Merge branch '40612-cannot-change-project-visibility-from-private-even-when-owner' into 'master'

Resolve "Cannot change project visibility from Private (even when owner)"

Closes #40612

See merge request gitlab-org/gitlab-ce!16595

app/models/project.rb

@@ -1032,6 +1032,8 @@ class Project < ActiveRecord::Base
   end
   def fork_source
+    return nil unless forked?
+
     forked_from_project || fork_network&.root_project
   end

changelogs/unreleased/40612-cannot-change-project-visibility-from-private-even-when-owner.yml

+---
+title: Fix bug in which projects with forks could not change visibility settings from
+  Private to Public
+merge_request: 16595
+author:
+type: fixed

spec/helpers/projects_helper_spec.rb

 require 'spec_helper'
 describe ProjectsHelper do
+  include ProjectForksHelper
+
   describe "#project_status_css_class" do
     it "returns appropriate class" do
       expect(project_status_css_class("started")).to eq("active")
@@ -10,9 +12,9 @@ describe ProjectsHelper do
   end
   describe "can_change_visibility_level?" do
-    let(:project) { create(:project, :repository) }
+    let(:project) { create(:project) }
     let(:user) { create(:project_member, :reporter, user: create(:user), project: project).user }
-    let(:fork_project) { Projects::ForkService.new(project, user).execute }
+    let(:forked_project) { fork_project(project, user) }
     it "returns false if there are no appropriate permissions" do
       allow(helper).to receive(:can?) { false }
@@ -26,21 +28,29 @@ describe ProjectsHelper do
       expect(helper.can_change_visibility_level?(project, user)).to be_truthy
     end
+    it 'allows visibility level to be changed if the project is forked' do
+      allow(helper).to receive(:can?).with(user, :change_visibility_level, project) { true }
+      project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
+      fork_project(project)
+
+      expect(helper.can_change_visibility_level?(project, user)).to be_truthy
+    end
+
     context "forks" do
       it "returns false if there are permissions and origin project is PRIVATE" do
         allow(helper).to receive(:can?) { true }
-        project.update visibility_level:  Gitlab::VisibilityLevel::PRIVATE
-        expect(helper.can_change_visibility_level?(fork_project, user)).to be_falsey
+        project.update(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
+        expect(helper.can_change_visibility_level?(forked_project, user)).to be_falsey
       end
       it "returns true if there are permissions and origin project is INTERNAL" do
         allow(helper).to receive(:can?) { true }
-        project.update visibility_level:  Gitlab::VisibilityLevel::INTERNAL
-        expect(helper.can_change_visibility_level?(fork_project, user)).to be_truthy
+        project.update(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
+        expect(helper.can_change_visibility_level?(forked_project, user)).to be_truthy
       end
     end
   end

spec/models/project_spec.rb

@@ -1951,6 +1951,10 @@ describe Project do
         expect(second_fork.fork_source).to eq(project)
       end
+
+      it 'returns nil if it is the root of the fork network' do
+        expect(project.fork_source).to be_nil
+      end
     end
     describe '#lfs_storage_project' do