diff options
author | Luke Duncalfe <lduncalfe@eml.cc> | 2019-02-07 12:04:09 +1300 |
---|---|---|
committer | Luke Duncalfe <lduncalfe@eml.cc> | 2019-02-18 11:30:32 +1300 |
commit | 19cb1985c76ae756194a05f21af0d02caedb60c2 (patch) | |
tree | 717f585ed70cbe61ab6e3a5d136284442d1fb6f0 | |
parent | 618b87448e9167f39d8216d1100733cc0fbf020b (diff) | |
download | gitlab-ce-19cb1985c76ae756194a05f21af0d02caedb60c2.tar.gz |
Removing sensitive properties from ProjectType
defaultBranch and ciConfigPath should only be available to users with
the :download_code permission for the Project, as the respository might
be private.
When implementing the authorize check on these properties, it was
found that our current Graphql::Authorize::Instrumentation class does
not work with fields that resolve to subclasses of
GraphQL::Schema::Scalar, like GraphQL::STRING_TYPE.
After discussion with other Create Team members, it has been decided
that because the GraphQL API is not GA, to remove these properties from
ProjectType, and instead implement them as part of epic
https://gitlab.com/groups/gitlab-org/-/epics/711
Issue:
https://gitlab.com/gitlab-org/gitlab-ce/issues/55316
-rw-r--r-- | app/graphql/types/project_type.rb | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/app/graphql/types/project_type.rb b/app/graphql/types/project_type.rb index d25c8c8bd90..8a6ccb8c5c1 100644 --- a/app/graphql/types/project_type.rb +++ b/app/graphql/types/project_type.rb @@ -16,7 +16,6 @@ module Types field :description, GraphQL::STRING_TYPE, null: true - field :default_branch, GraphQL::STRING_TYPE, null: true field :tag_list, GraphQL::STRING_TYPE, null: true field :ssh_url_to_repo, GraphQL::STRING_TYPE, null: true @@ -59,7 +58,6 @@ module Types end field :import_status, GraphQL::STRING_TYPE, null: true - field :ci_config_path, GraphQL::STRING_TYPE, null: true field :only_allow_merge_if_pipeline_succeeds, GraphQL::BOOLEAN_TYPE, null: true field :request_access_enabled, GraphQL::BOOLEAN_TYPE, null: true |