Commit aad6ceae authored by Marco Wessel's avatar Marco Wessel

Allow configuring protection of the default branch upon first push

parent 254d1d7a
......@@ -28,7 +28,7 @@ v 7.8.0
-
-
-
-
- Allow configuring protection of the default branch upon first push (Marco Wessel)
-
-
-
......
......@@ -22,6 +22,7 @@ def set_application_setting
def application_setting_params
params.require(:application_setting).permit(
:default_projects_limit,
:default_branch_protection,
:signup_enabled,
:signin_enabled,
:gravatar_enabled,
......
......@@ -4,6 +4,7 @@
#
# id :integer not null, primary key
# default_projects_limit :integer
# default_branch_protection :integer
# signup_enabled :boolean
# signin_enabled :boolean
# gravatar_enabled :boolean
......@@ -25,6 +26,7 @@ def self.current
def self.create_from_defaults
create(
default_projects_limit: Settings.gitlab['default_projects_limit'],
default_branch_protection: Settings.gitlab['default_branch_protection'],
signup_enabled: Settings.gitlab['signup_enabled'],
signin_enabled: Settings.gitlab['signin_enabled'],
gravatar_enabled: Settings.gravatar['enabled'],
......
class GitPushService
attr_accessor :project, :user, :push_data, :push_commits
include Gitlab::CurrentSettings
include Gitlab::Access
# This method will be called after each git update
# and only if the provided user and project is present in GitLab.
......@@ -29,8 +31,12 @@ def execute(project, user, oldrev, newrev, ref)
if is_default_branch?(ref)
# Initial push to the default branch. Take the full history of that branch as "newly pushed".
@push_commits = project.repository.commits(newrev)
# Default branch is protected by default
project.protected_branches.create({ name: project.default_branch })
# Set protection on the default branch if configured
if (current_application_settings.default_branch_protection != PROTECTION_NONE)
developers_can_push = current_application_settings.default_branch_protection == PROTECTION_DEV_CAN_PUSH ? true : false
project.protected_branches.create({ name: project.default_branch, developers_can_push: developers_can_push })
end
else
# Use the pushed commits that aren't reachable by the default branch
# as a heuristic. This may include more commits than are actually pushed, but
......
......@@ -25,6 +25,10 @@
= f.label :default_projects_limit, class: 'control-label'
.col-sm-10
= f.number_field :default_projects_limit, class: 'form-control'
.form-group
= f.label :default_branch_protection, class: 'control-label'
.col-sm-10
= f.select :default_branch_protection, options_for_select(Gitlab::Access.protection_options, @application_setting.default_branch_protection), {}, class: 'form-control'
.form-group
= f.label :home_page_url, class: 'control-label'
.col-sm-10
......
......@@ -87,6 +87,7 @@ def verify_constant(modul, current, default)
#
Settings['gitlab'] ||= Settingslogic.new({})
Settings.gitlab['default_projects_limit'] ||= 10
Settings.gitlab['default_branch_protection'] ||= 2
Settings.gitlab['default_can_create_group'] = true if Settings.gitlab['default_can_create_group'].nil?
Settings.gitlab['default_theme'] = Gitlab::Theme::MARS if Settings.gitlab['default_theme'].nil?
Settings.gitlab['host'] ||= 'localhost'
......
class AddDefaultBranchProtectionSetting < ActiveRecord::Migration
def change
add_column :application_settings, :default_branch_protection, :integer, :default => 2
end
end
......@@ -11,13 +11,14 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20150116234544) do
ActiveRecord::Schema.define(version: 20150125163100) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
create_table "application_settings", force: true do |t|
t.integer "default_projects_limit"
t.integer "default_branch_protection"
t.boolean "signup_enabled"
t.boolean "signin_enabled"
t.boolean "gravatar_enabled"
......
......@@ -11,6 +11,11 @@ module Access
MASTER = 40
OWNER = 50
# Branch protection settings
PROTECTION_NONE = 0
PROTECTION_DEV_CAN_PUSH = 1
PROTECTION_FULL = 2
class << self
def values
options.values
......@@ -43,6 +48,17 @@ def sym_options
master: MASTER,
}
end
def protection_options
{
"None" => PROTECTION_NONE,
"Protect, developers can push" => PROTECTION_DEV_CAN_PUSH,
"Full protection" => PROTECTION_FULL,
}
end
def protection_values
protection_options.values
end
end
def human_access
......
......@@ -12,6 +12,7 @@ def current_application_settings
def fake_application_settings
OpenStruct.new(
default_projects_limit: Settings.gitlab['default_projects_limit'],
default_branch_protection: Settings.gitlab['default_branch_protection'],
signup_enabled: Settings.gitlab['signup_enabled'],
signin_enabled: Settings.gitlab['signin_enabled'],
gravatar_enabled: Settings.gravatar['enabled'],
......
......@@ -2,15 +2,16 @@
#
# Table name: application_settings
#
# id :integer not null, primary key
# default_projects_limit :integer
# signup_enabled :boolean
# signin_enabled :boolean
# gravatar_enabled :boolean
# sign_in_text :text
# created_at :datetime
# updated_at :datetime
# home_page_url :string(255)
# id :integer not null, primary key
# default_projects_limit :integer
# default_branch_protection :interger
# signup_enabled :boolean
# signin_enabled :boolean
# gravatar_enabled :boolean
# sign_in_text :text
# created_at :datetime
# updated_at :datetime
# home_page_url :string(255)
#
require 'spec_helper'
......
......@@ -106,7 +106,7 @@
it "when pushing a branch for the first time" do
project.should_receive(:execute_hooks)
project.default_branch.should == "master"
project.protected_branches.should_receive(:create).with({ name: "master" })
project.protected_branches.should_receive(:create).with({ name: "master", developers_can_push: false })
service.execute(project, user, @blankrev, 'newrev', 'refs/heads/master')
end
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment