Merge branch '35097-allowed-to-push-should-supersede-code-owner-approval-2' into 'master'

Resolve "Allowed to push" should supersede "Code owner approval" See merge request gitlab-org/gitlab!44126

Merge branch '35097-allowed-to-push-should-supersede-code-owner-approval-2' into 'master'
Resolve "Allowed to push" should supersede "Code owner approval" See merge request gitlab-org/gitlab!44126
fb7aca94 · Igor Drozdov · b320dc3f · 3414a523 · fb7aca94 · fb7aca94
Commit fb7aca94 authored Oct 12, 2020 by Igor Drozdov
3 changed files
--- a/config/feature_flags/development/push_rules_supersede_code_owners.yml
+++ b/config/feature_flags/development/push_rules_supersede_code_owners.yml
+---
+name: push_rules_supersede_code_owners
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/44126
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/262019
+type: development
+group: group::source code
+default_enabled: false
--- a/ee/lib/ee/gitlab/checks/diff_check.rb
+++ b/ee/lib/ee/gitlab/checks/diff_check.rb
@@ -21,6 +21,7 @@ module EE
        def validate_code_owners?
          return false if updated_from_web?
+          return false if ::Feature.enabled?(:push_rules_supersede_code_owners, project) && user_access.can_push_to_branch?(branch_name)
          project.branch_requires_code_owner_approval?(branch_name)
        end

--- a/ee/spec/lib/gitlab/checks/diff_check_spec.rb
+++ b/ee/spec/lib/gitlab/checks/diff_check_spec.rb
@@ -8,6 +8,12 @@ RSpec.describe Gitlab::Checks::DiffCheck do
  include_context 'push rules checks context'
  describe '#validate!' do
+    let(:push_allowed) { false }
+    before do
+      allow(user_access).to receive(:can_push_to_branch?).and_return(push_allowed)
+    end
    shared_examples_for "returns codeowners validation message" do
      it "returns an error message" do
        expect(validation_result).to include("Pushes to protected branches")
@@ -24,6 +30,51 @@ RSpec.describe Gitlab::Checks::DiffCheck do
      end
    end
+    describe '#validate_code_owners?' do
+      let_it_be(:push_rule) { create(:push_rule, file_name_regex: 'READ*') }
+      let(:validate_code_owners) { subject.send(:validate_code_owners?) }
+      let(:protocol) { 'ssh' }
+      let(:push_allowed) { false }
+      context 'when user can not push to the branch' do
+        context 'when not updated from web' do
+          it 'checks if the branch requires code owner approval' do
+            expect(project).to receive(:branch_requires_code_owner_approval?).and_return(true)
+            expect(validate_code_owners).to eq(true)
+          end
+        end
+        context 'when updated from the web' do
+          let(:protocol) { 'web' }
+          it 'returns false' do
+            expect(validate_code_owners).to eq(false)
+          end
+        end
+      end
+      context 'when a user can push to the branch' do
+        let(:push_allowed) { true }
+        it 'returns false' do
+          expect(validate_code_owners).to eq(false)
+        end
+        context 'when push_rules_supersede_code_owners is disabled' do
+          before do
+            stub_feature_flags(push_rules_supersede_code_owners: false)
+          end
+          it 'returns branch_requires_code_owner_approval?' do
+            expect(project).to receive(:branch_requires_code_owner_approval?).and_return(true)
+            expect(validate_code_owners).to eq(true)
+          end
+        end
+      end
+    end
    describe "#validate_code_owners" do
      let!(:code_owner) { create(:user, username: "owner-1") }
      let(:project) { create(:project, :repository) }