def test__protect_single_tag(self, gitlab, group, project, tags):
group_and_project = f"{group}/{project}"
config = f"""
projects_and_groups:
{group_and_project}:
tags:
tag1:
protected: true
create_access_level: {MAINTAINER_ACCESS}
"""
run_gitlabform(config, group_and_project)
tags = gitlab.get_tags(group_and_project)
for tag in tags:
if tag["name"] == "tag1":
assert tag["protected"]
else:
assert not tag["protected"]
protected_tags = gitlab.get_protected_tags(group_and_project)
assert len(protected_tags) == 1
assert protected_tags[0]["name"] == "tag1"
assert (protected_tags[0]["create_access_levels"][0]["access_level"] ==
MAINTAINER_ACCESS)
def test__change_owner(self, gitlab, group, users,
one_owner_and_two_developers):
change_owner = f"""
projects_and_groups:
{group}/*:
group_members:
{users[0]}:
access_level: 30 # only developer now
{users[1]}:
access_level: 50 # new owner
{users[2]}:
access_level: 30
"""
run_gitlabform(change_owner, group)
members = gitlab.get_group_members(group)
assert len(members) == 3
for member in members:
if member["username"] == f"{users[0]}":
assert member["access_level"] == 30 # only developer now
if member["username"] == f"{users[1]}":
assert member["access_level"] == 50 # new owner
if member["username"] == f"{users[2]}":
assert member["access_level"] == 30
def test_set_file_protected_branches_new_api(self, gitlab, group, project):
group_and_project_name = f"{group}/{project}"
test_config = f"""
projects_and_groups:
{group_and_project_name}:
branches:
main:
protected: true
push_access_level: {AccessLevel.MAINTAINER.value}
merge_access_level: {AccessLevel.MAINTAINER.value}
unprotect_access_level: {AccessLevel.MAINTAINER.value}
files:
anyfile1:
overwrite: true
branches:
- main
skip_ci: true
content: foobar
"""
run_gitlabform(test_config, group_and_project_name)
file_content = gitlab.get_file(group_and_project_name, "main", "anyfile1")
assert file_content == "foobar"
(
push_access_level,
merge_access_level,
unprotect_access_level,
) = gitlab.get_only_branch_access_levels(group_and_project_name, "main")
assert push_access_level is AccessLevel.MAINTAINER.value
assert merge_access_level is AccessLevel.MAINTAINER.value
assert unprotect_access_level is AccessLevel.MAINTAINER.value
def test__change_some_users_access(self, gitlab, group, users,
one_owner_and_two_developers):
new_access_level = 40
change_some_users_access = f"""
projects_and_groups:
{group}/*:
group_members:
{users[0]}:
access_level: 50
{users[1]}:
access_level: {new_access_level} # changed level
{users[2]}:
access_level: {new_access_level} # changed level
"""
run_gitlabform(change_some_users_access, group)
members = gitlab.get_group_members(group)
for member in members:
if member["username"] == f"{users[0]}":
assert member["access_level"] == 50
if member["username"] == f"{users[1]}":
assert member["access_level"] == new_access_level
if member["username"] == f"{users[2]}":
assert member["access_level"] == new_access_level
def test__add_user(self, gitlab, group, project, users,
one_maintainer_and_two_developers):
group_and_project = f"{group}/{project}"
members_before = gitlab.get_project_members(group_and_project)
no_of_members_before = len(members_before)
members_usernames_before = [
member["username"] for member in members_before
]
user_to_add = users[3]
assert user_to_add not in members_usernames_before
add_users = f"""
projects_and_groups:
{group}/{project}:
members:
users:
{user_to_add}: # new user
access_level: 30
"""
run_gitlabform(add_users, group_and_project)
members = gitlab.get_project_members(group_and_project)
assert len(members) == no_of_members_before + 1
members_usernames = [member["username"] for member in members]
assert user_to_add in members_usernames
def test__set_file_all_branches(self, gitlab, group, project, branches):
