Expose user and group for branch protection access levels in EE
What does this MR do and why?
#362706 (closed) -> #372362 (closed)
This change is for EE only
Expose user and group nodes under project.branchRules[].branchProtection.{mergeAccessLevels,pushAccessLevels}.
The user object is a UserType and the group object is a GroupType. Both fields can be null. The fields will never both be present. An access rule can be either a user, group, or role rule.
How to set up and validate locally
- Find a project.full_path of a project that has at least one protected branch
user_project = ProtectedBranch::PushAccessLevel.for_user.last.protected_branch.project group_project = ProtectedBranch::PushAccessLevel.for_group.last.protected_branch.project user_project.full_path group_project.full_path
- Test permissions by assigning yourself as a guest to the project
# user = User.find_by(email: "YOUR_EMAIL") # Use this if you do not use the default admin user in GDK user = User.find_by(email: "admin@example.com") user_project.add_guest(user) group_project.add_guest(user)
- Visit http://gdk.test:3000/-/graphql-explorer
- Execute the following query, replace the full path value (as guest you should not see any rules)
{ project(fullPath: "FULL_PATH") { branchRules { nodes { branchProtection { pushAccessLevels { nodes { user { name } group { name } } } } } } } }
- Make yourself a maintainer
user_project.add_guest(user) group_project.add_guest(user)
- Execute the following query, replace the full path value (as maintainer you should see all the rules)
{ project(fullPath: "FULL_PATH") { branchRules { nodes { branchProtection { pushAccessLevels { nodes { user { name } group { name } } } } } } } }
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Joe Woodward