Renamed ProtectedTag push_access_levels to create_access_levels

app/assets/javascripts/protected_tags/protected_tag_create.js

@@ -11,20 +11,20 @@
     }
 
     buildDropdowns() {
-      const $allowedToPushDropdown = this.$wrap.find('.js-allowed-to-push');
+      const $allowedToCreateDropdown = this.$wrap.find('.js-allowed-to-create');
 
       // Cache callback
       this.onSelectCallback = this.onSelect.bind(this);
 
-      // Allowed to Push dropdown
+      // Allowed to Create dropdown
       new gl.ProtectedTagAccessDropdown({
-        $dropdown: $allowedToPushDropdown,
-        data: gon.push_access_levels,
+        $dropdown: $allowedToCreateDropdown,
+        data: gon.create_access_levels,
         onSelect: this.onSelectCallback
       });
 
       // Select default
-      $allowedToPushDropdown.data('glDropdown').selectRowAtIndex(0);
+      $allowedToCreateDropdown.data('glDropdown').selectRowAtIndex(0);
 
       // Protected tag dropdown
       new ProtectedTagDropdown({
@@ -37,9 +37,9 @@
     onSelect() {
       // Enable submit button
       const $tagInput = this.$wrap.find('input[name="protected_tag[name]"]');
-      const $allowedToPushInput = this.$wrap.find('input[name="protected_tag[push_access_levels_attributes][0][access_level]"]');
+      const $allowedToCreateInput = this.$wrap.find('input[name="protected_tag[create_access_levels_attributes][0][access_level]"]');
 
-      this.$form.find('input[type="submit"]').attr('disabled', !($tagInput.val() && $allowedToPushInput.length));
+      this.$form.find('input[type="submit"]').attr('disabled', !($tagInput.val() && $allowedToCreateInput.length));
     }
   };
 })(window);

app/assets/javascripts/protected_tags/protected_tag_edit.js

@@ -7,27 +7,27 @@
   gl.ProtectedTagEdit = class {
     constructor(options) {
       this.$wrap = options.$wrap;
-      this.$allowedToPushDropdown = this.$wrap.find('.js-allowed-to-push');
+      this.$allowedToCreateDropdown = this.$wrap.find('.js-allowed-to-create');
 
       this.buildDropdowns();
     }
 
     buildDropdowns() {
-      // Allowed to push dropdown
+      // Allowed to create dropdown
       new gl.ProtectedTagAccessDropdown({
-        $dropdown: this.$allowedToPushDropdown,
-        data: gon.push_access_levels,
+        $dropdown: this.$allowedToCreateDropdown,
+        data: gon.create_access_levels,
         onSelect: this.onSelect.bind(this)
       });
     }
 
     onSelect() {
-      const $allowedToPushInput = this.$wrap.find(`input[name="${this.$allowedToPushDropdown.data('fieldName')}"]`);
+      const $allowedToCreateInput = this.$wrap.find(`input[name="${this.$allowedToCreateDropdown.data('fieldName')}"]`);
 
       // Do not update if one dropdown has not selected any option
-      if (!$allowedToPushInput.length) return;
+      if (!$allowedToCreateInput.length) return;
 
-      this.$allowedToPushDropdown.disable();
+      this.$allowedToCreateDropdown.disable();
 
       $.ajax({
         type: 'POST',
@@ -36,9 +36,9 @@
         data: {
           _method: 'PATCH',
           protected_tag: {
-            push_access_levels_attributes: [{
-              id: this.$allowedToPushDropdown.data('access-level-id'),
-              access_level: $allowedToPushInput.val()
+            create_access_levels_attributes: [{
+              id: this.$allowedToCreateDropdown.data('access-level-id'),
+              access_level: $allowedToCreateInput.val()
             }]
           }
         },
@@ -47,7 +47,7 @@
           new Flash('Failed to update tag!');
         }
       }).always(() => {
-        this.$allowedToPushDropdown.enable();
+        this.$allowedToCreateDropdown.enable();
       });
     }
   };

app/controllers/projects/protected_tags_controller.rb

@@ -30,6 +30,6 @@ class Projects::ProtectedTagsController < Projects::ProtectedRefsController
   end
 
   def protected_ref_params
-    params.require(:protected_tag).permit(:name, push_access_levels_attributes: [:access_level, :id])
+    params.require(:protected_tag).permit(:name, create_access_levels_attributes: [:access_level, :id])
   end
 end

app/controllers/projects/settings/repository_controller.rb

@@ -13,16 +13,15 @@ module Projects
 
       def define_protected_refs
         @protected_branches = @project.protected_branches.order(:name).page(params[:page])
-        @protected_tags = @project.protected_tags.order(:name).page(params[:page]) #TODO duplicated pagination param?
+        @protected_tags = @project.protected_tags.order(:name).page(params[:page])
         @protected_branch = @project.protected_branches.new
         @protected_tag = @project.protected_tags.new
         load_gon_index
       end
 
