summaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
authorLuke Duncalfe <lduncalfe@eml.cc>2019-03-04 15:30:32 +1300
committerLuke Duncalfe <lduncalfe@eml.cc>2019-04-03 14:36:33 +1300
commit8207f7877fea6987cbd8ef26e6f01feca6608bd2 (patch)
tree971a61fa9885702ef753bf8fde5e87ed0d531913 /config
parent3d24e7225ea01d5a4f8398b7626eee77a904b8dc (diff)
downloadgitlab-ce-8207f7877fea6987cbd8ef26e6f01feca6608bd2.tar.gz
GraphQL Type authorization
Enables authorizations to be defined on GraphQL Types. module Types class ProjectType < BaseObject authorize :read_project end end If a field has authorizations defined on it, and the return type of the field also has authorizations defined on it. then all of the combined permissions in the authorizations will be checked and must pass. Connection fields are checked by "digging" to find the type class of the "node" field in the expected location of edges->node. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54417
Diffstat (limited to 'config')
-rw-r--r--config/initializers/graphql.rb3
1 files changed, 3 insertions, 0 deletions
diff --git a/config/initializers/graphql.rb b/config/initializers/graphql.rb
index e653556231d..f1bc289f1f0 100644
--- a/config/initializers/graphql.rb
+++ b/config/initializers/graphql.rb
@@ -1,4 +1,7 @@
# frozen_string_literal: true
+GraphQL::ObjectType.accepts_definitions(authorize: GraphQL::Define.assign_metadata_key(:authorize))
GraphQL::Field.accepts_definitions(authorize: GraphQL::Define.assign_metadata_key(:authorize))
+
+GraphQL::Schema::Object.accepts_definition(:authorize)
GraphQL::Schema::Field.accepts_definition(:authorize)