1 files changed, 18 insertions, 14 deletions

diff --git a/lib/api/branches.rb b/lib/api/branches.rb
index f35084a582a..d3dbf941298 100644
--- a/lib/api/branches.rb
+++ b/lib/api/branches.rb
@@ -4,19 +4,21 @@ module API
   class Branches < Grape::API
     include PaginationParams
 
+    BRANCH_ENDPOINT_REQUIREMENTS = API::PROJECT_ENDPOINT_REQUIREMENTS.merge(branch: API::NO_SLASH_URL_PART_REGEX)
+
     before { authorize! :download_code, user_project }
 
     params do
       requires :id, type: String, desc: 'The ID of a project'
     end
-    resource :projects, requirements: { id: %r{[^/]+} } do
+    resource :projects, requirements: API::PROJECT_ENDPOINT_REQUIREMENTS do
       desc 'Get a project repository branches' do
         success Entities::RepoBranch
       end
       params do
         use :pagination
       end
-      get ":id/repository/branches" do
+      get ':id/repository/branches' do
         branches = ::Kaminari.paginate_array(user_project.repository.branches.sort_by(&:name))
 
         present paginate(branches), with: Entities::RepoBranch, project: user_project
@@ -28,13 +30,14 @@ module API
       params do
         requires :branch, type: String, desc: 'The name of the branch'
       end
-      get ':id/repository/branches/:branch', requirements: { branch: /.+/ } do
+      get ':id/repository/branches/:branch', requirements: BRANCH_ENDPOINT_REQUIREMENTS do
         branch = user_project.repository.find_branch(params[:branch])
         not_found!("Branch") unless branch
 
         present branch, with: Entities::RepoBranch, project: user_project
       end
 
+      # Note: This API will be deprecated in favor of the protected branches API.
       # Note: The internal data model moved from `developers_can_{merge,push}` to `allowed_to_{merge,push}`
       # in `gitlab-org/gitlab-ce!5081`. The API interface has not been changed (to maintain compatibility),
       # but it works with the changed data model to infer `developers_can_merge` and `developers_can_push`.
@@ -46,7 +49,7 @@ module API
         optional :developers_can_push, type: Boolean, desc: 'Flag if developers can push to that branch'
         optional :developers_can_merge, type: Boolean, desc: 'Flag if developers can merge to that branch'
       end
-      put ':id/repository/branches/:branch/protect', requirements: { branch: /.+/ } do
+      put ':id/repository/branches/:branch/protect', requirements: BRANCH_ENDPOINT_REQUIREMENTS do
         authorize_admin_project
 
         branch = user_project.repository.find_branch(params[:branch])
@@ -63,9 +66,9 @@ module API
         service_args = [user_project, current_user, protected_branch_params]
 
         protected_branch = if protected_branch
-                             ProtectedBranches::ApiUpdateService.new(*service_args).execute(protected_branch)
+                             ::ProtectedBranches::ApiUpdateService.new(*service_args).execute(protected_branch)
                            else
-                             ProtectedBranches::ApiCreateService.new(*service_args).execute
+                             ::ProtectedBranches::ApiCreateService.new(*service_args).execute
                            end
 
         if protected_branch.valid?
@@ -75,13 +78,14 @@ module API
         end
       end
 
+      # Note: This API will be deprecated in favor of the protected branches API.
       desc 'Unprotect a single branch' do
         success Entities::RepoBranch
       end
       params do
         requires :branch, type: String, desc: 'The name of the branch'
       end
-      put ':id/repository/branches/:branch/unprotect', requirements: { branch: /.+/ } do
+      put ':id/repository/branches/:branch/unprotect', requirements: BRANCH_ENDPOINT_REQUIREMENTS do
         authorize_admin_project
 
         branch = user_project.repository.find_branch(params[:branch])
@@ -99,11 +103,11 @@ module API
         requires :branch, type: String, desc: 'The name of the branch'
         requires :ref, type: String, desc: 'Create branch from commit sha or existing branch'
       end
-      post ":id/repository/branches" do
+      post ':id/repository/branches' do
         authorize_push_project
 
-        result = CreateBranchService.new(user_project, current_user).
-                 execute(params[:branch], params[:ref])
+        result = CreateBranchService.new(user_project, current_user)
+                 .execute(params[:branch], params[:ref])
 
         if result[:status] == :success
           present result[:branch],
@@ -118,11 +122,11 @@ module API
       params do
         requires :branch, type: String, desc: 'The name of the branch'
       end
-      delete ":id/repository/branches/:branch", requirements: { branch: /.+/ } do
+      delete ':id/repository/branches/:branch', requirements: BRANCH_ENDPOINT_REQUIREMENTS do
         authorize_push_project
 
-        result = DeleteBranchService.new(user_project, current_user).
-                 execute(params[:branch])
+        result = DeleteBranchService.new(user_project, current_user)
+                 .execute(params[:branch])
 
         if result[:status] != :success
           render_api_error!(result[:message], result[:return_code])
@@ -130,7 +134,7 @@ module API
       end
 
       desc 'Delete all merged branches'
-      delete ":id/repository/merged_branches" do
+      delete ':id/repository/merged_branches' do
         DeleteMergedBranchesService.new(user_project, current_user).async_execute
 
         accepted!