       def access_levels_options
-        #TODO: consider protected tags
-        #TODO: Refactor ProtectedBranch::PushAccessLevel so it doesn't mention branches
         {
+          create_access_levels: levels_for_dropdown(ProtectedTag::CreateAccessLevel),
           push_access_levels: levels_for_dropdown(ProtectedBranch::PushAccessLevel),
           merge_access_levels: levels_for_dropdown(ProtectedBranch::MergeAccessLevel)
         }

app/models/protected_tag.rb

@@ -2,11 +2,11 @@ class ProtectedTag < ActiveRecord::Base
   include Gitlab::ShellAdapter
   include ProtectedRef
 
-  has_many :push_access_levels, dependent: :destroy
+  has_many :create_access_levels, dependent: :destroy
 
-  validates :push_access_levels, length: { is: 1, message: "are restricted to a single instance per protected tag." }
+  validates :create_access_levels, length: { is: 1, message: "are restricted to a single instance per protected tag." }
 
-  accepts_nested_attributes_for :push_access_levels
+  accepts_nested_attributes_for :create_access_levels
 
   def self.protected?(project, ref_name)
     self.matching(ref_name, protected_refs: project.protected_tags).present?

app/models/protected_tag/push_access_level.rb → app/models/protected_tag/create_access_level.rb

-class ProtectedTag::PushAccessLevel < ActiveRecord::Base
+class ProtectedTag::CreateAccessLevel < ActiveRecord::Base
   include ProtectedTagAccess
 
   validates :access_level, presence: true, inclusion: { in: [Gitlab::Access::MASTER,

app/views/projects/protected_tags/_create_protected_tag.html.haml

@@ -19,14 +19,14 @@
               %code production/*
               are supported
         .form-group
-          %label.col-md-2.text-right{ for: 'push_access_levels_attributes' }
-            Allowed to push:
+          %label.col-md-2.text-right{ for: 'create_access_levels_attributes' }
+            Allowed to create:
           .col-md-10
-            .push_access_levels-container
+            .create_access_levels-container
               = dropdown_tag('Select',
-                             options: { toggle_class: 'js-allowed-to-push wide',
+                             options: { toggle_class: 'js-allowed-to-create wide',
                              dropdown_class: 'dropdown-menu-selectable',
-                             data: { field_name: 'protected_tag[push_access_levels_attributes][0][access_level]', input_id: 'push_access_levels_attributes' }})
+                             data: { field_name: 'protected_tag[create_access_levels_attributes][0][access_level]', input_id: 'create_access_levels_attributes' }})
 
     .panel-footer
       = f.submit 'Protect', class: 'btn-create btn', disabled: true

app/views/projects/protected_tags/_tags_list.html.haml

@@ -17,7 +17,7 @@
         %tr
           %th Protected tag (#{@protected_tags.size})
           %th Last commit
-          %th Allowed to push
+          %th Allowed to create
           - if can_admin_project
             %th
       %tbody

app/views/projects/protected_tags/_update_protected_tag.haml

 %td
-  = hidden_field_tag "allowed_to_push_#{protected_tag.id}", protected_tag.push_access_levels.first.access_level
-  = dropdown_tag( (protected_tag.push_access_levels.first.humanize || 'Select') ,
-                 options: { toggle_class: 'js-allowed-to-push', dropdown_class: 'dropdown-menu-selectable js-allowed-to-push-container',
-                 data: { field_name: "allowed_to_push_#{protected_tag.id}", access_level_id: protected_tag.push_access_levels.first.id }})
+  = hidden_field_tag "allowed_to_create_#{protected_tag.id}", protected_tag.create_access_levels.first.access_level
+  = dropdown_tag( (protected_tag.create_access_levels.first.humanize || 'Select') ,
+                 options: { toggle_class: 'js-allowed-to-create', dropdown_class: 'dropdown-menu-selectable js-allowed-to-create-container',
+                 data: { field_name: "allowed_to_create_#{protected_tag.id}", access_level_id: protected_tag.create_access_levels.first.id }})

db/migrate/20170309173138_create_protected_tags.rb

@@ -15,14 +15,14 @@ class CreateProtectedTags < ActiveRecord::Migration
 
     add_index :protected_tags, :project_id
 
-    create_table :protected_tag_push_access_levels do |t|
-      t.references :protected_tag, index: { name: "index_protected_tag_push_access" }, foreign_key: true, null: false
+    create_table :protected_tag_create_access_levels do |t|
+      t.references :protected_tag, index: { name: "index_protected_tag_create_access" }, foreign_key: true, null: false
       t.integer :access_level, default: GITLAB_ACCESS_MASTER, null: true
       t.references :user, foreign_key: true, index: true
-      t.integer :group_id#TODO: Should this have an index? Doesn't appear in brances #, index: true
+      t.integer :group_id
       t.timestamps null: false
     end
 