group_and_project_name = f"{group}/{project}"
set_file_all_branches = f"""
projects_and_groups:
{group_and_project_name}:
files:
"README.md":
overwrite: true
branches: all
content: "Content for all branches"
"""
run_gitlabform(set_file_all_branches, group_and_project_name)
for branch in [
"main",
"protected_branch1",
"protected_branch2",
"protected_branch3",
"regular_branch1",
"regular_branch2",
]:
file_content = gitlab.get_file(group_and_project_name, branch, "README.md")
assert file_content == "Content for all branches"
# check if these remain unprotected
# (main branch is protected by default)
for branch in [
"regular_branch1",
"regular_branch2",
]:
branch = gitlab.get_branch(group_and_project_name, branch)
assert branch["protected"] is False
def test__set_file_specific_branch(self, gitlab, group, project, branches):
group_and_project_name = f"{group}/{project}"
# main branch is protected by default
branch = gitlab.get_branch(group_and_project_name, "main")
assert branch["protected"] is True
set_file_specific_branch = f"""
projects_and_groups:
{group_and_project_name}:
files:
"README.md":
overwrite: true
branches:
- main
content: "Content for main only"
"""
run_gitlabform(set_file_specific_branch, group_and_project_name)
file_content = gitlab.get_file(group_and_project_name, "main", "README.md")
assert file_content == "Content for main only"
other_branch_file_content = gitlab.get_file(
group_and_project_name, "protected_branch1", "README.md"
)
assert other_branch_file_content == DEFAULT_README
# check if main stays protected
branch = gitlab.get_branch(group_and_project_name, "main")
assert branch["protected"] is True
def test__dont_edit_archived_project(self, gitlab, group, project):
group_and_project = f"{group}/{project}"
archive_project = f"""
projects_and_groups:
{group_and_project}:
project:
archive: true
"""
run_gitlabform(archive_project, group_and_project)
project = gitlab.get_project(group_and_project)
assert project["archived"] is True
edit_archived_project = f"""
# the project has to be configured as archived
# for other configs for it to be ignored
projects_and_groups:
{group_and_project}:
project:
archive: true
{group}/*:
files:
README.md:
overwrite: true
branches:
- main
content: |
Some other content that the default one
"""
run_gitlabform(edit_archived_project, group_and_project)
def test__remove_group(self, gitlab, group, users, groups, one_owner):
gitlab.add_share_to_group(group, groups[0], 50)
gitlab.add_share_to_group(group, groups[1], 50)
no_of_members_before = len(gitlab.get_group_members(group))
no_of_shared_with_before = len(gitlab.get_group_shared_with(group))
remove_group = f"""
projects_and_groups:
{group}/*:
enforce_group_members: true
group_members:
{users[0]}:
access_level: 50
group_shared_with:
{groups[0]}:
group_access_level: 30
"""
run_gitlabform(remove_group, group)
members = gitlab.get_group_members(group)
assert len(members) == no_of_members_before
shared_with = gitlab.get_group_shared_with(group)
assert len(shared_with) == no_of_shared_with_before - 1
assert [sw["group_name"] for sw in shared_with] == [groups[0]]
def test__add_user(self, gitlab, group, users,
one_owner_and_two_developers):
no_of_members_before = len(gitlab.get_group_members(group))
user_to_add = f"{users[3]}"
add_users = f"""
projects_and_groups:
{group}/*:
group_members:
{users[0]}:
access_level: 50
{users[1]}:
access_level: 30
{users[2]}:
access_level: 30
{user_to_add}: # new user 1
access_level: 30
"""
run_gitlabform(add_users, group)
members = gitlab.get_group_members(group)
assert len(members) == no_of_members_before + 1
members_usernames = [member["username"] for member in members]
assert members_usernames.count(user_to_add) == 1
def test_unprotect_when_the_rest_of_the_parameters_are_still_specified_new_api(
