Merge branch 'tmslvnkc/qa/fix/push_rules' into 'master'

Getting the admin email to be staging compatible

Closes #34978

See merge request gitlab-org/gitlab!23142

qa/qa/resource/user.rb

@@ -35,14 +35,17 @@ module QA
       end
 
       def email
-        @email ||= "#{username}@example.com"
+        @email ||= begin
+          api_email = api_resource&.dig(:email)
+          api_email && !api_email.empty? ? api_email : "#{username}@example.com"
+        end
       end
 
       def public_email
         @public_email ||= begin
           api_public_email = api_resource&.dig(:public_email)
 
-          api_public_email && api_public_email != '' ? api_public_email : Runtime::User.default_email
+          api_public_email && !api_public_email.empty? ? api_public_email : Runtime::User.default_email
         end
       end
 
@@ -87,6 +90,8 @@ module QA
       end
 
       def api_get_path
+        return "/user" if fetching_own_data?
+
         "/users/#{fetch_id(username)}"
       end
 
@@ -136,6 +141,10 @@ module QA
 
         users.first[:id]
       end
+
+      def fetching_own_data?
+        user&.username == username || Runtime::User.username == username
+      end
     end
   end
 end

qa/qa/specs/features/ee/browser_ui/3_create/repository/push_rules_spec.rb

 # frozen_string_literal: true
 
 module QA
-  context 'Create', quarantine: 'https://gitlab.com/gitlab-org/gitlab/issues/34978' do
+  context 'Create' do
     context 'Push Rules' do
       describe 'using non signed commits' do
-        file_name_limitation = 'denied_file'
-        file_size_limitation = 1
-        authors_email_limitation = '(admin@example.com|root@gitlab.com)'
-        branch_name_limitation = 'master'
-        needed_phrase_limitation = 'allowed commit'
-        deny_message_phrase_limitation = 'denied commit'
-
         before :context do
           prepare
 
+          @file_name_limitation = 'denied_file'
+          @file_size_limitation = 1
+          @authors_email_limitation = %{(#{Regexp.escape(@creator.email)}|#{@root.email})}
+          @branch_name_limitation = 'master'
+          @needed_phrase_limitation = 'allowed commit'
+          @deny_message_phrase_limitation = 'denied commit'
+
           Page::Project::Settings::Repository.perform do |repository|
             repository.expand_push_rules do |push_rules|
-              push_rules.fill_file_name file_name_limitation
-              push_rules.fill_file_size file_size_limitation
-              push_rules.fill_author_email authors_email_limitation
-              push_rules.fill_branch_name branch_name_limitation
-              push_rules.fill_commit_message_rule needed_phrase_limitation
-              push_rules.fill_deny_commit_message_rule deny_message_phrase_limitation
+              push_rules.fill_file_name @file_name_limitation
+              push_rules.fill_file_size @file_size_limitation
+              push_rules.fill_author_email @authors_email_limitation
+              push_rules.fill_branch_name @branch_name_limitation
+              push_rules.fill_commit_message_rule @needed_phrase_limitation
+              push_rules.fill_deny_commit_message_rule @deny_message_phrase_limitation
               push_rules.check_prevent_secrets
               push_rules.check_restrict_author
               push_rules.check_deny_delete_tag
@@ -36,7 +36,7 @@ module QA
             content: SecureRandom.hex(1000000)
           }]
           wrongly_named_file = [{
-            name: file_name_limitation,
+            name: @file_name_limitation,
             content: SecureRandom.hex(100)
           }]
 
