Only show push-to-master authorized users

Hide the push to master instructions for users that are not allowed to
do that.

Also hide buttons that would direct them to commit directly in master

app/presenters/project_presenter.rb

@@ -4,6 +4,7 @@ class ProjectPresenter < Gitlab::View::Presenter::Delegated
   include GitlabRoutingHelper
   include StorageHelper
   include TreeHelper
+  include ChecksCollaboration
   include Gitlab::Utils::StrongMemoize
 
   presents :project
@@ -170,9 +171,11 @@ class ProjectPresenter < Gitlab::View::Presenter::Delegated
   end
 
   def can_current_user_push_to_branch?(branch)
-    return false unless repository.branch_exists?(branch)
+    user_access(project).can_push_to_branch?(branch)
+  end
 
-    ::Gitlab::UserAccess.new(current_user, project: project).can_push_to_branch?(branch)
+  def can_current_user_push_to_default_branch?
+    can_current_user_push_to_branch?(default_branch)
   end
 
   def files_anchor_data
@@ -200,7 +203,7 @@ class ProjectPresenter < Gitlab::View::Presenter::Delegated
   end
 
   def new_file_anchor_data
-    if current_user && can_current_user_push_code?
+    if current_user && can_current_user_push_to_default_branch?
       OpenStruct.new(enabled: false,
                      label: _('New file'),
                      link: project_new_blob_path(project, default_branch || 'master'),
@@ -209,7 +212,7 @@ class ProjectPresenter < Gitlab::View::Presenter::Delegated
   end
 
   def readme_anchor_data
-    if current_user && can_current_user_push_code? && repository.readme.blank?
+    if current_user && can_current_user_push_to_default_branch? && repository.readme.blank?
       OpenStruct.new(enabled: false,
                      label: _('Add Readme'),
                      link: add_readme_path)
@@ -221,7 +224,7 @@ class ProjectPresenter < Gitlab::View::Presenter::Delegated
   end
 
   def changelog_anchor_data
-    if current_user && can_current_user_push_code? && repository.changelog.blank?
+    if current_user && can_current_user_push_to_default_branch? && repository.changelog.blank?
       OpenStruct.new(enabled: false,
                      label: _('Add Changelog'),
                      link: add_changelog_path)
@@ -233,7 +236,7 @@ class ProjectPresenter < Gitlab::View::Presenter::Delegated
   end
 
   def license_anchor_data
-    if current_user && can_current_user_push_code? && repository.license_blob.blank?
+    if current_user && can_current_user_push_to_default_branch? && repository.license_blob.blank?
       OpenStruct.new(enabled: false,
                      label: _('Add License'),
                      link: add_license_path)
@@ -245,7 +248,7 @@ class ProjectPresenter < Gitlab::View::Presenter::Delegated
   end
 
   def contribution_guide_anchor_data
-    if current_user && can_current_user_push_code? && repository.contribution_guide.blank?
+    if current_user && can_current_user_push_to_default_branch? && repository.contribution_guide.blank?
       OpenStruct.new(enabled: false,
                      label: _('Add Contribution guide'),
                      link: add_contribution_guide_path)

app/views/projects/empty.html.haml

@@ -58,6 +58,8 @@
               touch README.md
               git add README.md
               git commit -m "add README"
+            - if @project.can_current_user_push_to_default_branch?
+              %span><
                 git push -u origin master
 
         %fieldset
@@ -69,6 +71,8 @@
               git remote add origin #{ content_tag(:span, default_url_to_repo, class: 'clone')}
               git add .
               git commit -m "Initial commit"
+            - if @project.can_current_user_push_to_default_branch?
+              %span><
                 git push -u origin master
 
         %fieldset
@@ -78,6 +82,8 @@
               cd existing_repo
               git remote rename origin old-origin
               git remote add origin #{ content_tag(:span, default_url_to_repo, class: 'clone')}
+            - if @project.can_current_user_push_to_default_branch?
+              %span><
                 git push -u origin --all
                 git push -u origin --tags
 

spec/features/projects/user_views_empty_project_spec.rb

@@ -0,0 +1,43 @@
+require 'spec_helper'
+
+describe 'User views an empty project' do
+  let(:project) { create(:project, :empty_repo) }
+  let(:user) { create(:user) }
+
+  shared_examples 'allowing push to default branch' do
+    before do
+      sign_in(user)
+      visit project_path(project)
+    end
+
+    it 'shows push-to-master instructions' do
+      expect(page).to have_content('git push -u origin master')
+    end
+  end
+
+  describe 'as a master' do
+    before do
+      project.add_master(user)
+    end
+
+    it_behaves_like 'allowing push to default branch'
+  end
+
+  describe 'as an admin' do
+    let(:user) { create(:user, :admin) }
+
+    it_behaves_like 'allowing push to default branch'
+  end
+
+  describe 'as a developer' do
+    before do
+      project.add_developer(user)
+      sign_in(user)
+      visit project_path(project)
+    end
+
+    it 'does not show push-to-master instructions' do
+      expect(page).not_to have_content('git push -u origin master')
+    end
+  end
+end

spec/presenters/project_presenter_spec.rb

@@ -208,6 +208,17 @@ describe ProjectPresenter do
       it 'returns nil if user cannot push' do
         expect(presenter.new_file_anchor_data).to be_nil
       end
+
+      context 'when the project is empty' do
+        let(:project) { create(:project, :empty_repo) }
+
+        # Since we protect the default branch for empty repos
+        it 'is empty for a developer' do
+          project.add_developer(user)
+
+          expect(presenter.new_file_anchor_data).to be_nil
+        end
+      end
     end
 
     describe '#readme_anchor_data' do