Enforce authorizations for non-nullable fields

This makes sure we also enforce authorizations for non-nullable fields. We are defining our authorizations on the unwrapped types (Repository). But when a type like that is presented in a non-nullable field, it's type is different (Repository!). The non-nullable type would not have the authorization metadata. This makes sure we check the metadata on the unwrapped type for finding authorizations.
author: Bob Van Landuyt <bob@vanlanduyt.co> 2019-06-18 18:33:47 +0200
committer: Bob Van Landuyt <bob@vanlanduyt.co> 2019-06-21 13:00:50 +0200
commit: 967cbd083492f72ef59ddc9a98d7f67a7fe85d21 (patch)
tree: 3fffb0d26eeb4a2c6324b478ad31dfdd4f049951 /app/policies
parent: 703d0246ff6647802c0e2ddb064d0360b8fcfb94 (diff)
download: gitlab-ce-967cbd083492f72ef59ddc9a98d7f67a7fe85d21.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/app/policies/repository_policy.rb b/app/policies/repository_policy.rb
new file mode 100644
index 00000000000..32340749858
--- /dev/null
+++ b/app/policies/repository_policy.rb
@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class RepositoryPolicy < BasePolicy
+  delegate { @subject.project }
+end
author	Bob Van Landuyt <bob@vanlanduyt.co>	2019-06-18 18:33:47 +0200
committer	Bob Van Landuyt <bob@vanlanduyt.co>	2019-06-21 13:00:50 +0200
commit	967cbd083492f72ef59ddc9a98d7f67a7fe85d21 (patch)
tree	3fffb0d26eeb4a2c6324b478ad31dfdd4f049951 /app/policies
parent	703d0246ff6647802c0e2ddb064d0360b8fcfb94 (diff)
download	gitlab-ce-967cbd083492f72ef59ddc9a98d7f67a7fe85d21.tar.gz