Upgrade GraphQL gem to 1.8.17

- Due to https://github.com/exAspArk/batch-loader/pull/32, we changed BatchLoader.for into BatchLoader::GraphQL.for - since our results are wrapped in a BatchLoader::GraphQL, calling `sync` during authorization is required to get real object - `graphql` now has it's own authorization system. Our `authorized?` method conflicted and required renaming
author: Brett Walker <bwalker@gitlab.com> 2019-09-04 17:42:48 +0000
committer: Mayra Cabrera <mcabrera@gitlab.com> 2019-09-04 17:42:48 +0000
commit: aa7b1cfc5b3319373a4b56c755b1fc1d4cbaff02 (patch)
tree: ba078b30d36bf8ed8d5ec8fece71871e40d85a2c /lib
parent: 29e3a08b8f8f9511dd6e25566bc9abb135a597c4 (diff)
download: gitlab-ce-aa7b1cfc5b3319373a4b56c755b1fc1d4cbaff02.tar.gz
7 files changed, 17 insertions, 11 deletions
diff --git a/lib/gitlab/graphql/authorize/authorize_field_service.rb b/lib/gitlab/graphql/authorize/authorize_field_service.rb
index 3b5dde2fde5..0b11ea2f608 100644
--- a/lib/gitlab/graphql/authorize/authorize_field_service.rb
+++ b/lib/gitlab/graphql/authorize/authorize_field_service.rb
@@ -54,14 +54,14 @@ module Gitlab
             # The field is a built-in/scalar type, or a list of scalars
             # authorize using the parent's object
             parent_typed_object.object
-          elsif resolved_type.respond_to?(:object)
-            # The field is a type representing a single object, we'll authorize
-            # against the object directly
-            resolved_type.object
           elsif @field.connection? || resolved_type.is_a?(Array)
             # The field is a connection or a list of non-built-in types, we'll
             # authorize each element when rendering
             nil
+          elsif resolved_type.respond_to?(:object)
+            # The field is a type representing a single object, we'll authorize
+            # against the object directly
+            resolved_type.object
           else
             # Resolved type is a single object that might not be loaded yet by
             # the batchloader, we'll authorize that
diff --git a/lib/gitlab/graphql/authorize/authorize_resource.rb b/lib/gitlab/graphql/authorize/authorize_resource.rb
index ef5caaf5b0e..6844367454f 100644
--- a/lib/gitlab/graphql/authorize/authorize_resource.rb
+++ b/lib/gitlab/graphql/authorize/authorize_resource.rb
@@ -29,19 +29,25 @@ module Gitlab
 
         def authorized_find!(*args)
           object = find_object(*args)
+          object = object.sync if object.respond_to?(:sync)
+
           authorize!(object)
 
           object
         end
 
         def authorize!(object)
-          unless authorized?(object)
+          unless authorized_resource?(object)
             raise Gitlab::Graphql::Errors::ResourceNotAvailable,
                   "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
           end
         end
 
-        def authorized?(object)
+        # this was named `#authorized?`, however it conflicts with the native
+        # graphql gem version
+        # TODO consider adopting the gem's built in authorization system
+        # https://gitlab.com/gitlab-org/gitlab-ee/issues/13984
+        def authorized_resource?(object)
           # Sanity check. We don't want to accidentally allow a developer to authorize
           # without first adding permissions to authorize against
           if self.class.required_permissions.empty?
diff --git a/lib/gitlab/graphql/loaders/batch_lfs_oid_loader.rb b/lib/gitlab/graphql/loaders/batch_lfs_oid_loader.rb
index 8f34e58a771..67511c124e4 100644
--- a/lib/gitlab/graphql/loaders/batch_lfs_oid_loader.rb
+++ b/lib/gitlab/graphql/loaders/batch_lfs_oid_loader.rb
@@ -9,7 +9,7 @@ module Gitlab
         end
 
