diff options
| author | Luke Duncalfe <lduncalfe@eml.cc> | 2019-02-18 14:19:49 +1300 |
|---|---|---|
| committer | Luke Duncalfe <lduncalfe@eml.cc> | 2019-02-26 10:22:12 +1300 |
| commit | ccb4edbca1aa7e94a76a5a8d361af02fd093e1b9 (patch) | |
| tree | 833f8cd26fc162cc3b71e0a46ed4db69d4e69cde /spec/support/matchers | |
| parent | 7ff0c8ae57e6a88c86afae4f8e08bfacfb34d761 (diff) | |
| download | gitlab-ce-ccb4edbca1aa7e94a76a5a8d361af02fd093e1b9.tar.gz | |
Improve GraphQL Authorization DSL
Previously GraphQL field authorization happened like this:
class ProjectType
field :my_field, MyFieldType do
authorize :permission
end
end
This change allowed us to authorize like this instead:
class ProjectType
field :my_field, MyFieldType, authorize: :permission
end
A new initializer registers the `authorize` metadata keyword on GraphQL
Schema Objects and Fields, and we can collect this data within the
context of Instrumentation like this:
field.metadata[:authorize]
The previous functionality of authorize is still being used for
mutations, as the #authorize method here is called at during the code
that executes during the mutation, rather than when a field resolves.
https://gitlab.com/gitlab-org/gitlab-ce/issues/57828
Diffstat (limited to 'spec/support/matchers')
| -rw-r--r-- | spec/support/matchers/graphql_matchers.rb | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/spec/support/matchers/graphql_matchers.rb b/spec/support/matchers/graphql_matchers.rb index 7be84838e00..7894484f590 100644 --- a/spec/support/matchers/graphql_matchers.rb +++ b/spec/support/matchers/graphql_matchers.rb @@ -1,8 +1,6 @@ RSpec::Matchers.define :require_graphql_authorizations do |*expected| match do |field| - field_definition = field.metadata[:type_class] - expect(field_definition).to respond_to(:required_permissions) - expect(field_definition.required_permissions).to contain_exactly(*expected) + expect(field.metadata[:authorize]).to eq(*expected) end end |