Allowing Duplicate Protected Branch Rules at Project Level Overrides Group-Level Protection Settings

Description:

When a protected branch rule is configured at the group level, it appears as locked at the project level, which prevents editing or removal of the inherited rule. However, it is currently possible to create a new protected branch rule at the project level with the same attributes as the group-level rule. This effectively creates a duplicate rule and can lead to unexpected behavior or misconfiguration of branch protections.

This behavior undermines the intention of centralized group-level branch protection settings and creates room for inconsistency across projects.

Steps to Reproduce:

• As a group owner, create a protected branch rule for a group: https://docs.gitlab.com/ee/user/project/repository/branches/protected.html#for-all-projects-in-a-group
• Navigate to a project within the group and observe the inherited rule (locked and uneditable).
• Add a new protected branch rule in the project with the same branch name and attributes as the group-level rule.
• Observe that the duplicate rule is created successfully.

Expected Behavior:

The ability to create a new protected branch rule at the project level with the same branch name as an existing group-level rule should be blocked. A clear error message should inform the user that the rule already exists and is managed at the group level.

Actual Behavior:

A duplicate protected branch rule is created at the project level despite the existence of a group-level rule with the same attributes. 


This behavior can cause confusion and potential misconfiguration of branch protections, undermining the centralized branch protection settings defined at the group level.

Proposed Solution:

Prevent the creation of duplicate protected branch rules at the project level when a rule with the same branch name exists at the group level. Provide a clear error or warning message to the user when attempting to create such a rule.