Add latest changes from gitlab-org/gitlab@13-0-stable-ee

5 files changed, 10 insertions, 8 deletions

diff --git a/lib/gitlab/graphql/authorize/authorize_field_service.rb b/lib/gitlab/graphql/authorize/authorize_field_service.rb
index c7f430490d6..61668b634fd 100644
--- a/lib/gitlab/graphql/authorize/authorize_field_service.rb
+++ b/lib/gitlab/graphql/authorize/authorize_field_service.rb
@@ -70,7 +70,10 @@ module Gitlab
         end
 
         def filter_allowed(current_user, resolved_type, authorizing_object)
-          if authorizing_object
+          if resolved_type.nil?
+            # We're not rendering anything, for example when a record was not found
+            # no need to do anything
+          elsif authorizing_object
             # Authorizing fields representing scalars, or a simple field with an object
             resolved_type if allowed_access?(current_user, authorizing_object)
           elsif @field.connection?
@@ -83,9 +86,6 @@ module Gitlab
             resolved_type.select do |single_object_type|
               allowed_access?(current_user, single_object_type.object)
             end
-          elsif resolved_type.nil?
-            # We're not rendering anything, for example when a record was not found
-            # no need to do anything
           else
             raise "Can't authorize #{@field}"
           end
diff --git a/lib/gitlab/graphql/pagination/keyset/connection.rb b/lib/gitlab/graphql/pagination/keyset/connection.rb
index 5466924a794..1a32ab468b1 100644
--- a/lib/gitlab/graphql/pagination/keyset/connection.rb
+++ b/lib/gitlab/graphql/pagination/keyset/connection.rb
@@ -128,7 +128,7 @@ module Gitlab
           end
 
           def ordering_from_encoded_json(cursor)
-            JSON.parse(decode(cursor))
+            Gitlab::Json.parse(decode(cursor))
           rescue JSON::ParserError
             raise Gitlab::Graphql::Errors::ArgumentError, "Please provide a valid cursor"
           end
diff --git a/lib/gitlab/graphql/pagination/keyset/order_info.rb b/lib/gitlab/graphql/pagination/keyset/order_info.rb
index 876d6114f3c..12bcc4993b5 100644
--- a/lib/gitlab/graphql/pagination/keyset/order_info.rb
+++ b/lib/gitlab/graphql/pagination/keyset/order_info.rb
@@ -40,6 +40,8 @@ module Gitlab
             end
 
             if order_list.count > 2
+              # Keep in mind an order clause for primary key is added if one is not present
+              # lib/gitlab/graphql/pagination/keyset/connection.rb:97
               raise ArgumentError.new('A maximum of 2 ordering fields are allowed')
             end
 
diff --git a/lib/gitlab/graphql/query_analyzers/logger_analyzer.rb b/lib/gitlab/graphql/query_analyzers/logger_analyzer.rb
index 327a9c549d5..6f705239fa3 100644
--- a/lib/gitlab/graphql/query_analyzers/logger_analyzer.rb
+++ b/lib/gitlab/graphql/query_analyzers/logger_analyzer.rb
@@ -34,7 +34,7 @@ module Gitlab
 
           memo[:depth] = depth
           memo[:complexity] = complexity
-          memo[:duration] = duration(memo[:time_started]).round(1)
+          memo[:duration_s] = duration(memo[:time_started]).round(1)
 
           GraphqlLogger.info(memo.except!(:time_started, :query))
         rescue => e
@@ -62,7 +62,7 @@ module Gitlab
             query_string: nil,
             query: query,
             variables: nil,
-            duration: nil
+            duration_s: nil
           }
         end
       end
diff --git a/lib/gitlab/graphql/variables.rb b/lib/gitlab/graphql/variables.rb
index b13ea37c21f..1c6fb011012 100644
--- a/lib/gitlab/graphql/variables.rb
+++ b/lib/gitlab/graphql/variables.rb
@@ -20,7 +20,7 @@ module Gitlab
         case ambiguous_param
         when String
           if ambiguous_param.present?
-            ensure_hash(JSON.parse(ambiguous_param))
+            ensure_hash(Gitlab::Json.parse(ambiguous_param))
           else
             {}
           end