diff options
Diffstat (limited to 'app/graphql/resolvers/base_resolver.rb')
-rw-r--r-- | app/graphql/resolvers/base_resolver.rb | 24 |
1 files changed, 10 insertions, 14 deletions
diff --git a/app/graphql/resolvers/base_resolver.rb b/app/graphql/resolvers/base_resolver.rb index 67bba079512..48563633d11 100644 --- a/app/graphql/resolvers/base_resolver.rb +++ b/app/graphql/resolvers/base_resolver.rb @@ -39,9 +39,7 @@ module Resolvers as_single << block # Have we been called after defining the single version of this resolver? - if @single.present? - @single.instance_exec(&block) - end + @single.instance_exec(&block) if @single.present? end def self.as_single @@ -90,7 +88,7 @@ module Resolvers def self.last parent = self - @last ||= Class.new(self.single) do + @last ||= Class.new(single) do type parent.singular_type, null: true def select_result(results) @@ -138,16 +136,6 @@ module Resolvers end end - # TODO: remove! This should never be necessary - # Remove as part of https://gitlab.com/gitlab-org/gitlab/-/issues/13984, - # since once we use that authorization approach, the object is guaranteed to - # be synchronized before any field. - def synchronized_object - strong_memoize(:synchronized_object) do - ::Gitlab::Graphql::Lazy.force(object) - end - end - def single? false end @@ -160,5 +148,13 @@ module Resolvers def select_result(results) results end + + def self.authorization + @authorization ||= ::Gitlab::Graphql::Authorize::ObjectAuthorization.new(try(:required_permissions)) + end + + def self.authorized?(object, context) + authorization.ok?(object, context[:current_user]) + end end end |