Class: Projects::ProtectDefaultBranchService

Inherits:
Object
  • Object
show all
Defined in:
app/services/projects/protect_default_branch_service.rb

Overview

Service class that can be used to execute actions necessary after creating a default branch.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(project) ⇒ ProtectDefaultBranchService

Returns a new instance of ProtectDefaultBranchService.

Parameters:



10
11
12
13
14
15
16
# File 'app/services/projects/protect_default_branch_service.rb', line 10

def initialize(project)
  @project = project

  @default_branch_protection = Gitlab::Access::DefaultBranchProtection.new(
    project.namespace.default_branch_protection_settings
  )
end

Instance Attribute Details

#default_branch_protectionObject (readonly)

Returns the value of attribute default_branch_protection.



7
8
9
# File 'app/services/projects/protect_default_branch_service.rb', line 7

def default_branch_protection
  @default_branch_protection
end

#projectObject (readonly)

Returns the value of attribute project.



7
8
9
# File 'app/services/projects/protect_default_branch_service.rb', line 7

def project
  @project
end

Instance Method Details

#allow_force_push?Boolean

Returns:

  • (Boolean)


50
51
52
# File 'app/services/projects/protect_default_branch_service.rb', line 50

def allow_force_push?
  default_branch_protection.allow_force_push?
end

#code_owner_approval_required?Boolean

overriden in EE

Returns:

  • (Boolean)


46
47
48
# File 'app/services/projects/protect_default_branch_service.rb', line 46

def code_owner_approval_required?
  false
end

#create_protected_branchObject



29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# File 'app/services/projects/protect_default_branch_service.rb', line 29

def create_protected_branch
  params = {
    name: default_branch,
    push_access_levels_attributes: [{ access_level: push_access_level }],
    merge_access_levels_attributes: [{ access_level: merge_access_level }],
    code_owner_approval_required: code_owner_approval_required?,
    allow_force_push: allow_force_push?
  }

  # The creator of the project is always allowed to create protected
  # branches, so we skip the authorization check in this service class.
  ProtectedBranches::CreateService
    .new(project, project.creator, params)
    .execute(skip_authorization: true)
end

#default_branchObject



63
64
65
# File 'app/services/projects/protect_default_branch_service.rb', line 63

def default_branch
  project.default_branch
end

#executeObject



18
19
20
# File 'app/services/projects/protect_default_branch_service.rb', line 18

def execute
  protect_default_branch if default_branch
end

#merge_access_levelObject



79
80
81
82
83
84
85
86
87
88
89
# File 'app/services/projects/protect_default_branch_service.rb', line 79

def merge_access_level
  if default_branch_protection.no_one_can_merge?
    Gitlab::Access::NO_ACCESS
  elsif default_branch_protection.developer_can_merge?
    Gitlab::Access::DEVELOPER
  elsif default_branch_protection.maintainer_can_merge?
    Gitlab::Access::MAINTAINER
  else
    Gitlab::Access::ADMIN
  end
end

#protect_branch?Boolean

Returns:

  • (Boolean)


54
55
56
57
# File 'app/services/projects/protect_default_branch_service.rb', line 54

def protect_branch?
  default_branch_protection.any? &&
    !ProtectedBranch.protected?(project, default_branch)
end

#protect_default_branchObject



22
23
24
25
26
27
# File 'app/services/projects/protect_default_branch_service.rb', line 22

def protect_default_branch
  # Ensure HEAD points to the default branch in case it is not master
  project.change_head(default_branch)

  create_protected_branch if protect_branch? && !protected_branch_exists?
end

#protected_branch_exists?Boolean

Returns:

  • (Boolean)


59
60
61
# File 'app/services/projects/protect_default_branch_service.rb', line 59

def protected_branch_exists?
  project.all_protected_branches.find_by_name(default_branch).present?
end

#push_access_levelObject



67
68
69
70
71
72
73
74
75
76
77
# File 'app/services/projects/protect_default_branch_service.rb', line 67

def push_access_level
  if default_branch_protection.no_one_can_push?
    Gitlab::Access::NO_ACCESS
  elsif default_branch_protection.developer_can_push?
    Gitlab::Access::DEVELOPER
  elsif default_branch_protection.maintainer_can_push?
    Gitlab::Access::MAINTAINER
  else
    Gitlab::Access::ADMIN
  end
end