Ensure the approvals can not be changed after merge (!138925) · Merge requests · GitLab.org / GitLab

Marc Shaw requested to merge 424340-it-should-not-be-possible-to-unapprove-or-approve-a-merged-mr into master Dec 06, 2023

What does this MR do and why?

After a merge request is merged, the user's should not be allowed to approve/unapprove.

To Test:

Find a merged MR that you haven't approved
Try to approve through the quick actions
Find a merge MR that you have approved
Try to unapprove through the quick actions

curl -X POST -H "PRIVATE-TOKEN: TOKEN" "http://localhost:3000/api/v4/projects/PROJECT_ID/merge_requests/MERGE_REQUEST_IID/approve"

curl -X POST -H "PRIVATE-TOKEN: TOKEN" "http://localhost:3000/api/v4/projects/PROJECT_ID/merge_requests/MERGE_REQUEST_IID/unapprove"

Related to #424340 (closed)

Edited Dec 14, 2023 by Patrick Bajao

Ensure the approvals can not be changed after merge

What does this MR do and why?

Merge request reports