diff options
Diffstat (limited to 'app/graphql/resolvers/concerns')
-rw-r--r-- | app/graphql/resolvers/concerns/issue_resolver_arguments.rb | 9 | ||||
-rw-r--r-- | app/graphql/resolvers/concerns/search_arguments.rb | 18 |
2 files changed, 24 insertions, 3 deletions
diff --git a/app/graphql/resolvers/concerns/issue_resolver_arguments.rb b/app/graphql/resolvers/concerns/issue_resolver_arguments.rb index 9de36b5b7d1..855877110e5 100644 --- a/app/graphql/resolvers/concerns/issue_resolver_arguments.rb +++ b/app/graphql/resolvers/concerns/issue_resolver_arguments.rb @@ -4,6 +4,7 @@ module IssueResolverArguments extend ActiveSupport::Concern prepended do + include SearchArguments include LooksAhead argument :iid, GraphQL::Types::String, @@ -49,9 +50,6 @@ module IssueResolverArguments argument :closed_after, Types::TimeType, required: false, description: 'Issues closed after this date.' - argument :search, GraphQL::Types::String, - required: false, - description: 'Search query for issue title or description.' argument :types, [Types::IssueTypeEnum], as: :issue_types, description: 'Filter issues by the given issue types.', @@ -62,6 +60,10 @@ module IssueResolverArguments argument :my_reaction_emoji, GraphQL::Types::String, required: false, description: 'Filter by reaction emoji applied by the current user. Wildcard values "NONE" and "ANY" are supported.' + argument :confidential, + GraphQL::Types::Boolean, + required: false, + description: 'Filter for confidential issues. If "false", excludes confidential issues. If "true", returns only confidential issues.' argument :not, Types::Issues::NegatedIssueFilterInputType, description: 'Negated arguments.', prepare: ->(negated_args, ctx) { negated_args.to_h }, @@ -91,6 +93,7 @@ module IssueResolverArguments params_not_mutually_exclusive(args, mutually_exclusive_assignee_username_args) params_not_mutually_exclusive(args, mutually_exclusive_milestone_args) params_not_mutually_exclusive(args.fetch(:not, {}), mutually_exclusive_milestone_args) + validate_anonymous_search_access! if args[:search].present? super end diff --git a/app/graphql/resolvers/concerns/search_arguments.rb b/app/graphql/resolvers/concerns/search_arguments.rb new file mode 100644 index 00000000000..7f480f9d0b6 --- /dev/null +++ b/app/graphql/resolvers/concerns/search_arguments.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +module SearchArguments + extend ActiveSupport::Concern + + included do + argument :search, GraphQL::Types::String, + required: false, + description: 'Search query for title or description.' + end + + def validate_anonymous_search_access! + return if current_user.present? || Feature.disabled?(:disable_anonymous_search, type: :ops) + + raise ::Gitlab::Graphql::Errors::ArgumentError, + "User must be authenticated to include the `search` argument." + end +end |