Make access level more compatible with EE

So the behaviour would be similar in CE and EE

spec/factories/protected_branches.rb

@@ -3,26 +3,58 @@ FactoryGirl.define do
     name
     project
 
-    after(:build) do |protected_branch|
-      protected_branch.push_access_levels.new(access_level: Gitlab::Access::MASTER)
-      protected_branch.merge_access_levels.new(access_level: Gitlab::Access::MASTER)
+    transient do
+      default_push_level true
+      default_merge_level true
+      default_access_level true
     end
 
     trait :developers_can_push do
-      after(:create) do |protected_branch|
-        protected_branch.push_access_levels.first.update!(access_level: Gitlab::Access::DEVELOPER)
+      transient do
+        default_push_level false
+      end
+
+      after(:build) do |protected_branch|
+        protected_branch.push_access_levels.new(access_level: Gitlab::Access::DEVELOPER)
       end
     end
 
     trait :developers_can_merge do
-      after(:create) do |protected_branch|
-        protected_branch.merge_access_levels.first.update!(access_level: Gitlab::Access::DEVELOPER)
+      transient do
+        default_merge_level false
+      end
+
+      after(:build) do |protected_branch|
+        protected_branch.merge_access_levels.new(access_level: Gitlab::Access::DEVELOPER)
       end
     end
 
     trait :no_one_can_push do
-      after(:create) do |protected_branch|
-        protected_branch.push_access_levels.first.update!(access_level: Gitlab::Access::NO_ACCESS)
+      transient do
+        default_push_level false
+      end
+
+      after(:build) do |protected_branch|
+        protected_branch.push_access_levels.new(access_level: Gitlab::Access::NO_ACCESS)
+      end
+    end
+
+    trait :masters_can_push do
+      transient do
+        default_push_level false
+      end
+
+      after(:build) do |protected_branch|
+        protected_branch.push_access_levels.new(access_level: Gitlab::Access::MASTER)
+      end
+    end
+
+    after(:build) do |protected_branch, evaluator|
+      if evaluator.default_access_level && evaluator.default_push_level
+        protected_branch.push_access_levels.new(access_level: Gitlab::Access::MASTER)
+      end
+      if evaluator.default_access_level && evaluator.default_merge_level
+        protected_branch.merge_access_levels.new(access_level: Gitlab::Access::MASTER)
       end
     end
   end

spec/factories/protected_tags.rb

@@ -3,19 +3,43 @@ FactoryGirl.define do
     name
     project
 
-    after(:build) do |protected_tag|
-      protected_tag.create_access_levels.new(access_level: Gitlab::Access::MASTER)
+    transient do
+      default_access_level true
     end
 
     trait :developers_can_create do
-      after(:create) do |protected_tag|
-        protected_tag.create_access_levels.first.update!(access_level: Gitlab::Access::DEVELOPER)
+      transient do
+        default_access_level false
+      end
+
+      after(:build) do |protected_tag|
+        protected_tag.create_access_levels.new(access_level: Gitlab::Access::DEVELOPER)
       end
     end
 
     trait :no_one_can_create do
-      after(:create) do |protected_tag|
-        protected_tag.create_access_levels.first.update!(access_level: Gitlab::Access::NO_ACCESS)
+      transient do
+        default_access_level false
+      end
+
+      after(:build) do |protected_tag|
+        protected_tag.create_access_levels.new(access_level: Gitlab::Access::NO_ACCESS)
+      end
+    end
+
+    trait :masters_can_create do
+      transient do
+        default_access_level false
+      end
+
+      after(:build) do |protected_tag|
+        protected_tag.create_access_levels.new(access_level: Gitlab::Access::MASTER)
+      end
+    end
+
+    after(:build) do |protected_tag, evaluator|
+      if evaluator.default_access_level
+        protected_tag.create_access_levels.new(access_level: Gitlab::Access::MASTER)
       end
     end
   end