Disallow Self-Merges even for Master as new kind of protected branch
Description
We currently have a 4-eyes-principle set up, so nobody is allowed to commit code to master
which was not reviewed by a second person (our master
is a protected branch - Allowed to Merge: Masters / Allowed to push: No one).
AFAIK there is currently not way to technically restrict people having Master privileges from opening MR and also merging them to protected branches.
Proposal
It would be desirable to create a new type of protected branch, where User_A cannot merge a MR that was opened by same User_A, even it hold the Master role, only by any other User_B also holding the Master role.
Documentation blurb
If you rely on a strict workflow which includes validation of the code by a second person, you need to be able to even restrict the people with Master permissions from merging to protected branches, if the Merge Request was opened by themselves.
In order to ensure Masters can only merge Requests opened by others, select Masters, except requestor when protecting your branches.
If you are in the need for a more fine grained approval process, consider switching to Gitlab EE and use approvals. See https://docs.gitlab.com/ee/user/project/merge_requests/merge_request_approvals.html#using-approvals