Implement review comments from @dbalexandre.

CHANGELOG

@@ -127,7 +127,6 @@ v 8.10.0
   - Allow to define manual actions/builds on Pipelines and Environments
   - Fix pagination when sorting by columns with lots of ties (like priority)
   - The Markdown reference parsers now re-use query results to prevent running the same queries multiple times. !5020
-  - The Markdown reference parsers now re-use query results to prevent running the same queries multiple times !5020
   - Add "No one can push" as an option for protected branches. !5081
   - Updated project header design
   - Issuable collapsed assignee tooltip is now the users name

app/assets/javascripts/protected_branches.js

-(function() {
-  $(function() {
-    return $(".protected-branches-list :checkbox").change(function(e) {
-      var can_push, id, name, obj, url;
-      name = $(this).attr("name");
-      if (name === "developers_can_push" || name === "developers_can_merge") {
-        id = $(this).val();
-        can_push = $(this).is(":checked");
-        url = $(this).data("url");
-        return $.ajax({
-          type: "PATCH",
-          url: url,
-          dataType: "json",
-          data: {
-            id: id,
-            protected_branch: (
-              obj = {},
-              obj["" + name] = can_push,
-              obj
-            )
-          },
-          success: function() {
-            var row;
-            row = $(e.target);
-            return row.closest('tr').effect('highlight');
-          },
-          error: function() {
-            return new Flash("Failed to update branch!", "alert");
-          }
-        });
-      }
-    });
-  });
-
-}).call(this);

app/assets/javascripts/protected_branches_access_select.js.coffee

-class @ProtectedBranchesAccessSelect
-  constructor: (@container, @saveOnSelect) ->
-    @container.find(".allowed-to-merge").each (i, element) =>
-      fieldName = $(element).data('field-name')
-      $(element).glDropdown
-        data: gon.merge_access_levels
-        selectable: true
-        fieldName: fieldName
-        clicked: _.partial(@onSelect, element)
-
-    @container.find(".allowed-to-push").each (i, element) =>
-      fieldName = $(element).data('field-name')
-      $(element).glDropdown
-        data: gon.push_access_levels
-        selectable: true
-        fieldName: fieldName
-        clicked: _.partial(@onSelect, element)
-
-
-  onSelect: (dropdown, selected, element, e) =>
-    $(dropdown).find('.dropdown-toggle-text').text(selected.text)
-    if @saveOnSelect
-      $.ajax
-        type: "POST"
-        url: $(dropdown).data('url')
-        dataType: "json"
-        data:
-          _method: 'PATCH'
-          id: $(dropdown).data('id')
-          protected_branch:
-            "#{$(dropdown).data('type')}": selected.id
-
-        success: ->
-          row = $(e.target)
-          row.closest('tr').effect('highlight')
-          new Flash("Updated protected branch!", "notice")
-
-        error: ->
-          new Flash("Failed to update branch!", "alert")
-

app/assets/javascripts/protected_branches_access_select.js.es6

+class ProtectedBranchesAccessSelect {
+  constructor(container, saveOnSelect) {
+    this.container = container;
+    this.saveOnSelect = saveOnSelect;
+
+    this.container.find(".allowed-to-merge").each((i, element) => {
+      var fieldName = $(element).data('field-name');
+      return $(element).glDropdown({
+        data: gon.merge_access_levels,
+        selectable: true,
+        fieldName: fieldName,
+        clicked: _.chain(this.onSelect).partial(element).bind(this).value()
+      });
+    });
+
+
+    this.container.find(".allowed-to-push").each((i, element) => {
+      var fieldName = $(element).data('field-name');
+      return $(element).glDropdown({
+        data: gon.push_access_levels,
+        selectable: true,
+        fieldName: fieldName,
+        clicked: _.chain(this.onSelect).partial(element).bind(this).value()
+      });
+    });
+  }
+
+  onSelect(dropdown, selected, element, e) {
+    $(dropdown).find('.dropdown-toggle-text').text(selected.text);
+    if (this.saveOnSelect) {
+      return $.ajax({
+        type: "POST",
+        url: $(dropdown).data('url'),
+        dataType: "json",
+        data: {
+          _method: 'PATCH',
+          id: $(dropdown).data('id'),
+          protected_branch: {
+            ["" + ($(dropdown).data('type'))]: selected.id
+          }
+        },
+        success: function() {
+          var row;
+          row = $(e.target);
+          return row.closest('tr').effect('highlight');
+        },
+        error: function() {
+          return new Flash("Failed to update branch!", "alert");
+        }
+      });
+    }
+  }
+}

