Merge branch '250681_dont_unlink_forks_after_visibility_change' into 'master'

Stop unlinking the fork when changing visibility

See merge request gitlab-org/gitlab!49013

app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue

@@ -377,6 +377,11 @@ export default {
             />
           </div>
         </div>
+        <span v-if="!visibilityAllowed(visibilityLevel)" class="form-text text-muted">{{
+          s__(
+            'ProjectSettings|Visibility options for this fork are limited by the current visibility of the source project.',
+          )
+        }}</span>
         <span class="form-text text-muted">{{ visibilityLevelDescription }}</span>
         <label v-if="visibilityLevel !== visibilityOptions.PRIVATE" class="gl-line-height-28">
           <input

app/helpers/projects_helper.rb

@@ -150,13 +150,7 @@ module ProjectsHelper
   end
 
   def can_change_visibility_level?(project, current_user)
-    return false unless can?(current_user, :change_visibility_level, project)
-
-    if project.fork_source
-      project.fork_source.visibility_level > Gitlab::VisibilityLevel::PRIVATE
-    else
-      true
-    end
+    can?(current_user, :change_visibility_level, project)
   end
 
   def can_disable_emails?(project, current_user)

app/services/projects/update_service.rb

@@ -87,11 +87,6 @@ module Projects
         system_hook_service.execute_hooks_for(project, :update)
       end
 
-      if project.visibility_level_decreased? && project.unlink_forks_upon_visibility_decrease_enabled?
-        # It's a system-bounded operation, so no extra authorization check is required.
-        Projects::UnlinkForkService.new(project, current_user).execute
-      end
-
       update_pages_config if changing_pages_related_config?
     end
 

app/views/projects/_visibility_modal.html.haml

@@ -18,9 +18,9 @@
           = _('Once you confirm and press "Reduce project visibility":')
         %ul
           %li
-            = ("Current forks will keep their visibility level but their fork relationship with this project will be %{strong_start}removed%{strong_end}.").html_safe % { strong_start: strong_start, strong_end: strong_end }
+            = _("Current forks will keep their visibility level.").html_safe
         %label{ for: "confirm_path_input" }
-          = ("To confirm, type %{phrase_code}").html_safe % { phrase_code: '<code class="js-confirm-danger-match">%{phrase_name}</code>'.html_safe % { phrase_name: @project.full_path } }
+          = _("To confirm, type %{phrase_code}").html_safe % { phrase_code: '<code class="js-confirm-danger-match">%{phrase_name}</code>'.html_safe % { phrase_name: @project.full_path } }
         .form-group
           = text_field_tag 'confirm_path_input', '', class: 'form-control js-confirm-danger-input qa-confirm-input'
         .form-actions

changelogs/unreleased/250681_dont_unlink_forks_after_visibility_change.yml

+---
+title: Stop unlinking the fork when changing visibility
+merge_request: 49013
+author:
+type: added

doc/public_access/public_access.md

@@ -92,16 +92,6 @@ by accident. The restricted visibility settings do not apply to admin users.
 
 For details, see [Restricted visibility levels](../user/admin_area/settings/visibility_and_access_controls.md#restricted-visibility-levels).
 
-## Reducing visibility
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/33358) in GitLab 12.6.
-
-Reducing a project's visibility level removes the fork relationship between the project and
-any forked project. This is a potentially destructive action which requires confirmation before
-this can be saved.
-
-![Project visibility change confirmation](img/project_visibility_confirmation_v12_6.png)
-
 <!-- ## Troubleshooting
 
 Include any troubleshooting steps that you can foresee. If you know beforehand what issues

doc/user/project/repository/forking_workflow.md

@@ -33,10 +33,6 @@ Forking a project is, in most cases, a two-step process.
 
 The fork is created. The permissions you have in the namespace are the permissions you will have in the fork.
 
-WARNING:
-In GitLab 12.6 and later, when project owners [reduce a project's visibility](../../../public_access/public_access.md#reducing-visibility),
-it **removes the relationship** between a project and all its forks.
-
 WARNING:
 When a public project with the repository feature set to "Members
 only" is forked, the repository will be public in the fork. The owner

doc/user/project/settings/index.md

@@ -52,10 +52,6 @@ If you set **Project Visibility** to public, you can limit access to some featur
 to **Only Project Members**. In addition, you can select the option to
 [Allow users to request access](../members/index.md#project-membership-and-requesting-access).
 
