }
it 'returns true if user is a master' do it 'returns true if user is a master' do
project.team << [user, :master] project.team << [user, :master]
...@@ -85,6 +86,12 @@ describe Gitlab::UserAccess, lib: true do ...@@ -85,6 +86,12 @@ describe Gitlab::UserAccess, lib: true do
expect(access.can_push_to_branch?(branch.name)).to be_falsey expect(access.can_push_to_branch?(branch.name)).to be_falsey
end end
it 'returns true if branch does not exist and user has permission to merge' do
project.team << [user, :developer]
expect(access.can_push_to_branch?(not_existing_branch.name)).to be_truthy
end
end end
describe 'push to protected branch if allowed for developers' do describe 'push to protected branch if allowed for developers' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment