Merge branch '58583-confidential-mr-branch-backend' into 'master'

Support creating an MR/branch on a fork from an issue

See merge request gitlab-org/gitlab-ce!29831

1 files changed, 14 insertions, 2 deletions

diff --git a/app/controllers/projects/branches_controller.rb b/app/controllers/projects/branches_controller.rb
index da5efe4f21c..d77f64a84f5 100644
--- a/app/controllers/projects/branches_controller.rb
+++ b/app/controllers/projects/branches_controller.rb
@@ -68,8 +68,9 @@ class Projects::BranchesController < Projects::ApplicationController
     success = (result[:status] == :success)
 
     if params[:issue_iid] && success
-      issue = IssuesFinder.new(current_user, project_id: @project.id).find_by(iid: params[:issue_iid])
-      SystemNoteService.new_issue_branch(issue, @project, current_user, branch_name) if issue
+      target_project = confidential_issue_project || @project
+      issue = IssuesFinder.new(current_user, project_id: target_project.id).find_by(iid: params[:issue_iid])
+      SystemNoteService.new_issue_branch(issue, target_project, current_user, branch_name, branch_project: @project) if issue
     end
 
     respond_to do |format|
@@ -166,4 +167,15 @@ class Projects::BranchesController < Projects::ApplicationController
       @branches = Kaminari.paginate_array(@branches).page(params[:page])
     end
   end
+
+  def confidential_issue_project
+    return unless Feature.enabled?(:create_confidential_merge_request, @project)
+    return if params[:confidential_issue_project_id].blank?
+
+    confidential_issue_project = Project.find(params[:confidential_issue_project_id])
+
+    return unless can?(current_user, :update_issue, confidential_issue_project)
+
+    confidential_issue_project
+  end
 end