-WARNING:
-If you [reduce a project's visibility level](../../../public_access/public_access.md#reducing-visibility),
-that action unlinks all forks of that project.
-
 Use the switches to enable or disable the following features:
 
 | Option                            | More access limit options | Description                                                                                                                                                                                    |

lib/gitlab/visibility_level.rb

@@ -123,14 +123,6 @@ module Gitlab
       end
     end
 
-    def visibility_level_decreased?
-      return false unless visibility_level_previous_changes
-
-      before, after = visibility_level_previous_changes
-
-      before && after && after < before
-    end
-
     def visibility_level_previous_changes
       previous_changes[:visibility_level]
     end

locale/gitlab.pot

@@ -8435,6 +8435,9 @@ msgstr ""
 msgid "Current Project"
 msgstr ""
 
+msgid "Current forks will keep their visibility level."
+msgstr ""
+
 msgid "Current node"
 msgstr ""
 
@@ -22308,6 +22311,9 @@ msgstr ""
 msgid "ProjectSettings|View project analytics"
 msgstr ""
 
+msgid "ProjectSettings|Visibility options for this fork are limited by the current visibility of the source project."
+msgstr ""
+
 msgid "ProjectSettings|What are badges?"
 msgstr ""
 
@@ -29403,6 +29409,9 @@ msgstr ""
 msgid "To add the entry manually, provide the following details to the application on your phone."
 msgstr ""
 
+msgid "To confirm, type %{phrase_code}"
+msgstr ""
+
 msgid "To connect GitHub repositories, you can use a %{personal_access_token_link}. When you create your Personal Access Token, you will need to select the %{code_open}repo%{code_close} scope, so we can display a list of your public and private repositories which are available to connect."
 msgstr ""
 

spec/helpers/projects_helper_spec.rb

@@ -92,37 +92,11 @@ RSpec.describe ProjectsHelper do
       expect(helper.can_change_visibility_level?(project, user)).to be_falsey
     end
 
-    it "returns true if there are permissions and it is not fork" do
+    it "returns true if there are permissions" do
       allow(helper).to receive(:can?) { true }
 
       expect(helper.can_change_visibility_level?(project, user)).to be_truthy
     end
-
-    it 'allows visibility level to be changed if the project is forked' do
-      allow(helper).to receive(:can?).with(user, :change_visibility_level, project) { true }
-      project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
-      fork_project(project)
-
-      expect(helper.can_change_visibility_level?(project, user)).to be_truthy
-    end
-
-    context "forks" do
-      it "returns false if there are permissions and origin project is PRIVATE" do
-        allow(helper).to receive(:can?) { true }
-
-        project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
-
-        expect(helper.can_change_visibility_level?(forked_project, user)).to be_falsey
-      end
-
-      it "returns true if there are permissions and origin project is INTERNAL" do
-        allow(helper).to receive(:can?) { true }
-
-        project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
-
-        expect(helper.can_change_visibility_level?(forked_project, user)).to be_truthy
-      end
-    end
   end
 
   describe '#can_disable_emails?' do

spec/lib/gitlab/visibility_level_spec.rb

@@ -131,28 +131,4 @@ RSpec.describe Gitlab::VisibilityLevel do
       end
     end
   end
-
-  describe '#visibility_level_decreased?' do
-    let(:project) { create(:project, :internal) }
-
-    context 'when visibility level decreases' do
-      before do
-        project.update!(visibility_level: described_class::PRIVATE)
-      end
-
-      it 'returns true' do
-        expect(project.visibility_level_decreased?).to be(true)
-      end
-    end
-
-    context 'when visibility level does not decrease' do
-      before do
-        project.update!(visibility_level: described_class::PUBLIC)
-      end
-
-      it 'returns false' do
-        expect(project.visibility_level_decreased?).to be(false)
-      end
-    end
-  end
 end

spec/services/projects/update_service_spec.rb

@@ -15,13 +15,6 @@ RSpec.describe Projects::UpdateService do
     let(:admin) { create(:admin) }
 
     context 'when changing visibility level' do
-      def expect_to_call_unlink_fork_service
-        service = Projects::UnlinkForkService.new(project, user)
-
-        expect(Projects::UnlinkForkService).to receive(:new).with(project, user).and_return(service)
-        expect(service).to receive(:execute).and_call_original
-      end
-
       context 'when visibility_level changes to INTERNAL' do
         it 'updates the project to internal' do
           expect(TodosDestroyer::ProjectPrivateWorker).not_to receive(:perform_in)
@@ -31,18 +24,6 @@ RSpec.describe Projects::UpdateService do
           expect(result).to eq({ status: :success })
           expect(project).to be_internal
         end
-
-        context 'and project is PUBLIC' do
-          before do
-            project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
-          end
-
-          it 'unlinks project from fork network' do
-            expect_to_call_unlink_fork_service
-
-            update_project(project, user, visibility_level: Gitlab::VisibilityLevel::INTERNAL)
-          end
-        end
       end
 
       context 'when visibility_level changes to PUBLIC' do
@@ -78,30 +59,6 @@ RSpec.describe Projects::UpdateService do
           expect(result).to eq({ status: :success })
           expect(project).to be_private
         end
-
-        context 'and project is PUBLIC' do
-          before do
-            project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
-          end
-
-          it 'unlinks project from fork network' do
-            expect_to_call_unlink_fork_service
-
-            update_project(project, user, visibility_level: Gitlab::VisibilityLevel::PRIVATE)
-          end
-        end
-
-        context 'and project is INTERNAL' do
-          before do
-            project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
-          end
-
-          it 'unlinks project from fork network' do
-            expect_to_call_unlink_fork_service
-
-            update_project(project, user, visibility_level: Gitlab::VisibilityLevel::PRIVATE)
-          end
-        end
       end
 
       context 'when visibility levels are restricted to PUBLIC only' do