app/models/project_team.rb

@@ -118,14 +118,6 @@ class ProjectTeam
     max_member_access(user.id) == Gitlab::Access::MASTER
   end
 
-  def master_or_greater?(user)
-    master?(user) || user.is_admin?
-  end
-
-  def developer_or_greater?(user)
-    master_or_greater?(user) || developer?(user)
-  end
-
   def member?(user, min_member_access = nil)
     member = !!find_member(user.id)
 

app/models/protected_branch/merge_access_level.rb

@@ -12,11 +12,15 @@ class ProtectedBranch::MergeAccessLevel < ActiveRecord::Base
   end
 
   def check_access(user)
-    if masters?
-      user.can?(:push_code, project) if project.team.master_or_greater?(user)
-    elsif developers?
-      user.can?(:push_code, project) if project.team.developer_or_greater?(user)
-    end
+    return true if user.is_admin?
+
+    min_member_access = if masters?
+                          Gitlab::Access::MASTER
+                        elsif developers?
+                          Gitlab::Access::DEVELOPER
+                        end
+
+    project.team.max_member_access(user.id) >= min_member_access
   end
 
   def humanize

app/models/protected_branch/push_access_level.rb

@@ -13,13 +13,16 @@ class ProtectedBranch::PushAccessLevel < ActiveRecord::Base
   end
 
   def check_access(user)
-    if masters?
-      user.can?(:push_code, project) if project.team.master_or_greater?(user)
-    elsif developers?
-      user.can?(:push_code, project) if project.team.developer_or_greater?(user)
-    elsif no_one?
-      false
-    end
+    return false if no_one?
+    return true if user.is_admin?
+
+    min_member_access = if masters?
+                          Gitlab::Access::MASTER
+                        elsif developers?
+                          Gitlab::Access::DEVELOPER
+                        end
+
+    project.team.max_member_access(user.id) >= min_member_access
   end
 
   def humanize

app/services/protected_branches/base_service.rb

 module ProtectedBranches
   class BaseService < ::BaseService
     def set_access_levels!
+      set_merge_access_levels!
+      set_push_access_levels!
+    end
+
+    protected
+
+    def set_merge_access_levels!
       case params[:allowed_to_merge]
       when 'masters'
         @protected_branch.merge_access_level.masters!
       when 'developers'
         @protected_branch.merge_access_level.developers!
       end
+    end
 
+    def set_push_access_levels!
       case params[:allowed_to_push]
       when 'masters'
         @protected_branch.push_access_level.masters!

db/migrate/20160705054938_add_protected_branches_push_access.rb

@@ -2,8 +2,6 @@
 # for more information on how to write migrations for GitLab.
 
 class AddProtectedBranchesPushAccess < ActiveRecord::Migration
-  include Gitlab::Database::MigrationHelpers
-
   def change
     create_table :protected_branch_push_access_levels do |t|
       t.references :protected_branch, index: { name: "index_protected_branch_push_access" }, foreign_key: true, null: false

db/migrate/20160705054952_add_protected_branches_merge_access.rb

@@ -2,8 +2,6 @@
 # for more information on how to write migrations for GitLab.
 
