diff --git a/app/models/project.rb b/app/models/project.rb index a4c634bdb5c19dbe9632ddf7b05973f0a1f941c2..7f2dd37a3ccad5825c09b93bd2b24f28df2a9b35 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -786,6 +786,6 @@ class Project < ActiveRecord::Base def visibility_level_allowed?(level) return true unless forked? - Gitlab::VisibilityLevel.allowed_fork_levels(forked_from_project.visibility_level).include?(level) + Gitlab::VisibilityLevel.allowed_fork_levels(forked_from_project.visibility_level).include?(level.to_i) end end diff --git a/app/services/projects/update_service.rb b/app/services/projects/update_service.rb index 69bdd045ddfeece023c92821cd7d7cdb3cd89853..0a42f3e02aa3efe6e752f6b8d50931f3a2e23548 100644 --- a/app/services/projects/update_service.rb +++ b/app/services/projects/update_service.rb @@ -11,6 +11,15 @@ module Projects end end + unless project.visibility_level_allowed?(new_visibility) + level_name = Gitlab::VisibilityLevel.level_name(new_visibility) + project.errors.add( + :visibility_level, + "#{level_name} could not be set as visibility level of this project - parent project settings are more restrictive" + ) + return false + end + new_branch = params[:default_branch] if project.repository.exists? && new_branch && new_branch != project.default_branch