PATCH branch-protection updates check list even when checks are disabled (#26351)

Fixes: #26333. Previously, this endpoint only updates the `StatusCheckContexts` field when `EnableStatusCheck==true`, which makes it impossible to clear the array otherwise. This patch uses slice `nil`-ness to decide whether to update the list of checks. The field is ignored when either the client explicitly passes in a null, or just omits the field from the json ([which causes `json.Unmarshal` to leave the struct field unchanged](https://go.dev/play/p/Z2XHOILuB1Q)). I think this is a better measure of intent than whether the `EnableStatusCheck` flag was set, because it matches the semantics of other field types. Also adds a test case. I noticed that [`testAPIEditBranchProtection` only checks the branch name](c1c83dbaec/tests/integration/api_branch_test.go (L68)) and no other fields, so I added some extra `GET` calls and specific checks to make sure the fields are changing properly. I added those checks the existing integration test; is that the right place for it?
2024-11-10 12:49:52 +01:00 · 2023-08-24 01:36:04 -04:00 · 2023-08-24 01:36:04 -04:00 · 86ee5b4b1b
commit 86ee5b4b1b
parent d2e4039def
2 changed files with 23 additions and 2 deletions
--- a/routers/api/v1/repo/branch.go
+++ b/routers/api/v1/repo/branch.go
@ -768,7 +768,8 @@ func EditBranchProtection(ctx *context.APIContext) {
 	if form.EnableStatusCheck != nil {
 		protectBranch.EnableStatusCheck = *form.EnableStatusCheck
 	}
-	if protectBranch.EnableStatusCheck {
+
+	if form.StatusCheckContexts != nil {
 		protectBranch.StatusCheckContexts = form.StatusCheckContexts
 	}

--- a/tests/integration/api_branch_test.go
+++ b/tests/integration/api_branch_test.go
@ -31,7 +31,7 @@ func testAPIGetBranch(t *testing.T, branchName string, exists bool) {
 	assert.True(t, branch.UserCanMerge)
 }

-func testAPIGetBranchProtection(t *testing.T, branchName string, expectedHTTPStatus int) {
+func testAPIGetBranchProtection(t *testing.T, branchName string, expectedHTTPStatus int) *api.BranchProtection {
 	token := getUserToken(t, "user2", auth_model.AccessTokenScopeReadRepository)
 	req := NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/branch_protections/%s?token=%s", branchName, token)
 	resp := MakeRequest(t, req, expectedHTTPStatus)
@ -40,7 +40,9 @@ func testAPIGetBranchProtection(t *testing.T, branchName string, expectedHTTPSta
 		var branchProtection api.BranchProtection
 		DecodeJSON(t, resp, &branchProtection)
 		assert.EqualValues(t, branchName, branchProtection.RuleName)
+		return &branchProtection
 	}
+	return nil
 }

 func testAPICreateBranchProtection(t *testing.T, branchName string, expectedHTTPStatus int) {
@ -186,6 +188,24 @@ func TestAPIBranchProtection(t *testing.T) {
 		EnablePush: true,
 	}, http.StatusOK)

+	// enable status checks, require the "test1" check to pass
+	testAPIEditBranchProtection(t, "master", &api.BranchProtection{
+		EnableStatusCheck:   true,
+		StatusCheckContexts: []string{"test1"},
+	}, http.StatusOK)
+	bp := testAPIGetBranchProtection(t, "master", http.StatusOK)
+	assert.Equal(t, true, bp.EnableStatusCheck)
+	assert.Equal(t, []string{"test1"}, bp.StatusCheckContexts)
+
+	// disable status checks, clear the list of required checks
+	testAPIEditBranchProtection(t, "master", &api.BranchProtection{
+		EnableStatusCheck:   false,
+		StatusCheckContexts: []string{},
+	}, http.StatusOK)
+	bp = testAPIGetBranchProtection(t, "master", http.StatusOK)
+	assert.Equal(t, false, bp.EnableStatusCheck)
+	assert.Equal(t, []string{}, bp.StatusCheckContexts)
+
 	testAPIDeleteBranchProtection(t, "master", http.StatusNoContent)

 	// Test branch deletion