Fix bug the protected branch rule name is conflicted with renamed branch name

[lunny]

Fix #36464

[silverwind]

This comment was written by an AI assistant (Claude).

---

The fix correctly prevents the duplicate key value violates unique constraint "UQE_protected_branch_s" crash from #36464 by checking for an existing rule before updating. However, I have a concern about the resulting behavior:

Orphaned protection rule for the source branch: When renaming dev → main and both branches have protection rules, the fix skips renaming the dev rule, leaving it in place pointing to a branch name that no longer exists. The test confirms this — after the rename, the dev protection rule still exists with RuleName: "dev".

This means:

• Users will see a stale protection rule for the non-existent dev branch in the UI
• The protection settings that were on dev are silently discarded rather than merged or explicitly handled

Should the orphaned from rule be deleted in this case? Something like:

if existingRule == nil || existingRule.ID == protectedBranch.ID {
    protectedBranch.RuleName = to
    if _, err = sess.ID(protectedBranch.ID).Cols("branch_name").Update(protectedBranch); err != nil {
        return err
    }
} else {
    // Delete the old rule since the branch no longer exists and the target already has a rule
    if _, err = sess.ID(protectedBranch.ID).Delete(&ProtectedBranch{}); err != nil {
        return err
    }
}

Otherwise the fix itself is sound — the conflict check is correct and the test covers the right scenario.

[wxiaoguang]

Does it mean that:

• main branch protection has many complex rules
• When test branch protection is renamed to main, then the main rules are all deleted without confirming by the operator? Even if the new name main is inputted by mistake from test?

[lunny]

• When test branch protection is renamed to main, then the main rules are all deleted without confirming by the operator? Even if the new name main is inputted by mistake from test?

No. When test branch protection is renamed to main. the main rules will be kept but test rules will be deleted because the branch test does not exist any more. The previous logic updates the old test rule to main rule but the rules names are unique so that it returned 500.

[wxiaoguang]

Hmm, a second thought, why not just keep both test and main branch protection rules in this case? Then users can have the chance to choose (and rename) one by themselves later.

Deleting something silently beyond user's knowledge seems strange to me.

(Not blocker, it's up to you)

[lunny]

Hmm, a second thought, why not just keep both test and main branch protection rules in this case? Then users can have the chance to choose (and rename) one by themselves later.

Deleting something silently beyond user's knowledge seems strange to me.

(Not blocker, it's up to you)

531e82f