self, gitlab, group, project, branches):
group_and_project_name = f"{group}/{project}"
config_protect_branch_with_new_api = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch:
protected: true
push_access_level: {AccessLevel.NO_ACCESS.value}
merge_access_level: {AccessLevel.MAINTAINER.value}
unprotect_access_level: {AccessLevel.MAINTAINER.value}
"""
run_gitlabform(config_protect_branch_with_new_api,
group_and_project_name)
(
push_access_level,
merge_access_level,
unprotect_access_level,
) = gitlab.get_only_branch_access_levels(group_and_project_name,
"protect_branch")
assert push_access_level is AccessLevel.NO_ACCESS.value
assert merge_access_level is AccessLevel.MAINTAINER.value
assert unprotect_access_level is AccessLevel.MAINTAINER.value
config_unprotect_branch_with_new_api = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch:
protected: false
push_access_level: {AccessLevel.NO_ACCESS.value}
merge_access_level: {AccessLevel.MAINTAINER.value}
unprotect_access_level: {AccessLevel.MAINTAINER.value}
"""
run_gitlabform(config_unprotect_branch_with_new_api,
group_and_project_name)
# old API
branch = gitlab.get_branch(group_and_project_name, "protect_branch")
assert branch["protected"] is False
# new API
(
push_access_level,
merge_access_level,
unprotect_access_level,
) = gitlab.get_only_branch_access_levels(group_and_project_name,
"protect_branch")
assert push_access_level is None
assert merge_access_level is None
assert unprotect_access_level is None
def test__zero_users(self, gitlab, group):
zero_users = f"""
projects_and_groups:
{group}/*:
enforce_group_members: true
group_members: {{}}
"""
with pytest.raises(SystemExit):
run_gitlabform(zero_users, group)
def test__zero_owners(self, gitlab, group, users):
zero_owners = f"""
projects_and_groups:
{group}/*:
enforce_group_members: true
group_members:
{users[3]}:
access_level: 40
"""
with pytest.raises(SystemExit):
run_gitlabform(zero_owners, group)
def test__archive_project(self, gitlab, group, project):
group_and_project = f"{group}/{project}"
config = f"""
projects_and_groups:
{group_and_project}:
project:
archive: true
"""
run_gitlabform(config, group_and_project)
project = gitlab.get_project(group_and_project)
assert project["archived"] is True
def test__no_groups_and_no_users(self, gitlab, group, project):
group_and_project = f"{group}/{project}"
config_with_error = f"""
projects_and_groups:
{group}/{project}:
members:
# there should be a sub-key 'users' here, not directly a user
{project}_user1:
access_level: 30
"""
with pytest.raises(SystemExit):
run_gitlabform(config_with_error, group_and_project)
def test__remove_all(self, gitlab, group, users, one_owner):
no_shared_with = f"""
projects_and_groups:
{group}/*:
enforce_group_members: true
group_members:
{users[0]}:
access_level: 50
group_shared_with: []
"""
run_gitlabform(no_shared_with, group)
shared_with = gitlab.get_group_shared_with(group)
assert len(shared_with) == 0
def test__add_group(
self,
gitlab,
group,
project,
one_maintainer_and_two_developers,
other_group_with_users,
):
group_and_project = f"{group}/{project}"
other_group, other_group_users = other_group_with_users
no_of_members_before = len(
gitlab.get_project_members(group_and_project))
no_of_members_of_group = len(other_group_users)
# print(f"members before = {gitlab.get_project_members(group_and_project)}")
# print(f"members of the group = {other_group_users}")
no_of_groups_shared_before = len(
gitlab.get_shared_with_groups(group_and_project))
assert no_of_groups_shared_before == 0
add_group = f"""
projects_and_groups:
{group}/{project}:
members:
groups:
{other_group}:
group_access: 40
"""
run_gitlabform(add_group, group_and_project)
members = gitlab.get_project_members(group_and_project, all=True)
