Enforce authorizations for non-nullable fields

This makes sure we also enforce authorizations for non-nullable fields. We are defining our authorizations on the unwrapped types (Repository). But when a type like that is presented in a non-nullable field, it's type is different (Repository!). The non-nullable type would not have the authorization metadata. This makes sure we check the metadata on the unwrapped type for finding authorizations.
author: Bob Van Landuyt <bob@vanlanduyt.co> 2019-06-18 18:33:47 +0200
committer: Bob Van Landuyt <bob@vanlanduyt.co> 2019-06-21 13:00:50 +0200
commit: 967cbd083492f72ef59ddc9a98d7f67a7fe85d21 (patch)
tree: 3fffb0d26eeb4a2c6324b478ad31dfdd4f049951 /lib/gitlab
parent: 703d0246ff6647802c0e2ddb064d0360b8fcfb94 (diff)
download: gitlab-ce-967cbd083492f72ef59ddc9a98d7f67a7fe85d21.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/gitlab/graphql/authorize/authorize_field_service.rb b/lib/gitlab/graphql/authorize/authorize_field_service.rb
index 619ce100421..3b5dde2fde5 100644
--- a/lib/gitlab/graphql/authorize/authorize_field_service.rb
+++ b/lib/gitlab/graphql/authorize/authorize_field_service.rb
@@ -39,6 +39,8 @@ module Gitlab
             type = node_type_for_basic_connection(type)
           end
 
+          type = type.unwrap if type.kind.non_null?
+
           Array.wrap(type.metadata[:authorize])
         end
author	Bob Van Landuyt <bob@vanlanduyt.co>	2019-06-18 18:33:47 +0200
committer	Bob Van Landuyt <bob@vanlanduyt.co>	2019-06-21 13:00:50 +0200
commit	967cbd083492f72ef59ddc9a98d7f67a7fe85d21 (patch)
tree	3fffb0d26eeb4a2c6324b478ad31dfdd4f049951 /lib/gitlab
parent	703d0246ff6647802c0e2ddb064d0360b8fcfb94 (diff)
download	gitlab-ce-967cbd083492f72ef59ddc9a98d7f67a7fe85d21.tar.gz