Revert exploratory branch restriction policy

48717b43 · James Edwards-Jones · b6a4c018 · 48717b43 · 48717b43
Commit 48717b43 authored Mar 25, 2018 by James Edwards-Jones
Showing with 6 additions and 54 deletions

app/policies/protected_branch_policy.rb app/policies/protected_branch_policy.rb +0 -10

spec/policies/protected_branch_policy_spec.rb spec/policies/protected_branch_policy_spec.rb +6 -44

No files found.
--- a/app/policies/protected_branch_policy.rb
+++ b/app/policies/protected_branch_policy.rb
 class ProtectedBranchPolicy < BasePolicy
  delegate { @subject.project }
-  condition(:requires_admin_to_unprotect?, scope: :subject) do
-    @subject.name == 'master' && Gitlab::CurrentSettings.only_admins_can_unprotect_master_branch?
-  end
  rule { can?(:admin_project) }.policy do
    enable :create_protected_branch
    enable :update_protected_branch
    enable :destroy_protected_branch
  end
-  rule { requires_admin_to_unprotect? & ~admin }.policy do
-    prevent :create_protected_branch
-    prevent :update_protected_branch
-    prevent :destroy_protected_branch
-  end
 end
--- a/spec/policies/protected_branch_policy_spec.rb
+++ b/spec/policies/protected_branch_policy_spec.rb
@@ -8,53 +8,15 @@ describe ProtectedBranchPolicy do
  subject { described_class.new(user, protected_branch) }
-  context 'when unprotection restriction feature is disabled' do
+  it 'branches can be updated via project masters' do
-    it "branches can't be updated by guests" do
+    project.add_master(user)
-      project.add_guest(user)
-      is_expected.to be_disallowed(:update_protected_branch)
+    is_expected.to be_allowed(:update_protected_branch)
-    end
-    it 'branches can be updated via access to project settings' do
-      project.add_master(user)
-      is_expected.to be_allowed(:update_protected_branch)
-    end
  end
-  context 'when unprotection restriction feature is enabled' do
+  it "branches can't be updated by guests" do
-    before do
+    project.add_guest(user)
-      # stub_licensed_features(unprotection_restrictions: true)
-    end
-    context 'and unprotection is limited to admins' do #TODO: remove this is temporary exploration
-      before do
-        stub_application_setting(only_admins_can_unprotect_master_branch: true)
-      end
-      context 'and the protection is for master' do
-        let(:name) { 'master' }
-        it 'project owners cannot remove protections' do
-          project.add_master(user)
-          is_expected.not_to be_allowed(:update_protected_branch)
-        end
-        it 'admins can remove protections' do
-          user.update!(admin: true)
-          is_expected.to be_allowed(:update_protected_branch)
-        end
-      end
-      context "and the protection isn't for master" do
-        it 'project owners can remove protections' do
-          project.add_master(user)
-          is_expected.to be_allowed(:update_protected_branch)
+    is_expected.to be_disallowed(:update_protected_branch)
-        end
-      end
-    end
  end
 end