# TODO: the +1 is for root, but actually why is that user inherited here?
assert len(
members) == no_of_members_before + no_of_members_of_group + 1
for member in members:
if member["username"] in other_group_users:
# "group_access" is the *maximum* access level,
# see https://docs.gitlab.com/ee/user/project/members/share_project_with_groups.html#maximum-access-level
assert member["access_level"] <= 40
no_of_groups_shared = len(
gitlab.get_shared_with_groups(group_and_project))
assert no_of_groups_shared == 1
def test__mixed_config(self, gitlab, group, project, branches):
group_and_project_name = f"{group}/{project}"
mixed_config = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch_and_allow_merges:
protected: true
developers_can_push: false
developers_can_merge: true
protect_branch_and_allow_pushes:
protected: true
developers_can_push: true
developers_can_merge: false
"""
run_gitlabform(mixed_config, group_and_project_name)
branch = gitlab.get_branch(group_and_project_name,
"protect_branch_and_allow_merges")
assert branch["protected"] is True
assert branch["developers_can_push"] is False
assert branch["developers_can_merge"] is True
branch = gitlab.get_branch(group_and_project_name,
"protect_branch_and_allow_pushes")
assert branch["protected"] is True
assert branch["developers_can_push"] is True
assert branch["developers_can_merge"] is False
unprotect_branches = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch_and_allow_merges:
protected: false
protect_branch_and_allow_pushes:
protected: false
"""
run_gitlabform(unprotect_branches, group_and_project_name)
for branch in [
"protect_branch_and_allow_merges",
"protect_branch_and_allow_pushes",
]:
branch = gitlab.get_branch(group_and_project_name, branch)
assert branch["protected"] is False
def test__deploy_key_to_all_projects(self, gitlab, group, project,
other_project):
deploy_key_to_all_projects = """
projects_and_groups:
"*":
deploy_keys:
foobar:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC6OxCCViSjh8QUKNOoGqhUqs4LLDMyq/7DYuvMJu5lXwECWp0wFGoLXzYWCT6WOAP+vccncOrlVfsr9VJzXxR1QZq+p3joW25nWgjEw/HCPI6fnU1vROImzxnvwLS3EEJpy64Jq0FFwjt8vKSuQshPysEBSUTf5t3omb166MGlZ+Y6/tOf/8/3zqmvb8OqNmhUtfwxfE5oX8Z8bBaGrkxHlmYyJ9UBpfeEcFt1GqfiONPgchJJ4OqCJKqd7H4DZOosT64kTqPXhca44EOxiKQviCthv7bO+r7VSFo5TVo60ikq/sTR9ifXnd3B9x3LV1qzHHLlmnP//xkKHIZGxfyhgwtdGNWhEtKPiXUzZv4/48WUJMmtpjznhuEgjnpiJL3x0+vJCStA6WG0MiozBlS80Y4XHbt3X3bvlNSqSo/GpnxlPTUx+Lj/ASI75JDym14+C8RdSFN4iKl5Qjz5xFq4eXke00AahFvjAAV5BT8Qrlyg/cbt1pfWKND1T5Fqh6c=
title: foobar_key
can_push: false
"""
run_gitlabform(deploy_key_to_all_projects, group)
deploy_keys1 = gitlab.get_deploy_keys(f"{group}/{project}")
assert len(deploy_keys1) == 1
deploy_keys2 = gitlab.get_deploy_keys(f"{group}/{other_project}")
assert len(deploy_keys2) == 1
def test__set_file_protected_branches(self, gitlab, group, project, branches):
group_and_project_name = f"{group}/{project}"
set_file_protected_branches = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protected_branch1:
protected: true
developers_can_push: true
developers_can_merge: true
protected_branch2:
protected: true
developers_can_push: true
developers_can_merge: true
protected_branch3:
protected: true
developers_can_push: true
developers_can_merge: true
files:
"README.md":
overwrite: true
branches: protected
content: "Content for protected branches only"
"""
run_gitlabform(set_file_protected_branches, group_and_project_name)
for branch in [
"main", # main branch is protected by default
"protected_branch1",
"protected_branch2",
"protected_branch3",
]:
file_content = gitlab.get_file(group_and_project_name, branch, "README.md")
