Change project approval rule api

Now endpoints are under approval_settings scope.
Add PUT /projects/:id/approval_settings for updating
overall approvals_required.

ee/lib/api/project_approval_rules.rb

@@ -10,7 +10,7 @@ module API
       requires :id, type: String, desc: 'The ID of a project'
     end
     resource :projects, requirements: ::API::API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
-      segment ':id/approval_rules' do
+      segment ':id/approval_settings' do
         desc 'Get all project approval rules' do
           detail 'This feature was introduced in 11.6'
           success EE::API::Entities::ProjectApprovalRules
@@ -21,6 +21,30 @@ module API
           present user_project, with: EE::API::Entities::ProjectApprovalRules, current_user: current_user
         end
 
+        desc 'Update fallback approvals required' do
+          detail 'This feature was introduced in 11.8'
+          success ::API::Entities::Project
+        end
+        params do
+          requires :fallback_approvals_required, as: :approvals_before_merge, type: Integer, desc: 'The total number of required approvals in case of fallback'
+        end
+        put do
+          authorize! :admin_project, user_project
+
+          result = ::Projects::UpdateService.new(user_project, current_user, declared_params).execute
+
+          if result[:status] == :success
+            present(
+              user_project,
+              with: ::API::Entities::Project,
+              user_can_admin_project: can?(current_user, :admin_project, user_project)
+            )
+          else
+            render_validation_error!(user_project)
+          end
+        end
+
+        segment 'rules' do
           desc 'Create new approval rule' do
             detail 'This feature was introduced in 11.6'
             success EE::API::Entities::ApprovalRule
@@ -88,4 +112,5 @@ module API
         end
       end
     end
+  end
 end

ee/lib/ee/api/entities.rb

@@ -269,6 +269,7 @@ module EE
       # Decorates Project
       class ProjectApprovalRules < Grape::Entity
         expose :approval_rules, as: :rules, using: ApprovalRule
+        expose :approvals_before_merge, as: :fallback_approvals_required
       end
 
       # @deprecated

ee/spec/fixtures/api/schemas/public_api/v4/project_approval_rules.json

@@ -4,7 +4,8 @@
     "rules": {
       "type": "array",
       "items": { "$ref": "project_approval_rule.json" }
-    }
+    },
+    "fallback_approvals_required": { "type": "integer" }
   },
   "additionalProperties": false
 }

ee/spec/requests/api/project_approval_rules_spec.rb

@@ -10,9 +10,11 @@ describe API::ProjectApprovalRules do
   set(:project)  { create(:project, :public, :repository, creator: user, namespace: user.namespace, only_allow_merge_if_pipeline_succeeds: false) }
   set(:approver) { create(:user) }
 
-  let(:url) { "/projects/#{project.id}/approval_rules" }
+  let(:url) { "/projects/#{project.id}/approval_settings/rules" }
+
+  describe 'GET /projects/:id/approval_settings' do
+    let(:url) { "/projects/#{project.id}/approval_settings" }
 
-  describe 'GET /projects/:id/approval_rules' do
     context 'when the request is correct' do
       let!(:rule) do
         rule = create(:approval_project_rule, name: 'security', project: project, approvals_required: 7)
@@ -72,7 +74,43 @@ describe API::ProjectApprovalRules do
     end
   end
 
-  describe 'POST /projects/:id/approval_rules' do
+  describe 'PUT /projects/:id/approval_settings' do
+    let(:url) { "/projects/#{project.id}/approval_settings" }
+
+    shared_examples_for 'a user with access' do
+      context 'when sending json data' do
+        it 'updates approvals_before_merge' do
+          expect do
+            put api(url, current_user), params: { fallback_approvals_required: 1 }.to_json, headers: { CONTENT_TYPE: 'application/json' }
+          end.to change { project.reload.approvals_before_merge }.from(0).to(1)
+
+          expect(response).to have_gitlab_http_status(200)
+        end
+      end
+    end
+
+    context 'as a project admin' do
+      it_behaves_like 'a user with access' do
+        let(:current_user) { user }
+      end
+    end
+
+    context 'as a global admin' do
+      it_behaves_like 'a user with access' do
+        let(:current_user) { admin }
+      end
+    end
+
+    context 'as a random user' do
+      it 'returns 403' do
+        put api(url, user2), { fallback_approvals_required: 1 }.to_json, { CONTENT_TYPE: 'application/json' }
+
+        expect(response).to have_gitlab_http_status(403)
+      end
+    end
+  end
+
+  describe 'POST /projects/:id/approval_settings/rules' do
     let(:current_user) { user }
     let(:params) do
       {
@@ -119,9 +157,9 @@ describe API::ProjectApprovalRules do
     end
   end
 
-  describe 'PUT /projects/:id/approval_rules/:approval_rule_id' do
+  describe 'PUT /projects/:id/approval_settings/:approval_rule_id' do
     let!(:approval_rule) { create(:approval_project_rule, project: project) }
-    let(:url) { "/projects/#{project.id}/approval_rules/#{approval_rule.id}" }
+    let(:url) { "/projects/#{project.id}/approval_settings/rules/#{approval_rule.id}" }
 
     shared_examples_for 'a user with access' do
       before do
@@ -185,9 +223,9 @@ describe API::ProjectApprovalRules do
     end
   end
 
-  describe 'DELETE /projects/:id/approval_rules/:approval_rule_id' do
+  describe 'DELETE /projects/:id/approval_settings/rules/:approval_rule_id' do
     let!(:approval_rule) { create(:approval_project_rule, project: project) }
-    let(:url) { "/projects/#{project.id}/approval_rules/#{approval_rule.id}" }
+    let(:url) { "/projects/#{project.id}/approval_settings/rules/#{approval_rule.id}" }
 
     it 'destroys' do
       delete api(url, user)
@@ -198,7 +236,7 @@ describe API::ProjectApprovalRules do
 
     context 'when approval rule not found' do
       let!(:approval_rule_2) { create(:approval_project_rule) }
-      let(:url) { "/projects/#{project.id}/approval_rules/#{approval_rule_2.id}" }
+      let(:url) { "/projects/#{project.id}/approval_settings/#{approval_rule_2.id}" }
 
       it 'returns not found' do
         delete api(url, user)