Avoid error when no restricted levels are defined

When no visibility levels are defined they could sometimes return
`nil` instead of an empty array. In this case we want to allow all
levels.

changelogs/unreleased/bvl-fix-500-on-fork-without-restricted-visibility-levels.yml

@@ -0,0 +1,5 @@
+---
+title: Fix forking projects when no restricted visibility levels are defined applicationwide
+merge_request: 16881
+author:
+type: fixed

lib/gitlab/visibility_level.rb

@@ -60,7 +60,7 @@ module Gitlab
       def allowed_levels
         restricted_levels = current_application_settings.restricted_visibility_levels
 
-        self.values - restricted_levels
+        self.values - Array(restricted_levels)
       end
 
       def closest_allowed_level(target_level)

spec/lib/gitlab/visibility_level_spec.rb

@@ -57,6 +57,15 @@ describe Gitlab::VisibilityLevel do
       expect(described_class.allowed_levels)
         .to contain_exactly(described_class::PRIVATE, described_class::PUBLIC)
     end
+
+    it 'returns all levels when no visibility level was set' do
+      allow(described_class)
+        .to receive_message_chain('current_application_settings.restricted_visibility_levels')
+              .and_return(nil)
+
+      expect(described_class.allowed_levels)
+        .to contain_exactly(described_class::PRIVATE, described_class::INTERNAL, described_class::PUBLIC)
+    end
   end
 
   describe '.closest_allowed_level' do