| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
The `GraphQL::Function` has been deprecated in
favor of resolvers.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes sure we also enforce authorizations for non-nullable
fields.
We are defining our authorizations on the unwrapped
types (Repository). But when a type like that is presented in a
non-nullable field, it's type is different (Repository!). The
non-nullable type would not have the authorization metadata.
This makes sure we check the metadata on the unwrapped type for
finding authorizations.
|
| |
|
|
|
|
|
| |
With this we only check abilities on the rendered edges of a GraphQL
connection instead of all the nodes in it.
|
| |
|
|
Enables authorizations to be defined on GraphQL Types.
module Types
class ProjectType < BaseObject
authorize :read_project
end
end
If a field has authorizations defined on it, and the return type of the
field also has authorizations defined on it. then all of the combined
permissions in the authorizations will be checked and must pass.
Connection fields are checked by "digging" to find the type class of the
"node" field in the expected location of edges->node.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54417
|