Allow users to create protected branches via CLI

This is for fixing a regression introduced by: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24969 This fix will allow users who are allowed to push to protected branches to create protected branches via CLI as well, just like before. The checks for protected branch creation won't need to run.
author: Patrick Bajao <ebajao@gitlab.com> 2019-03-21 14:11:06 +0300
committer: Patrick Bajao <ebajao@gitlab.com> 2019-03-21 14:53:04 +0300
commit: 438485ef88c762b59ee9fb6089d8b7256554fe24 (patch)
tree: be68b7349d3b758c18826f77bd72528b6d2bc4ad /spec/lib
parent: 6811f1aca57b0216a16195804d9b453fe1796baa (diff)
1 files changed, 51 insertions, 29 deletions
diff --git a/spec/lib/gitlab/checks/branch_check_spec.rb b/spec/lib/gitlab/checks/branch_check_spec.rb
index 12beeecd470..8d5ab27a17c 100644
--- a/spec/lib/gitlab/checks/branch_check_spec.rb
+++ b/spec/lib/gitlab/checks/branch_check_spec.rb
@@ -108,64 +108,86 @@ describe Gitlab::Checks::BranchCheck do
         end
 
         context 'protected branch creation feature is enabled' do
-          context 'user is not allowed to create protected branches' do
+          context 'user can push to branch' do
             before do
               allow(user_access)
-                .to receive(:can_merge_to_branch?)
+                .to receive(:can_push_to_branch?)
                 .with('feature')
-                .and_return(false)
+                .and_return(true)
             end
 
-            it 'raises an error' do
-              expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You are not allowed to create protected branches on this project.')
+            it 'does not raise an error' do
+              expect { subject.validate! }.not_to raise_error
             end
           end
 
-          context 'user is allowed to create protected branches' do
+          context 'user cannot push to branch' do
             before do
               allow(user_access)
-                .to receive(:can_merge_to_branch?)
+                .to receive(:can_push_to_branch?)
                 .with('feature')
-                .and_return(true)
-
-              allow(project.repository)
-                .to receive(:branch_names_contains_sha)
-                .with(newrev)
-                .and_return(['branch'])
+                .and_return(false)
             end
 
-            context "newrev isn't in any protected branches" do
+            context 'user cannot merge to branch' do
               before do
-                allow(ProtectedBranch)
-                  .to receive(:any_protected?)
-                  .with(project, ['branch'])
+                allow(user_access)
+                  .to receive(:can_merge_to_branch?)
+                  .with('feature')
                   .and_return(false)
               end
 
               it 'raises an error' do
-                expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You can only use an existing protected branch ref as the basis of a new protected branch.')
+                expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You are not allowed to create protected branches on this project.')
               end
             end
 
-            context 'newrev is included in a protected branch' do
+            context 'user can merge to branch' do
               before do
-                allow(ProtectedBranch)
-                  .to receive(:any_protected?)
-                  .with(project, ['branch'])
+                allow(user_access)
+                  .to receive(:can_merge_to_branch?)
+                  .with('feature')
                   .and_return(true)
+
+                allow(project.repository)
+                  .to receive(:branch_names_contains_sha)
+                  .with(newrev)
+                  .and_return(['branch'])
               end
 
-              context 'via web interface' do
-                let(:protocol) { 'web' }
+              context "newrev isn't in any protected branches" do
+                before do
+                  allow(ProtectedBranch)
+                    .to receive(:any_protected?)
+                    .with(project, ['branch'])
+                    .and_return(false)
+                end
 
-                it 'allows branch creation' do
-                  expect { subject.validate! }.not_to raise_error
+                it 'raises an error' do
+                  expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You can only use an existing protected branch ref as the basis of a new protected branch.')
                 end
               end
 
-              context 'via SSH' do
-                it 'raises an error' do
-                  expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You can only create protected branches using the web interface and API.')
+              context 'newrev is included in a protected branch' do
+                before do
+                  allow(ProtectedBranch)
+                    .to receive(:any_protected?)
+                    .with(project, ['branch'])
+                    .and_return(true)
+                end
+
+                context 'via web interface' do
+                  let(:protocol) { 'web' }
+
+                  it 'allows branch creation' do
+                    expect { subject.validate! }.not_to raise_error
+                  end
+                end
+
+                context 'via SSH' do
+                  it 'raises an error' do
+                    expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You can only create protected branches using the web interface and API.')
+                  end
                 end
               end
             end
author	Patrick Bajao <ebajao@gitlab.com>	2019-03-21 14:11:06 +0300
committer	Patrick Bajao <ebajao@gitlab.com>	2019-03-21 14:53:04 +0300
commit	438485ef88c762b59ee9fb6089d8b7256554fe24 (patch)
tree	be68b7349d3b758c18826f77bd72528b6d2bc4ad /spec/lib
parent	6811f1aca57b0216a16195804d9b453fe1796baa (diff)