Allow to set "No one" level for branch protection defaults (!157315) · Merge requests · GitLab.org / GitLab

Vasilii Iakliushin requested to merge 468484_allow_extra_access_levels_for_default_branch_protection into master Jun 25, 2024

What does this MR do and why?

Contributes to #468484 (closed)

Problem

There is a discrepancy between UI and API related to branch protection default feature. Users can set "No one" or Instance admin level via UI but the API restricts this value.

Solution

Allow to set No one or Instance admin level via Group API and Application APIs.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Before

curl -X PUT  -H "PRIVATE-TOKEN: <token>" -H "Content-Type: application/json" -d '{"default_branch_protection_defaults":{"allowed_to_push":[{"access_level":0}],"allowed_to_merge":[{"access_level":0}],"developer_can_initial_push":true}}' http://gdk.test:3000/api/v4/groups/366

{"error":"default_branch_protection_defaults[allowed_to_push][0][access_level] does not have a valid value, default_branch_protection_defaults[allowed_to_merge][0][access_level] does not have a valid value"}

After

curl -X PUT  -H "PRIVATE-TOKEN: <token>" -H "Content-Type: application/json" -d '{"default_branch_protection_defaults":{"allowed_to_push":[{"access_level":0}],"allowed_to_merge":[{"access_level":0}],"developer_can_initial_push":true}}' http://gdk.test:3000/api/v4/groups/366

{"id":366,"web_url": ... }

How to set up and validate locally

See steps to reproduce

Edited Jun 25, 2024 by Vasilii Iakliushin

Allow to set "No one" level for branch protection defaults