assert file_content == "Content for protected branches only"
branch = gitlab.get_branch(group_and_project_name, branch)
assert branch["protected"] is True
for branch in ["regular_branch1", "regular_branch2"]:
file_content = gitlab.get_file(group_and_project_name, branch, "README.md")
assert file_content == DEFAULT_README
branch = gitlab.get_branch(group_and_project_name, branch)
assert branch["protected"] is False
def test__protect_branch_and_disallow_all(self, gitlab, group, project,
branches):
group_and_project_name = f"{group}/{project}"
protect_branch_and_disallow_all = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch_and_disallow_all:
protected: true
developers_can_push: false
developers_can_merge: false
"""
run_gitlabform(protect_branch_and_disallow_all, group_and_project_name)
branch = gitlab.get_branch(group_and_project_name,
"protect_branch_and_disallow_all")
assert branch["protected"] is True
assert branch["developers_can_push"] is False
assert branch["developers_can_merge"] is False
def test_set_file_protected_branches_new_api_not_all_levels(
self, gitlab, group, project, branches
):
group_and_project_name = f"{group}/{project}"
test_config = f"""
projects_and_groups:
{group_and_project_name}:
branches:
regular_branch1:
protected: true
push_access_level: {AccessLevel.DEVELOPER.value}
merge_access_level: {AccessLevel.DEVELOPER.value}
files:
anyfile2:
overwrite: true
branches:
- regular_branch1
content: barfoo
"""
run_gitlabform(test_config, group_and_project_name)
file_content = gitlab.get_file(
group_and_project_name, "regular_branch1", "anyfile2"
)
assert file_content == "barfoo"
(
push_access_level,
merge_access_level,
unprotect_access_level,
) = gitlab.get_only_branch_access_levels(
group_and_project_name, "regular_branch1"
)
assert push_access_level is AccessLevel.DEVELOPER.value
assert merge_access_level is AccessLevel.DEVELOPER.value
# the default value
# according to https://docs.gitlab.com/ee/api/protected_branches.html#protect-repository-branches
assert unprotect_access_level is AccessLevel.MAINTAINER.value
def test__not_remove_groups_with_enforce_false(
self, gitlab, group, users, groups, one_owner
):
no_of_members_before = len(gitlab.get_group_members(group))
no_of_shared_with_before = len(gitlab.get_group_shared_with(group))
setups = [
# flag explicitly set to false
f"""
projects_and_groups:
{group}/*:
enforce_group_members: false
group_members:
{users[0]}:
access_level: 50
group_shared_with: []
""",
# flag not set at all (but the default is false)
f"""
projects_and_groups:
{group}/*:
group_members:
{users[0]}:
access_level: 50
group_shared_with: []
""",
]
for setup in setups:
run_gitlabform(setup, group)
members = gitlab.get_group_members(group)
assert len(members) == no_of_members_before
members_usernames = {member["username"] for member in members}
assert members_usernames == {
f"{users[0]}",
}
shared_with = gitlab.get_group_shared_with(group)
assert len(shared_with) == no_of_shared_with_before
def test_unprotect_when_the_rest_of_the_parameters_are_still_specified_old_api(
self, gitlab, group, project, branches):
group_and_project_name = f"{group}/{project}"
config_protect_branch_with_old_api = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch:
protected: true
developers_can_push: true
developers_can_merge: true
"""
run_gitlabform(config_protect_branch_with_old_api,
group_and_project_name)
branch = gitlab.get_branch(group_and_project_name, "protect_branch")
assert branch["protected"] is True
assert branch["developers_can_push"] is True
assert branch["developers_can_merge"] is True
config_unprotect_branch_with_old_api = f"""
gitlab:
api_version: 4
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch:
