Add Allowed to Force Push option to Protected branches
What does this MR do?
Add 'Allowed to Force Push' option to Protected branches and fix #15611 (closed)
This MR can be improved. It's my first contribution to GitLab and the original issue is not a small one. I tried by best to provide updated test, and documentation but I am sure I miss things and I'd like some feedback from Gitlab teams. Gitlab is huge
https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/spec/lib/gitlab/git_access_spec.rb should probably be update with force push test, but I didn't find how to.
Some questions about the implementation that I have:
- Maybe "Force push" option for protected branch should not be available if "Push" option in not selected
- What should be the default value of this option
- Is it needed in deploy key
- Is it needed in Admin Area / Settings / General
Two test are failing ee/spec/features/projects/members/member_leaves_project_spec.rb:22
and ee/spec/features/projects/members/member_is_removed_from_project_spec.rb:27
. It seems related to the fact that relation are not cleaned between project member and the protected branch force push right. But I can't find where this should be handle.
I am stuck here, that's why I am removing the WIP flag, if someone have ideas about this before going further. Not sure if I am going on the right track but maybe this MR can be the base of something to fix the orignal issue.
Screenshots
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Closes #15611 (closed)