Enforce authorizations for non-nullable fields

This makes sure we also enforce authorizations for non-nullable fields. We are defining our authorizations on the unwrapped types (Repository). But when a type like that is presented in a non-nullable field, it's type is different (Repository!). The non-nullable type would not have the authorization metadata. This makes sure we check the metadata on the unwrapped type for finding authorizations.
author: Bob Van Landuyt <bob@vanlanduyt.co> 2019-06-18 18:33:47 +0200
committer: Bob Van Landuyt <bob@vanlanduyt.co> 2019-06-21 13:00:50 +0200
commit: 967cbd083492f72ef59ddc9a98d7f67a7fe85d21 (patch)
tree: 3fffb0d26eeb4a2c6324b478ad31dfdd4f049951 /app/graphql
parent: 703d0246ff6647802c0e2ddb064d0360b8fcfb94 (diff)
download: gitlab-ce-967cbd083492f72ef59ddc9a98d7f67a7fe85d21.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/app/graphql/types/project_type.rb b/app/graphql/types/project_type.rb
index 41fdc76b1e4..c25688ab043 100644
--- a/app/graphql/types/project_type.rb
+++ b/app/graphql/types/project_type.rb
@@ -74,7 +74,7 @@ module Types
           null: true,
           resolve: -> (obj, _args, _ctx) { Gitlab::Graphql::Loaders::BatchProjectStatisticsLoader.new(obj.id).find }
 
-    field :repository, Types::RepositoryType, null: false
+    field :repository, Types::RepositoryType, null: true
 
     field :merge_requests,
           Types::MergeRequestType.connection_type,
author	Bob Van Landuyt <bob@vanlanduyt.co>	2019-06-18 18:33:47 +0200
committer	Bob Van Landuyt <bob@vanlanduyt.co>	2019-06-21 13:00:50 +0200
commit	967cbd083492f72ef59ddc9a98d7f67a7fe85d21 (patch)
tree	3fffb0d26eeb4a2c6324b478ad31dfdd4f049951 /app/graphql
parent	703d0246ff6647802c0e2ddb064d0360b8fcfb94 (diff)
download	gitlab-ce-967cbd083492f72ef59ddc9a98d7f67a7fe85d21.tar.gz