-    add_foreign_key :protected_tag_push_access_levels, :namespaces, column: :group_id # rubocop: disable Migration/AddConcurrentForeignKey
+    add_foreign_key :protected_tag_create_access_levels, :namespaces, column: :group_id # rubocop: disable Migration/AddConcurrentForeignKey
   end
 end

db/schema.rb

@@ -963,7 +963,7 @@ ActiveRecord::Schema.define(version: 20170315194013) do
 
   add_index "protected_branches", ["project_id"], name: "index_protected_branches_on_project_id", using: :btree
 
-  create_table "protected_tag_push_access_levels", force: :cascade do |t|
+  create_table "protected_tag_create_access_levels", force: :cascade do |t|
     t.integer "protected_tag_id", null: false
     t.integer "access_level", default: 40
     t.integer "user_id"
@@ -972,8 +972,8 @@ ActiveRecord::Schema.define(version: 20170315194013) do
     t.datetime "updated_at", null: false
   end
 
-  add_index "protected_tag_push_access_levels", ["protected_tag_id"], name: "index_protected_tag_push_access", using: :btree
-  add_index "protected_tag_push_access_levels", ["user_id"], name: "index_protected_tag_push_access_levels_on_user_id", using: :btree
+  add_index "protected_tag_create_access_levels", ["protected_tag_id"], name: "index_protected_tag_create_access", using: :btree
+  add_index "protected_tag_create_access_levels", ["user_id"], name: "index_protected_tag_create_access_levels_on_user_id", using: :btree
 
   create_table "protected_tags", force: :cascade do |t|
     t.integer "project_id", null: false
@@ -1326,9 +1326,9 @@ ActiveRecord::Schema.define(version: 20170315194013) do
   add_foreign_key "project_statistics", "projects", on_delete: :cascade
   add_foreign_key "protected_branch_merge_access_levels", "protected_branches"
   add_foreign_key "protected_branch_push_access_levels", "protected_branches"
-  add_foreign_key "protected_tag_push_access_levels", "namespaces", column: "group_id"
-  add_foreign_key "protected_tag_push_access_levels", "protected_tags"
-  add_foreign_key "protected_tag_push_access_levels", "users"
+  add_foreign_key "protected_tag_create_access_levels", "namespaces", column: "group_id"
+  add_foreign_key "protected_tag_create_access_levels", "protected_tags"
+  add_foreign_key "protected_tag_create_access_levels", "users"
   add_foreign_key "subscriptions", "projects", on_delete: :cascade
   add_foreign_key "timelogs", "issues", name: "fk_timelogs_issues_issue_id", on_delete: :cascade
   add_foreign_key "timelogs", "merge_requests", name: "fk_timelogs_merge_requests_merge_request_id", on_delete: :cascade

lib/gitlab/import_export/import_export.yml

@@ -47,7 +47,7 @@ project_tree:
     - :merge_access_levels
     - :push_access_levels
   - protected_tags:
-    - :push_access_levels
+    - :create_access_levels
   - :project_feature
 
 # Only include the following attributes for the models specified.

lib/gitlab/import_export/relation_factory.rb

@@ -9,7 +9,7 @@ module Gitlab
                     hooks: 'ProjectHook',
                     merge_access_levels: 'ProtectedBranch::MergeAccessLevel',
                     push_access_levels: 'ProtectedBranch::PushAccessLevel',
-                    #TODO: How to add?- push_access_levels: 'ProtectedTag::PushAccessLevel',
+                    create_access_levels: 'ProtectedTag::CreateAccessLevel',
                     labels: :project_labels,
                     priorities: :label_priorities,
                     label: :project_label }.freeze

spec/factories/protected_tags.rb

@@ -4,18 +4,18 @@ FactoryGirl.define do
     project
 
     after(:build) do |protected_tag|
-      protected_tag.push_access_levels.new(access_level: Gitlab::Access::MASTER)
+      protected_tag.create_access_levels.new(access_level: Gitlab::Access::MASTER)
     end
 
-    trait :developers_can_push do
+    trait :developers_can_create do
       after(:create) do |protected_tag|
-        protected_tag.push_access_levels.first.update!(access_level: Gitlab::Access::DEVELOPER)
+        protected_tag.create_access_levels.first.update!(access_level: Gitlab::Access::DEVELOPER)
       end
     end
 