         def find
-          BatchLoader.for(blob_id).batch(key: repository) do |blob_ids, loader, batch_args|
+          BatchLoader::GraphQL.for(blob_id).batch(key: repository) do |blob_ids, loader, batch_args|
             Gitlab::Git::Blob.batch_lfs_pointers(batch_args[:key], blob_ids).each do |loaded_blob|
               loader.call(loaded_blob.id, loaded_blob.lfs_oid)
             end
diff --git a/lib/gitlab/graphql/loaders/batch_model_loader.rb b/lib/gitlab/graphql/loaders/batch_model_loader.rb
index 50d3293fcbb..164fe74148c 100644
--- a/lib/gitlab/graphql/loaders/batch_model_loader.rb
+++ b/lib/gitlab/graphql/loaders/batch_model_loader.rb
@@ -12,7 +12,7 @@ module Gitlab
 
         # rubocop: disable CodeReuse/ActiveRecord
         def find
-          BatchLoader.for({ model: model_class, id: model_id.to_i }).batch do |loader_info, loader|
+          BatchLoader::GraphQL.for({ model: model_class, id: model_id.to_i }).batch do |loader_info, loader|
             per_model = loader_info.group_by { |info| info[:model] }
             per_model.each do |model, info|
               ids = info.map { |i| i[:id] }
diff --git a/lib/gitlab/graphql/loaders/batch_project_statistics_loader.rb b/lib/gitlab/graphql/loaders/batch_project_statistics_loader.rb
index 5e151f4dbd7..449f4160a6c 100644
--- a/lib/gitlab/graphql/loaders/batch_project_statistics_loader.rb
+++ b/lib/gitlab/graphql/loaders/batch_project_statistics_loader.rb
@@ -11,7 +11,7 @@ module Gitlab
         end
 
         def find
-          BatchLoader.for(project_id).batch do |project_ids, loader|
+          BatchLoader::GraphQL.for(project_id).batch do |project_ids, loader|
             ProjectStatistics.for_project_ids(project_ids).each do |statistics|
               loader.call(statistics.project_id, statistics)
             end
diff --git a/lib/gitlab/graphql/loaders/batch_root_storage_statistics_loader.rb b/lib/gitlab/graphql/loaders/batch_root_storage_statistics_loader.rb
index a0312366d66..366aa74d435 100644
--- a/lib/gitlab/graphql/loaders/batch_root_storage_statistics_loader.rb
+++ b/lib/gitlab/graphql/loaders/batch_root_storage_statistics_loader.rb
@@ -11,7 +11,7 @@ module Gitlab
         end
 
         def find
-          BatchLoader.for(namespace_id).batch do |namespace_ids, loader|
+          BatchLoader::GraphQL.for(namespace_id).batch do |namespace_ids, loader|
             Namespace::RootStorageStatistics.for_namespace_ids(namespace_ids).each do |statistics|
               loader.call(statistics.namespace_id, statistics)
             end
diff --git a/lib/gitlab/graphql/loaders/pipeline_for_sha_loader.rb b/lib/gitlab/graphql/loaders/pipeline_for_sha_loader.rb
index 81c5cabf451..70344392138 100644
--- a/lib/gitlab/graphql/loaders/pipeline_for_sha_loader.rb
+++ b/lib/gitlab/graphql/loaders/pipeline_for_sha_loader.rb
@@ -11,7 +11,7 @@ module Gitlab
         end
 
         def find_last
-          BatchLoader.for(sha).batch(key: project) do |shas, loader, args|
+          BatchLoader::GraphQL.for(sha).batch(key: project) do |shas, loader, args|
             pipelines = args[:key].ci_pipelines.latest_for_shas(shas)
 
             pipelines.each do |pipeline|
author	Brett Walker <bwalker@gitlab.com>	2019-09-04 17:42:48 +0000
committer	Mayra Cabrera <mcabrera@gitlab.com>	2019-09-04 17:42:48 +0000
commit	aa7b1cfc5b3319373a4b56c755b1fc1d4cbaff02 (patch)
tree	ba078b30d36bf8ed8d5ec8fece71871e40d85a2c /lib
parent	29e3a08b8f8f9511dd6e25566bc9abb135a597c4 (diff)
download	gitlab-ce-aa7b1cfc5b3319373a4b56c755b1fc1d4cbaff02.tar.gz