Use `Gitlab::Access` to protected branch access levels.

1. It makes sense to reuse these constants since we had them duplicated
   in the previous enum implementation. This also simplifies our
   `check_access` implementation, because we can use
   `project.team.max_member_access` directly.

2. Use `accepts_nested_attributes_for` to create push/merge access
   levels. This was a bit fiddly to set up, but this simplifies our code
   by quite a large amount. We can even get rid of
   `ProtectedBranches::BaseService`.

3. Move API handling back into the API (previously in
   `ProtectedBranches::BaseService#translate_api_params`.

4. The protected branch services now return a `ProtectedBranch` rather
   than `true/false`.

5. Run `load_protected_branches` on-demand in the `create` action, to
   prevent it being called unneccessarily.

6. "Masters" is pre-selected as the default option for "Allowed to Push"
   and "Allowed to Merge".

7. These changes were based on a review from @rymai in !5081.

1 files changed, 3 insertions, 8 deletions

diff --git a/app/models/protected_branch.rb b/app/models/protected_branch.rb
index c0bee72b4d7..226b3f54342 100644
--- a/app/models/protected_branch.rb
+++ b/app/models/protected_branch.rb
@@ -8,18 +8,13 @@ class ProtectedBranch < ActiveRecord::Base
   has_one :merge_access_level, dependent: :destroy
   has_one :push_access_level, dependent: :destroy
 
+  accepts_nested_attributes_for :push_access_level
+  accepts_nested_attributes_for :merge_access_level
+
   def commit
     project.commit(self.name)
   end
 
-  def allowed_to_push
-    self.push_access_level && self.push_access_level.access_level
-  end
-
-  def allowed_to_merge
-    self.merge_access_level && self.merge_access_level.access_level
-  end
-
   # Returns all protected branches that match the given branch name.
   # This realizes all records from the scope built up so far, and does
   # _not_ return a relation.