-    trait :no_one_can_push do
+    trait :no_one_can_create do
       after(:create) do |protected_tag|
-        protected_tag.push_access_levels.first.update!(access_level: Gitlab::Access::NO_ACCESS)
+        protected_tag.create_access_levels.first.update!(access_level: Gitlab::Access::NO_ACCESS)
       end
     end
   end

spec/features/protected_tags/access_control_ce_spec.rb

 RSpec.shared_examples "protected tags > access control > CE" do
-  ProtectedTag::PushAccessLevel.human_access_levels.each do |(access_type_id, access_type_name)|
-    it "allows creating protected tags that #{access_type_name} can push to" do
+  ProtectedTag::CreateAccessLevel.human_access_levels.each do |(access_type_id, access_type_name)|
+    it "allows creating protected tags that #{access_type_name} can create" do
       visit namespace_project_protected_tags_path(project.namespace, project)
       set_protected_tag_name('master')
       within('.new_protected_tag') do
-        allowed_to_push_button = find(".js-allowed-to-push")
+        allowed_to_create_button = find(".js-allowed-to-create")
 
-        unless allowed_to_push_button.text == access_type_name
-          allowed_to_push_button.click
+        unless allowed_to_create_button.text == access_type_name
+          allowed_to_create_button.click
           within(".dropdown.open .dropdown-menu") { click_on access_type_name }
         end
       end
       click_on "Protect"
 
       expect(ProtectedTag.count).to eq(1)
-      expect(ProtectedTag.last.push_access_levels.map(&:access_level)).to eq([access_type_id])
+      expect(ProtectedTag.last.create_access_levels.map(&:access_level)).to eq([access_type_id])
     end
 
-    it "allows updating protected tags so that #{access_type_name} can push to them" do
+    it "allows updating protected tags so that #{access_type_name} can create them" do
       visit namespace_project_protected_tags_path(project.namespace, project)
       set_protected_tag_name('master')
       click_on "Protect"
@@ -25,16 +25,16 @@ RSpec.shared_examples "protected tags > access control > CE" do
       expect(ProtectedTag.count).to eq(1)
 
       within(".protected-tags-list") do
-        find(".js-allowed-to-push").click
+        find(".js-allowed-to-create").click
         
-        within('.js-allowed-to-push-container') do
+        within('.js-allowed-to-create-container') do
           expect(first("li")).to have_content("Roles")
           click_on access_type_name
         end
       end
 
       wait_for_ajax
-      expect(ProtectedTag.last.push_access_levels.map(&:access_level)).to include(access_type_id)
+      expect(ProtectedTag.last.create_access_levels.map(&:access_level)).to include(access_type_id)
     end
   end
 end

spec/lib/gitlab/checks/change_access_spec.rb

@@ -86,7 +86,7 @@ describe Gitlab::Checks::ChangeAccess, lib: true do
           end
 
           context 'when user has access' do
-            let!(:protected_tag) { create(:protected_tag, :developers_can_push, project: project, name: 'v*') }
+            let!(:protected_tag) { create(:protected_tag, :developers_can_create, project: project, name: 'v*') }
 
             it 'allows tag creation' do
               expect(subject.status).to be(true)

spec/lib/gitlab/import_export/all_models.yml

@@ -113,11 +113,12 @@ protected_branches:
 - push_access_levels
 protected_tags:
 - project
-- push_access_levels
+- create_access_levels
 merge_access_levels:
 - protected_branch
 push_access_levels:
 - protected_branch
+create_access_levels:
 - protected_tag
 project:
 - taggings

spec/lib/gitlab/user_access_spec.rb

@@ -189,7 +189,7 @@ describe Gitlab::UserAccess, lib: true do
 
     describe 'push to protected tag if allowed for developers' do
       before do
-        @tag = create(:protected_tag, :developers_can_push, project: project)
+        @tag = create(:protected_tag, :developers_can_create, project: project)
       end
 
       it 'returns true if user is a master' do

spec/services/protected_tags/create_service_spec.rb

@@ -6,7 +6,7 @@ describe ProtectedTags::CreateService, services: true do
   let(:params) do
     {
       name: 'master',
-      push_access_levels_attributes: [{ access_level: Gitlab::Access::MASTER }]
+      create_access_levels_attributes: [{ access_level: Gitlab::Access::MASTER }]
     }
   end
 
@@ -15,7 +15,7 @@ describe ProtectedTags::CreateService, services: true do
 
     it 'creates a new protected tag' do
       expect { service.execute }.to change(ProtectedTag, :count).by(1)
-      expect(project.protected_tags.last.push_access_levels.map(&:access_level)).to eq([Gitlab::Access::MASTER])
+      expect(project.protected_tags.last.create_access_levels.map(&:access_level)).to eq([Gitlab::Access::MASTER])
     end
   end
 end