protected: false
developers_can_push: true
developers_can_merge: true
"""
run_gitlabform(config_unprotect_branch_with_old_api,
group_and_project_name)
branch = gitlab.get_branch(group_and_project_name, "protect_branch")
assert branch["protected"] is False
def test_protect_branch_with_new_api_next_update_with_old_api_and_unprotect(
self, gitlab, group, project, branches):
group_and_project_name = f"{group}/{project}"
config_protect_branch_with_new_api = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch:
protected: true
push_access_level: {AccessLevel.NO_ACCESS.value}
merge_access_level: {AccessLevel.MAINTAINER.value}
unprotect_access_level: {AccessLevel.MAINTAINER.value}
"""
run_gitlabform(config_protect_branch_with_new_api,
group_and_project_name)
(
push_access_level,
merge_access_level,
unprotect_access_level,
) = gitlab.get_only_branch_access_levels(group_and_project_name,
"protect_branch")
assert push_access_level is AccessLevel.NO_ACCESS.value
assert merge_access_level is AccessLevel.MAINTAINER.value
assert unprotect_access_level is AccessLevel.MAINTAINER.value
config_protect_branch_with_old_api = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch:
protected: true
developers_can_push: true
developers_can_merge: true
"""
run_gitlabform(config_protect_branch_with_old_api,
group_and_project_name)
branch = gitlab.get_branch(group_and_project_name, "protect_branch")
assert branch["protected"] is True
assert branch["developers_can_push"] is True
assert branch["developers_can_merge"] is True
config_protect_branch_unprotect = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch:
protected: false
"""
run_gitlabform(config_protect_branch_unprotect, group_and_project_name)
branch = gitlab.get_branch(group_and_project_name, "protect_branch")
assert branch["protected"] is False
def test__change_group_access(self, gitlab, group, groups, users, one_owner):
change_some_users_access = f"""
projects_and_groups:
{group}/*:
group_members:
{users[0]}:
access_level: 50
group_shared_with:
{groups[0]}:
group_access_level: 30
{groups[1]}:
group_access_level: 50
"""
run_gitlabform(change_some_users_access, group)
shared_with = gitlab.get_group_shared_with(group)
for shared_with_group in shared_with:
if shared_with_group["group_name"] == f"{groups[0]}":
assert shared_with_group["group_access_level"] == 30
if shared_with_group["group_name"] == f"{groups[1]}":
assert shared_with_group["group_access_level"] == 50
def test__add_group(self, gitlab, group, users, groups, one_owner):
no_of_members_before = len(gitlab.get_group_members(group))
add_shared_with = f"""
projects_and_groups:
{group}/*:
group_members:
{users[0]}:
access_level: 50
group_shared_with:
{groups[0]}:
group_access_level: 30
{groups[1]}:
group_access_level: 30
"""
run_gitlabform(add_shared_with, group)
members = gitlab.get_group_members(group)
assert len(members) == no_of_members_before, members
shared_with = gitlab.get_group_shared_with(group)
assert len(shared_with) == 2
def test__unarchive_project(self, gitlab, group, project):
group_and_project = f"{group}/{project}"
archive_project = f"""
projects_and_groups:
{group_and_project}:
project:
archive: true
"""
unarchive_project = f"""
projects_and_groups:
{group_and_project}:
project:
archive: false
"""
run_gitlabform(archive_project, group_and_project)
project = gitlab.get_project(group_and_project)
assert project["archived"] is True
run_gitlabform(unarchive_project, group_and_project)
project = gitlab.get_project(group_and_project)
assert project["archived"] is False
def test__remove_user(self, gitlab, group, users,
one_owner_and_two_developers):
