diff options
Diffstat (limited to 'lib/gitlab/graphql/authorize/connection_filter_extension.rb')
-rw-r--r-- | lib/gitlab/graphql/authorize/connection_filter_extension.rb | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/lib/gitlab/graphql/authorize/connection_filter_extension.rb b/lib/gitlab/graphql/authorize/connection_filter_extension.rb index c75510df3e3..889c024ab5e 100644 --- a/lib/gitlab/graphql/authorize/connection_filter_extension.rb +++ b/lib/gitlab/graphql/authorize/connection_filter_extension.rb @@ -7,12 +7,14 @@ module Gitlab class Redactor include ::Gitlab::Graphql::Laziness - def initialize(type, context) + def initialize(type, context, resolver) @type = type @context = context + @resolver = resolver end def redact(nodes) + perform_before_authorize_action(nodes) remove_unauthorized(nodes) nodes @@ -29,6 +31,13 @@ module Gitlab private + def perform_before_authorize_action(nodes) + before_connection_authorization_block = @resolver&.before_connection_authorization_block + return unless before_connection_authorization_block.respond_to?(:call) + + before_connection_authorization_block.call(nodes, @context[:current_user]) + end + def remove_unauthorized(nodes) nodes .map! { |lazy| force(lazy) } @@ -49,14 +58,14 @@ module Gitlab end def redact_connection(conn, context) - redactor = Redactor.new(@field.type.unwrap.node_type, context) + redactor = Redactor.new(@field.type.unwrap.node_type, context, @field.resolver) return unless redactor.active? conn.redactor = redactor if conn.respond_to?(:redactor=) end def redact_list(list, context) - redactor = Redactor.new(@field.type.unwrap, context) + redactor = Redactor.new(@field.type.unwrap, context, @field.resolver) redactor.redact(list) if redactor.active? end end |