@@ -46,7 +46,8 @@ module QA
         end
 
         it 'restricts users by email format' do
-          gitlab_user = Resource::User.fabricate_or_use(Runtime::Env.gitlab_qa_username_1, Runtime::Env.gitlab_qa_password_1)
+          gitlab_user = Resource::User.fabricate_or_use(Runtime::Env.gitlab_qa_username_2, Runtime::Env.gitlab_qa_password_2)
+          @project.add_member(gitlab_user)
 
           expect_no_error_on_push file: standard_file
           expect_error_on_push file: standard_file, user: gitlab_user
@@ -58,9 +59,9 @@ module QA
         end
 
         it 'restricts commit by message format' do
-          expect_no_error_on_push file: standard_file, commit_message: needed_phrase_limitation
+          expect_no_error_on_push file: standard_file, commit_message: @needed_phrase_limitation
           expect_error_on_push file: standard_file, commit_message: 'forbidden message'
-          expect_error_on_push file: standard_file, commit_message: "#{needed_phrase_limitation} - #{deny_message_phrase_limitation}"
+          expect_error_on_push file: standard_file, commit_message: "#{@needed_phrase_limitation} - #{@deny_message_phrase_limitation}"
         end
 
         it 'restricts committing files with secrets' do
@@ -75,7 +76,7 @@ module QA
 
         it 'restricts commits by user' do
           expect_no_error_on_push file: standard_file
-          expect_error_on_push file: standard_file, user: root_user
+          expect_error_on_push file: standard_file, user: @root
         end
 
         it 'restricts removal of tag' do
@@ -112,6 +113,7 @@ module QA
 
         it 'restricts commits to current authenticated user' do
           gitlab_user = Resource::User.fabricate_or_use(Runtime::Env.gitlab_qa_username_1, Runtime::Env.gitlab_qa_password_1)
+          @project.add_member(gitlab_user)
 
           expect_no_error_on_push file: standard_file, gpg: @gpg
           expect_error_on_push file: standard_file, gpg: @gpg, user: gitlab_user
@@ -125,35 +127,26 @@ module QA
          }]
       end
 
-      def root_user
-        Resource::User.new.tap do |user|
-          user.username = 'root'
-          user.name = 'GitLab QA'
-          user.email = 'root@gitlab.com'
-          user.password = nil
-        end
-      end
-
       def push(commit_message:, branch:, file:, user:, tag:, gpg:)
         Resource::Repository::ProjectPush.fabricate! do |push|
           push.project = @project
           push.commit_message = commit_message
           push.new_branch = branch != 'master'
           push.branch_name = branch
-          push.user = user
+          push.user = user if user != @root
           push.files = file if tag.nil?
           push.tag_name = tag unless tag.nil?
           push.gpg_key_id = gpg.key_id unless gpg.nil?
         end
       end
 
-      def expect_no_error_on_push(commit_message: 'allowed commit', branch: 'master', file:, user: Runtime::User, tag: nil, gpg: nil)
+      def expect_no_error_on_push(commit_message: 'allowed commit', branch: 'master', file:, user: @creator, tag: nil, gpg: nil)
         expect do
           push commit_message: commit_message, branch: branch, file: file, user: user, tag: tag, gpg: gpg
         end.not_to raise_error
       end
 
-      def expect_error_on_push(commit_message: 'allowed commit', branch: 'master', file:, user: Runtime::User, tag: nil, gpg: nil)
+      def expect_error_on_push(commit_message: 'allowed commit', branch: 'master', file:, user: @creator, tag: nil, gpg: nil)
         expect do
           push commit_message: commit_message, branch: branch, file: file, user: user, tag: tag, gpg: gpg
         end.to raise_error(QA::Git::Repository::RepositoryCommandError)
@@ -162,6 +155,18 @@ module QA
       def prepare
         Flow::Login.sign_in
 
+        @creator = Resource::User.fabricate_via_api! do |user|
+          user.username = Runtime::User.username
+          user.password = Runtime::User.password
+        end
+
+        @root = Resource::User.new.tap do |user|
+          user.username = 'root'
+          user.name = 'GitLab QA'
+          user.email = 'root@gitlab.com'
+          user.password = nil
+        end
+
         @project = Resource::Project.fabricate_via_api! do |project|
           project.name = 'push_rules'
         end