From 0e40b41e224f18076426578da08548ae22afdcd1 Mon Sep 17 00:00:00 2001 From: Kerri Miller Date: Thu, 5 Sep 2019 13:01:36 +0000 Subject: [PATCH] Add structure to support EE feature of COAR These are the structural changes for supporting the EE feature of moving "code_owner_approval_required" state from existing on a project to being on the protected branches individually, allowing for CODEOWNER validation on push events. --- app/models/merge_request.rb | 6 ++++ app/models/protected_branch.rb | 3 ++ .../protected_branches/create_service.rb | 7 ++++- ...de_owner_approval_to_protected_branches.rb | 31 +++++++++++++++++++ db/schema.rb | 2 ++ spec/lib/gitlab/checks/diff_check_spec.rb | 5 ++- .../import_export/safe_model_attributes.yml | 1 + 7 files changed, 51 insertions(+), 4 deletions(-) create mode 100644 db/migrate/20190729180447_add_merge_requests_require_code_owner_approval_to_protected_branches.rb diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb index 28e450f9b30..bc98ae0ce28 100644 --- a/app/models/merge_request.rb +++ b/app/models/merge_request.rb @@ -174,6 +174,7 @@ class MergeRequest < ApplicationRecord scope :from_project, ->(project) { where(source_project_id: project.id) } scope :merged, -> { with_state(:merged) } scope :closed_and_merged, -> { with_states(:closed, :merged) } + scope :open_and_closed, -> { with_states(:opened, :closed) } scope :from_source_branches, ->(branches) { where(source_branch: branches) } scope :by_commit_sha, ->(sha) do where('EXISTS (?)', MergeRequestDiff.select(1).where('merge_requests.latest_merge_request_diff_id = merge_request_diffs.id').by_commit_sha(sha)).reorder(nil) @@ -187,6 +188,11 @@ class MergeRequest < ApplicationRecord target_project: [:route, { namespace: :route }], source_project: [:route, { namespace: :route }]) } + scope :by_target_branch_wildcard, ->(wildcard_branch_name) do + where("target_branch LIKE ?", ApplicationRecord.sanitize_sql_like(wildcard_branch_name).tr('*', '%')) + end + scope :by_target_branch, ->(branch_name) { where(target_branch: branch_name) } + scope :preload_source_project, -> { preload(:source_project) } after_save :keep_around_commit diff --git a/app/models/protected_branch.rb b/app/models/protected_branch.rb index ee0c94c20af..9fd929371f8 100644 --- a/app/models/protected_branch.rb +++ b/app/models/protected_branch.rb @@ -3,6 +3,9 @@ class ProtectedBranch < ApplicationRecord include ProtectedRef + scope :requiring_code_owner_approval, + -> { where(code_owner_approval_required: true) } + protected_ref_access_levels :merge, :push def self.protected_ref_accessible_to?(ref, user, project:, action:, protected_refs: nil) diff --git a/app/services/protected_branches/create_service.rb b/app/services/protected_branches/create_service.rb index 87aaf4672a4..6b2836bba39 100644 --- a/app/services/protected_branches/create_service.rb +++ b/app/services/protected_branches/create_service.rb @@ -5,7 +5,8 @@ module ProtectedBranches def execute(skip_authorization: false) raise Gitlab::Access::AccessDeniedError unless skip_authorization || authorized? - protected_branch.save + save_protected_branch + protected_branch end @@ -15,6 +16,10 @@ module ProtectedBranches private + def save_protected_branch + protected_branch.save + end + def protected_branch @protected_branch ||= project.protected_branches.new(params) end diff --git a/db/migrate/20190729180447_add_merge_requests_require_code_owner_approval_to_protected_branches.rb b/db/migrate/20190729180447_add_merge_requests_require_code_owner_approval_to_protected_branches.rb new file mode 100644 index 00000000000..098fcff9ace --- /dev/null +++ b/db/migrate/20190729180447_add_merge_requests_require_code_owner_approval_to_protected_branches.rb @@ -0,0 +1,31 @@ +# frozen_string_literal: true + +class AddMergeRequestsRequireCodeOwnerApprovalToProtectedBranches < ActiveRecord::Migration[5.2] + include Gitlab::Database::MigrationHelpers + + # Set this constant to true if this migration requires downtime. + DOWNTIME = false + + disable_ddl_transaction! + + def up + add_column_with_default( + :protected_branches, + :code_owner_approval_required, + :boolean, + default: false + ) + + add_concurrent_index( + :protected_branches, + [:project_id, :code_owner_approval_required], + name: "code_owner_approval_required", + where: "code_owner_approval_required = #{Gitlab::Database.true_value}") + end + + def down + remove_concurrent_index(:protected_branches, name: "code_owner_approval_required") + + remove_column(:protected_branches, :code_owner_approval_required) + end +end diff --git a/db/schema.rb b/db/schema.rb index 98c4403efe1..9d7cdaed70c 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -2932,6 +2932,8 @@ ActiveRecord::Schema.define(version: 2019_09_04_173203) do t.string "name", null: false t.datetime "created_at" t.datetime "updated_at" + t.boolean "code_owner_approval_required", default: false, null: false + t.index ["project_id", "code_owner_approval_required"], name: "code_owner_approval_required", where: "(code_owner_approval_required = true)" t.index ["project_id"], name: "index_protected_branches_on_project_id" end diff --git a/spec/lib/gitlab/checks/diff_check_spec.rb b/spec/lib/gitlab/checks/diff_check_spec.rb index a341dfa5636..b9134b8d6ab 100644 --- a/spec/lib/gitlab/checks/diff_check_spec.rb +++ b/spec/lib/gitlab/checks/diff_check_spec.rb @@ -20,9 +20,8 @@ describe Gitlab::Checks::DiffCheck do allow(project).to receive(:lfs_enabled?).and_return(false) end - it 'skips the validation' do - expect(subject).not_to receive(:validate_diff) - expect(subject).not_to receive(:validate_file_paths) + it 'does not invoke :lfs_file_locks_validation' do + expect(subject).not_to receive(:lfs_file_locks_validation) subject.validate! end diff --git a/spec/lib/gitlab/import_export/safe_model_attributes.yml b/spec/lib/gitlab/import_export/safe_model_attributes.yml index 516e62c4728..1386f8822ce 100644 --- a/spec/lib/gitlab/import_export/safe_model_attributes.yml +++ b/spec/lib/gitlab/import_export/safe_model_attributes.yml @@ -467,6 +467,7 @@ ProtectedBranch: - name - created_at - updated_at +- code_owner_approval_required ProtectedTag: - id - project_id