Prevent modification of MR-level approval rules after MR is merged (!138154) · Merge requests · GitLab.org / GitLab

Marc Shaw requested to merge 432961-prevent-modification-of-mr-level-approval-rules-after-mr-is-merged into master Nov 29, 2023

What does this MR do and why?

We need to prevent editing and deleting of merge request rules after a merge request is merged.

To Test:

Find a merged MR with approval rules (MergeRequest.merged.last.approval_rules)
Try to delete/edit/create a rule through the UI
Try to delete/edit/create a rule through the API
Try to delete/edit/create a rule through graphql ??

curl -X PUT -d 'approvals_required=1' -H "PRIVATE-TOKEN: TOKEN" "http://localhost:3000/api/v4/projects/PROJECT_ID/merge_requests/MR_IID/approval_rules/APPROVAL_RULE_ID"

curl -X DELETE -H "PRIVATE-TOKEN: TOKEN" "http://localhost:3000/api/v4/projects/PROJECT_ID/merge_requests/MR_IID/approval_rules/APPROVAL_RULE_ID"

curl -X POST -d 'name=a' -d 'approvals_required=1' -H "PRIVATE-TOKEN: TOKEN" "http://localhost:3000/api/v4/projects/PROJECT_ID/merge_requests/MR_IID/approval_rules"

Query Postgres.ai

https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/24524/commands/78234

Related to #432961 (closed)

Edited Dec 07, 2023 by Marc Shaw

Prevent modification of MR-level approval rules after MR is merged

What does this MR do and why?

Merge request reports