Commit a70c76df authored by Grzegorz Bizon's avatar Grzegorz Bizon

Merge branch 'issue_37640' into 'master'

Fix project feature being deleted when updating project with invalid visibility level

Closes #37640

See merge request gitlab-org/gitlab-ce!14234
parents c433b191 25c959f9
......@@ -161,7 +161,7 @@ class Project < ActiveRecord::Base
has_many :notification_settings, as: :source, dependent: :delete_all # rubocop:disable Cop/ActiveRecordDependent
has_one :import_data, class_name: 'ProjectImportData', inverse_of: :project, autosave: true
has_one :project_feature
has_one :project_feature, inverse_of: :project
has_one :statistics, class_name: 'ProjectStatistics'
# Container repositories need to remove data from the container registry,
......@@ -190,7 +190,7 @@ class Project < ActiveRecord::Base
has_one :auto_devops, class_name: 'ProjectAutoDevops'
accepts_nested_attributes_for :variables, allow_destroy: true
accepts_nested_attributes_for :project_feature
accepts_nested_attributes_for :project_feature, update_only: true
accepts_nested_attributes_for :import_data
accepts_nested_attributes_for :auto_devops
......
......@@ -41,6 +41,8 @@ class ProjectFeature < ActiveRecord::Base
# http://stackoverflow.com/questions/1540645/how-to-disable-default-scope-for-a-belongs-to
belongs_to :project, -> { unscope(where: :pending_delete) }
validates :project, presence: true
validate :repository_children_level
default_value_for :builds_access_level, value: ENABLED, allows_nil: false
......
......@@ -24,7 +24,10 @@ module Projects
success
else
error('Project could not be updated!')
model_errors = project.errors.full_messages.to_sentence
error_message = model_errors.presence || 'Project could not be updated!'
error(error_message)
end
end
......
---
title: Fix project feature being deleted when updating project with invalid visibility
level
merge_request:
author:
type: fixed
class FixProjectsWithoutProjectFeature < ActiveRecord::Migration
DOWNTIME = false
def up
# Deletes corrupted project features
sql = "DELETE FROM project_features WHERE project_id IS NULL"
execute(sql)
# Creates missing project features with private visibility
sql =
%Q{
INSERT INTO project_features(project_id, repository_access_level, issues_access_level, merge_requests_access_level, wiki_access_level,
builds_access_level, snippets_access_level, created_at, updated_at)
SELECT projects.id as project_id,
10 as repository_access_level,
10 as issues_access_level,
10 as merge_requests_access_level,
10 as wiki_access_level,
10 as builds_access_level ,
10 as snippets_access_level,
projects.created_at,
projects.updated_at
FROM projects
LEFT OUTER JOIN project_features ON project_features.project_id = projects.id
WHERE (project_features.id IS NULL)
}
execute(sql)
end
def down
end
end
......@@ -57,6 +57,21 @@ describe Projects::UpdateService, '#execute' do
end
end
end
context 'When project visibility is higher than parent group' do
let(:group) { create(:group, visibility_level: Gitlab::VisibilityLevel::INTERNAL) }
before do
project.update(namespace: group, visibility_level: group.visibility_level)
end
it 'does not update project visibility level' do
result = update_project(project, admin, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
expect(result).to eq({ status: :error, message: 'Visibility level public is not allowed in a internal group.' })
expect(project.reload).to be_internal
end
end
end
describe 'when updating project that has forks' do
......@@ -148,7 +163,7 @@ describe Projects::UpdateService, '#execute' do
result = update_project(project, admin, path: 'existing')
expect(result).to include(status: :error)
expect(result[:message]).to match('Project could not be updated!')
expect(result[:message]).to match('There is already a repository with that name on disk')
expect(project).not_to be_valid
expect(project.errors.messages).to have_key(:base)
expect(project.errors.messages[:base]).to include('There is already a repository with that name on disk')
......@@ -159,8 +174,10 @@ describe Projects::UpdateService, '#execute' do
it 'returns an error result when record cannot be updated' do
result = update_project(project, admin, { name: 'foo&bar' })
expect(result).to eq({ status: :error,
message: 'Project could not be updated!' })
expect(result).to eq({
status: :error,
message: "Name can contain only letters, digits, emojis, '_', '.', dash, space. It must start with letter, digit, emoji or '_'."
})
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment