summaryrefslogtreecommitdiff
path: root/app/graphql/subscriptions/notes/base.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/graphql/subscriptions/notes/base.rb')
-rw-r--r--app/graphql/subscriptions/notes/base.rb27
1 files changed, 27 insertions, 0 deletions
diff --git a/app/graphql/subscriptions/notes/base.rb b/app/graphql/subscriptions/notes/base.rb
new file mode 100644
index 00000000000..3653c01e0e2
--- /dev/null
+++ b/app/graphql/subscriptions/notes/base.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Subscriptions
+ module Notes
+ class Base < ::Subscriptions::BaseSubscription
+ include Gitlab::Graphql::Laziness
+
+ argument :noteable_id, ::Types::GlobalIDType[::Noteable],
+ required: false,
+ description: 'ID of the noteable.'
+
+ def subscribe(*args)
+ nil
+ end
+
+ def authorized?(noteable_id:)
+ noteable = force(GitlabSchema.find_by_gid(noteable_id))
+
+ # unsubscribe if user cannot read the noteable anymore for any reason, e.g. issue was set confidential,
+ # in the meantime the read note permissions is checked within its corresponding returned type, i.e. NoteType
+ unauthorized! unless noteable && Ability.allowed?(current_user, :"read_#{noteable.to_ability_name}", noteable)
+
+ true
+ end
+ end
+ end
+end