Merge branch '3968-protected-branch-is-not-set-for-default-branch-on-import' into 'master'

Protected branch is now created for default branch on import

Closes #3968

See merge request gitlab-org/gitlab-ce!16198

1 files changed, 22 insertions, 0 deletions

diff --git a/app/models/project.rb b/app/models/project.rb
index 4cb9d9fe637..fbe65e700a4 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -1450,6 +1450,7 @@ class Project < ActiveRecord::Base
     import_finish
     remove_import_jid
     update_project_counter_caches
+    after_create_default_branch
   end
 
   def update_project_counter_caches
@@ -1463,6 +1464,27 @@ class Project < ActiveRecord::Base
     end
   end
 
+  def after_create_default_branch
+    return unless default_branch
+
+    # Ensure HEAD points to the default branch in case it is not master
+    change_head(default_branch)
+
+    if current_application_settings.default_branch_protection != Gitlab::Access::PROTECTION_NONE && !ProtectedBranch.protected?(self, default_branch)
+      params = {
+        name: default_branch,
+        push_access_levels_attributes: [{
+          access_level: current_application_settings.default_branch_protection == Gitlab::Access::PROTECTION_DEV_CAN_PUSH ? Gitlab::Access::DEVELOPER : Gitlab::Access::MASTER
+        }],
+        merge_access_levels_attributes: [{
+          access_level: current_application_settings.default_branch_protection == Gitlab::Access::PROTECTION_DEV_CAN_MERGE ? Gitlab::Access::DEVELOPER : Gitlab::Access::MASTER
+        }]
+      }
+
+      ProtectedBranches::CreateService.new(self, creator, params).execute(skip_authorization: true)
+    end
+  end
+
   def remove_import_jid
     return unless import_jid