Enable update_(build|pipeline) for maintainers (!18735) · Merge requests · GitLab.org / GitLab FOSS

Jan Provaznik requested to merge jprovazn-pipeline-policy into master May 04, 2018

Why was this MR needed?

When a maintainer is allowed to push to forked project, also :update_commit_status permission is needed, otherwise maintainer can not retry failed pipelines and builds.

The problem is that app/services/ci/retry_pipeline_service.rb and app/services/ci/retry_build_service.rb check policy against build object and BuildPolicy inherits from CommitStatusPolicy which requires update_commit_status permission to enable also update_build permission.

Instead of having update_build and update_pipeline enabled per project, these permissions are enabled for maintainer per build or pipeline if maintainer can push to the specific branch.

Does this MR meet the acceptance criteria?

Changelog entry added, if necessary
Tests added for this feature/bug

What are the relevant issue numbers?

Closes #45905 (closed)

Edited May 10, 2018 by Jan Provaznik

Enable update_(build|pipeline) for maintainers

Why was this MR needed?

Does this MR meet the acceptance criteria?

What are the relevant issue numbers?

Merge request reports