Commit 19edeba8 authored by Pawel Chojnacki's avatar Pawel Chojnacki

Prevent people from creating branches if they don't have persmission to push

parent 61046e75
---
title: Prevent people from creating branches if they don't have persmission to push
merge_request:
author:
...@@ -44,9 +44,7 @@ module Gitlab ...@@ -44,9 +44,7 @@ module Gitlab
if ProtectedBranch.protected?(project, ref) if ProtectedBranch.protected?(project, ref)
return true if project.empty_repo? && project.user_can_push_to_empty_repo?(user) return true if project.empty_repo? && project.user_can_push_to_empty_repo?(user)
has_access = project.protected_branches.protected_ref_accessible_to?(ref, user, action: :push) project.protected_branches.protected_ref_accessible_to?(ref, user, action: :push)
has_access || !project.repository.branch_exists?(ref) && can_merge_to_branch?(ref)
else else
user.can?(:push_code, project) user.can?(:push_code, project)
end end
......
...@@ -87,10 +87,10 @@ describe Gitlab::UserAccess, lib: true do ...@@ -87,10 +87,10 @@ describe Gitlab::UserAccess, lib: true do
expect(access.can_push_to_branch?(branch.name)).to be_falsey expect(access.can_push_to_branch?(branch.name)).to be_falsey
end end
it 'returns true if branch does not exist and user has permission to merge' do it 'returns false if branch does not exist' do
project.team << [user, :developer] project.team << [user, :developer]
expect(access.can_push_to_branch?(not_existing_branch.name)).to be_truthy expect(access.can_push_to_branch?(not_existing_branch.name)).to be_falsey
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment