Prevent modification of MR-level approval rules after MR is merged
requested to merge 432961-prevent-modification-of-mr-level-approval-rules-after-mr-is-merged into master
What does this MR do and why?
We need to prevent editing and deleting of merge request rules after a merge request is merged.
To Test:
- Find a merged MR with approval rules (
MergeRequest.merged.last.approval_rules
) - Try to delete/edit/create a rule through the UI
- Try to delete/edit/create a rule through the API
- Try to delete/edit/create a rule through graphql ??
curl -X PUT -d 'approvals_required=1' -H "PRIVATE-TOKEN: TOKEN" "http://localhost:3000/api/v4/projects/PROJECT_ID/merge_requests/MR_IID/approval_rules/APPROVAL_RULE_ID"
curl -X DELETE -H "PRIVATE-TOKEN: TOKEN" "http://localhost:3000/api/v4/projects/PROJECT_ID/merge_requests/MR_IID/approval_rules/APPROVAL_RULE_ID"
curl -X POST -d 'name=a' -d 'approvals_required=1' -H "PRIVATE-TOKEN: TOKEN" "http://localhost:3000/api/v4/projects/PROJECT_ID/merge_requests/MR_IID/approval_rules"
Query Postgres.ai
https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/24524/commands/78234
Related to #432961 (closed)
Edited by Marc Shaw