 class AddProtectedBranchesMergeAccess < ActiveRecord::Migration
-  include Gitlab::Database::MigrationHelpers
-
   def change
     create_table :protected_branch_merge_access_levels do |t|
       t.references :protected_branch, index: { name: "index_protected_branch_merge_access" }, foreign_key: true, null: false

db/migrate/20160705055254_move_from_developers_can_merge_to_protected_branches_merge_access.rb

@@ -2,19 +2,6 @@
 # for more information on how to write migrations for GitLab.
 
 class MoveFromDevelopersCanMergeToProtectedBranchesMergeAccess < ActiveRecord::Migration
-  include Gitlab::Database::MigrationHelpers
-
-  # When using the methods "add_concurrent_index" or "add_column_with_default"
-  # you must disable the use of transactions as these methods can not run in an
-  # existing transaction. When using "add_concurrent_index" make sure that this
-  # method is the _only_ method called in the migration, any other changes
-  # should go in a separate migration. This ensures that upon failure _only_ the
-  # index creation fails and can be retried or reverted easily.
-  #
-  # To disable transactions uncomment the following line and remove these
-  # comments:
-  # disable_ddl_transaction!
-
   def up
     execute <<-HEREDOC
       INSERT into protected_branch_merge_access_levels (protected_branch_id, access_level, created_at, updated_at)

db/migrate/20160705055308_move_from_developers_can_push_to_protected_branches_push_access.rb

@@ -2,19 +2,6 @@
 # for more information on how to write migrations for GitLab.
 
 class MoveFromDevelopersCanPushToProtectedBranchesPushAccess < ActiveRecord::Migration
-  include Gitlab::Database::MigrationHelpers
-
-  # When using the methods "add_concurrent_index" or "add_column_with_default"
-  # you must disable the use of transactions as these methods can not run in an
-  # existing transaction. When using "add_concurrent_index" make sure that this
-  # method is the _only_ method called in the migration, any other changes
-  # should go in a separate migration. This ensures that upon failure _only_ the
-  # index creation fails and can be retried or reverted easily.
-  #
-  # To disable transactions uncomment the following line and remove these
-  # comments:
-  # disable_ddl_transaction!
-
   def up
     execute <<-HEREDOC
       INSERT into protected_branch_push_access_levels (protected_branch_id, access_level, created_at, updated_at)

db/migrate/20160705055809_remove_developers_can_push_from_protected_branches.rb

@@ -2,19 +2,6 @@
 # for more information on how to write migrations for GitLab.
 
 class RemoveDevelopersCanPushFromProtectedBranches < ActiveRecord::Migration
-  include Gitlab::Database::MigrationHelpers
-
-  # When using the methods "add_concurrent_index" or "add_column_with_default"
-  # you must disable the use of transactions as these methods can not run in an
-  # existing transaction. When using "add_concurrent_index" make sure that this
-  # method is the _only_ method called in the migration, any other changes
-  # should go in a separate migration. This ensures that upon failure _only_ the
-  # index creation fails and can be retried or reverted easily.
-  #
-  # To disable transactions uncomment the following line and remove these
-  # comments:
-  # disable_ddl_transaction!
-
   def change
     remove_column :protected_branches, :developers_can_push, :boolean
   end

db/migrate/20160705055813_remove_developers_can_merge_from_protected_branches.rb

@@ -2,19 +2,6 @@
 # for more information on how to write migrations for GitLab.
 
 class RemoveDevelopersCanMergeFromProtectedBranches < ActiveRecord::Migration
-  include Gitlab::Database::MigrationHelpers
-
-  # When using the methods "add_concurrent_index" or "add_column_with_default"
-  # you must disable the use of transactions as these methods can not run in an
-  # existing transaction. When using "add_concurrent_index" make sure that this
-  # method is the _only_ method called in the migration, any other changes
-  # should go in a separate migration. This ensures that upon failure _only_ the
-  # index creation fails and can be retried or reverted easily.
-  #
-  # To disable transactions uncomment the following line and remove these
-  # comments:
-  # disable_ddl_transaction!
-
   def change
     remove_column :protected_branches, :developers_can_merge, :boolean
   end