no_of_members_before = len(gitlab.get_group_members(group))
user_to_remove = f"{users[2]}"
remove_users = f"""
projects_and_groups:
{group}/*:
enforce_group_members: true
group_members:
{users[0]}:
access_level: 50
{users[1]}:
access_level: 30
"""
run_gitlabform(remove_users, group)
members = gitlab.get_group_members(group)
assert len(members) == no_of_members_before - 1
members_usernames = [member["username"] for member in members]
assert user_to_remove not in members_usernames
def test__mixed_config_with_new_api(self, gitlab, group, project,
branches):
group_and_project_name = f"{group}/{project}"
mixed_config_with_access_levels = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch_and_allow_merges_access_levels:
protected: true
push_access_level: {AccessLevel.NO_ACCESS.value}
merge_access_level: {AccessLevel.DEVELOPER.value}
unprotect_access_level: {AccessLevel.MAINTAINER.value}
'*_allow_pushes_access_levels':
protected: true
push_access_level: {AccessLevel.DEVELOPER.value}
merge_access_level: {AccessLevel.DEVELOPER.value}
unprotect_access_level: {AccessLevel.MAINTAINER.value}
"""
run_gitlabform(mixed_config_with_access_levels, group_and_project_name)
(
push_access_level,
merge_access_level,
unprotect_access_level,
) = gitlab.get_only_branch_access_levels(
group_and_project_name,
"protect_branch_and_allow_merges_access_levels")
assert push_access_level is AccessLevel.NO_ACCESS.value
assert merge_access_level is AccessLevel.DEVELOPER.value
assert unprotect_access_level is AccessLevel.MAINTAINER.value
(
push_access_level,
merge_access_level,
unprotect_access_level,
) = gitlab.get_only_branch_access_levels(
group_and_project_name, "*_allow_pushes_access_levels")
assert push_access_level is AccessLevel.DEVELOPER.value
assert merge_access_level is AccessLevel.DEVELOPER.value
assert unprotect_access_level is AccessLevel.MAINTAINER.value
mixed_config_with_access_levels_update = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch_and_allow_merges_access_levels:
protected: true
push_access_level: {AccessLevel.NO_ACCESS.value}
merge_access_level: {AccessLevel.MAINTAINER.value}
unprotect_access_level: {AccessLevel.MAINTAINER.value}
'*_allow_pushes_access_levels':
protected: true
push_access_level: {AccessLevel.MAINTAINER.value}
merge_access_level: {AccessLevel.MAINTAINER.value}
unprotect_access_level: {AccessLevel.MAINTAINER.value}
"""
run_gitlabform(mixed_config_with_access_levels_update,
group_and_project_name)
(
push_access_level,
merge_access_level,
unprotect_access_level,
) = gitlab.get_only_branch_access_levels(
group_and_project_name,
"protect_branch_and_allow_merges_access_levels")
assert push_access_level is AccessLevel.NO_ACCESS.value
assert merge_access_level is AccessLevel.MAINTAINER.value
assert unprotect_access_level is AccessLevel.MAINTAINER.value
(
push_access_level,
merge_access_level,
unprotect_access_level,
) = gitlab.get_only_branch_access_levels(
group_and_project_name, "*_allow_pushes_access_levels")
assert push_access_level is AccessLevel.MAINTAINER.value
assert merge_access_level is AccessLevel.MAINTAINER.value
assert unprotect_access_level is AccessLevel.MAINTAINER.value
mixed_config_with_access_levels_unprotect_branches = f"""
projects_and_groups:
{group_and_project_name}:
branches:
protect_branch_and_allow_merges_access_levels:
protected: false
'*_allow_pushes_access_levels':
protected: false
"""
run_gitlabform(mixed_config_with_access_levels_unprotect_branches,
group_and_project_name)
for branch in [
"protect_branch_and_allow_merges_access_levels",
"protect_branch_and_allow_pushes_access_levels",
]:
branch = gitlab.get_branch(group_and_project_name, branch)
assert branch["protected"] is False
