`default_branch_protection_defaults` object `access_level` fields cannot be set to 0 via REST API (but can via UI)
Summary
There are certain "Default Branch" settings that appear to be valid when set via the web UI, but are not able to be set via the groups API.
Specifically, the default_branch_protection_defaults
object will reject default_branch_protection_defaults[allowed_to_push][0][access_level]
of 0
and default_branch_protection_defaults[allowed_to_merge][0][access_level]
of 0
Note access levels are highlighted here
Steps to reproduce
- Create a sub/group
- Navigate to Settings > Repository > Default branch
- Set "Initial default branch protection" to be
- Protected
- "no one" allowed to push
- "no one" allowed to merge
- allow developers to push to the initial commit
- Save changes
- Use curl to read the group object and confirm values set against
default_branch_protection_defaults
curl -s -X GET -H "PRIVATE-TOKEN: ${GITLAB_API_TOKEN}" https://gitlab.com/api/v4/groups/12345678 | jq .
"default_branch_protection_defaults": {
"allowed_to_push": [
{
"access_level": 0
}
],
"allowed_to_merge": [
{
"access_level": 0
}
],
"developer_can_initial_push": true
},
- Use curl to "PUT" the same object back into the group
curl -X PUT -H "PRIVATE-TOKEN: ${GITLAB_API_TOKEN}" -H "Content-Type: application/json" -d '{"default_branch_protection_defaults":{"allowed_to_push":[{"access_level":0}],"allowed_to_merge":[{"access_level":0}],"developer_can_initial_push":true}}' https://gitlab.com/api/v4/groups/12345678
- response received back:
{"error":"default_branch_protection_defaults[allowed_to_push][0][access_level] does not have a valid value, default_branch_protection_defaults[allowed_to_merge][0][access_level] does not have a valid value"}
Example Project
What is the current bug behavior?
- The
access_level
values ofdefault_branch_protection_defaults
can be set to "no one"/0 via the UI - The
access_level
values ofdefault_branch_protection_defaults
cannot be set to "no one"/0 via the API
What is the expected correct behavior?
- The
access_level
values ofdefault_branch_protection_defaults
can be set to "no one"/0 via the UI - The
access_level
values ofdefault_branch_protection_defaults
can be set to "no one"/0 via the API
Relevant logs and/or screenshots
Output of checks
This bug happens on GitLab.com
Edited by Steve Stevens