Class: ProtectedBranch

Inherits:

ApplicationRecord

• Object
• ActiveRecord::Base
• ApplicationRecord
• ProtectedBranch

Includes:

EachBatch, FromUnion, Gitlab::SQL::Pattern, Presentable, ProtectedRef

Defined in:

app/models/protected_branch.rb

Direct Known Subclasses

ExportedProtectedBranch

Defined Under Namespace

Classes: CacheKey, MergeAccessLevel, PushAccessLevel

Constant Summary

Constants included from Gitlab::SQL::Pattern

Gitlab::SQL::Pattern::MIN_CHARS_FOR_PARTIAL_MATCHING, Gitlab::SQL::Pattern::REGEX_QUOTED_TERM

Constants inherited from ApplicationRecord

ApplicationRecord::MAX_PLUCK

Constants included from HasCheckConstraints

HasCheckConstraints::NOT_NULL_CHECK_PATTERN

Constants included from ResetOnColumnErrors

ResetOnColumnErrors::MAX_RESET_PERIOD

Instance Attribute Summary

Attributes included from Importable

#importing, #user_contributions

Class Method Summary

• .allow_force_push?(project, ref_name) ⇒ Boolean
• .any_protected?(project, ref_names) ⇒ Boolean
• .branch_requires_code_owner_approval?(project, branch_name) ⇒ Boolean

  overridden in EE.

• .by_name(query) ⇒ Object
• .default_branch_for(project) ⇒ Object
• .downcase_humanized_name ⇒ Object
• .get_ids_by_name(name) ⇒ Object
• .protected?(project, ref_name) ⇒ Boolean

  Check if branch name is marked as protected in the system.

• .protected_ref_accessible_to?(ref, user, project:, action:, protected_refs: nil) ⇒ Boolean
• .protected_refs(project) ⇒ Object

Instance Method Summary

• #default_branch? ⇒ Boolean
• #entity ⇒ Object
• #group_level? ⇒ Boolean
• #project_level? ⇒ Boolean

Methods included from Presentable

#present

Methods included from Gitlab::SQL::Pattern

split_query_to_search_terms

Methods included from ProtectedRef

#commit

Methods inherited from ApplicationRecord

===, cached_column_list, #create_or_load_association, current_transaction, declarative_enum, default_select_columns, delete_all_returning, #deleted_from_database?, id_in, id_not_in, iid_in, nullable_column?, primary_key_in, #readable_by?, safe_ensure_unique, safe_find_or_create_by, safe_find_or_create_by!, #to_ability_name, underscore, where_exists, where_not_exists, with_fast_read_statement_timeout, without_order

Methods included from Organizations::Sharding

#sharding_organization

Methods included from ResetOnColumnErrors

#reset_on_union_error, #reset_on_unknown_attribute_error

Methods included from Gitlab::SensitiveSerializableHash

#serializable_hash

Class Method Details

.allow_force_push?(project, ref_name) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/protected_branch.rb', line 64

def self.allow_force_push?(project, ref_name)
  project.all_protected_branches.allowing_force_push.matching(ref_name).any?
end

.any_protected?(project, ref_names) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/protected_branch.rb', line 68

def self.any_protected?(project, ref_names)
  protected_refs(project).any? do |protected_ref|
    ref_names.any? do |ref_name|
      protected_ref.matches?(ref_name)
    end
  end
end

.branch_requires_code_owner_approval?(project, branch_name) ⇒ Boolean

overridden in EE

Returns:

• (Boolean)

# File 'app/models/protected_branch.rb', line 81

def self.branch_requires_code_owner_approval?(project, branch_name)
  false
end

.by_name(query) ⇒ Object

# File 'app/models/protected_branch.rb', line 85

def self.by_name(query)
  return none if query.blank?

  where(fuzzy_arel_match(:name, query.downcase))
end

.default_branch_for(project) ⇒ Object

# File 'app/models/protected_branch.rb', line 95

def self.default_branch_for(project)
  return unless project&.default_branch

  project.protected_branches.detect { |branch| branch.name == project.default_branch }
end

.downcase_humanized_name ⇒ Object

# File 'app/models/protected_branch.rb', line 91

def self.downcase_humanized_name
  name.underscore.humanize.downcase
end

.get_ids_by_name(name) ⇒ Object

# File 'app/models/protected_branch.rb', line 34

def self.get_ids_by_name(name)
  where(name: name).pluck(:id)
end

.protected?(project, ref_name) ⇒ Boolean

Check if branch name is marked as protected in the system

Returns:

• (Boolean)

# File 'app/models/protected_branch.rb', line 55

def self.protected?(project, ref_name)
  return true if project.empty_repo? && project.default_branch_protected?
  return false if ref_name.blank?

  ProtectedBranches::CacheService.new(project).fetch(ref_name) do # rubocop: disable CodeReuse/ServiceClass
    self.matching(ref_name, protected_refs: protected_refs(project)).present?
  end
end

.protected_ref_accessible_to?(ref, user, project:, action:, protected_refs: nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/protected_branch.rb', line 38

def self.protected_ref_accessible_to?(ref, user, project:, action:, protected_refs: nil)
  if project.empty_repo?
    member_access = project.team.max_member_access(user.id)

    # Admins are always allowed to create the default branch
    return true if user.admin? || user.can?(:admin_project, project)

    # Developers can push if it is allowed by default branch protection settings
    if member_access == Gitlab::Access::DEVELOPER && project.initial_push_to_default_branch_allowed_for_developer?
      return true
    end
  end

  super
end

.protected_refs(project) ⇒ Object

# File 'app/models/protected_branch.rb', line 76

def self.protected_refs(project)
  project.all_protected_branches
end

Instance Method Details

#default_branch? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/protected_branch.rb', line 101

def default_branch?
  return false unless project.present?

  name == project.default_branch
end

#entity ⇒ Object

# File 'app/models/protected_branch.rb', line 115

def entity
  group || project
end

#group_level? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/protected_branch.rb', line 107

def group_level?
  entity.is_a?(Group)
end

#project_level? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/protected_branch.rb', line 111

def project_level?
  entity.is_a?(Project)
end