Add latest changes from gitlab-org/gitlab@master

3 files changed, 32 insertions, 0 deletions

diff --git a/app/services/application_settings/update_service.rb b/app/services/application_settings/update_service.rb
index 7728982779e..6d484c4fa22 100644
--- a/app/services/application_settings/update_service.rb
+++ b/app/services/application_settings/update_service.rb
@@ -26,6 +26,7 @@ module ApplicationSettings
       end
 
       update_terms(@params.delete(:terms))
+      update_default_branch_protection_defaults(@params[:default_branch_protection])
 
       add_to_outbound_local_requests_whitelist(@params.delete(:add_to_outbound_local_requests_whitelist))
 
@@ -77,6 +78,19 @@ module ApplicationSettings
       @application_setting.reset_memoized_terms
     end
 
+    def update_default_branch_protection_defaults(default_branch_protection)
+      return unless default_branch_protection.present?
+
+      # We are migrating default_branch_protection from an integer
+      # column to a jsonb column. While completing the rest of the
+      # work, we want to start translating the updates sent to the
+      # existing column into the json. Eventually, we will be updating
+      # the jsonb column directly and deprecating the original update
+      # path. Until then, we want to sync up both columns.
+      protection = Gitlab::Access::BranchProtection.new(default_branch_protection.to_i)
+      @application_setting.default_branch_protection_defaults = protection.to_hash
+    end
+
     def process_performance_bar_allowed_group_id
       group_full_path = params.delete(:performance_bar_allowed_group_path)
       enable_param_on = Gitlab::Utils.to_boolean(params.delete(:performance_bar_enabled))
diff --git a/app/services/groups/update_service.rb b/app/services/groups/update_service.rb
index 925a2acbb58..df6ede87ef9 100644
--- a/app/services/groups/update_service.rb
+++ b/app/services/groups/update_service.rb
@@ -117,6 +117,7 @@ module Groups
 
     def handle_settings_update
       settings_params = params.slice(*allowed_settings_params)
+      settings_params.merge!({ default_branch_protection: params[:default_branch_protection] }.compact)
       allowed_settings_params.each { |param| params.delete(param) }
 
       ::NamespaceSettings::UpdateService.new(current_user, group, settings_params).execute
diff --git a/app/services/namespace_settings/update_service.rb b/app/services/namespace_settings/update_service.rb
index 25525265e1c..c391320db5e 100644
--- a/app/services/namespace_settings/update_service.rb
+++ b/app/services/namespace_settings/update_service.rb
@@ -23,6 +23,12 @@ module NamespaceSettings
         param_key: :new_user_signups_cap,
         user_policy: :change_new_user_signups_cap
       )
+      validate_settings_param_for_root_group(
+        param_key: :default_branch_protection,
+        user_policy: :update_default_branch_protection
+      )
+
+      handle_default_branch_protection unless settings_params[:default_branch_protection].blank?
 
       if group.namespace_settings
         group.namespace_settings.attributes = settings_params
@@ -33,6 +39,17 @@ module NamespaceSettings
 
     private
 
+    def handle_default_branch_protection
+      # We are migrating default_branch_protection from an integer
+      # column to a jsonb column. While completing the rest of the
+      # work, we want to start translating the updates sent to the
+      # existing column into the json. Eventually, we will be updating
+      # the jsonb column directly and deprecating the original update
+      # path. Until then, we want to sync up both columns.
+      protection = Gitlab::Access::BranchProtection.new(settings_params.delete(:default_branch_protection).to_i)
+      settings_params[:default_branch_protection_defaults] = protection.to_hash
+    end
+
     def validate_resource_access_token_creation_allowed_param
       return if settings_params[:resource_access_token_creation_allowed].nil?