From 8207f7877fea6987cbd8ef26e6f01feca6608bd2 Mon Sep 17 00:00:00 2001
From: Luke Duncalfe <lduncalfe@eml.cc>
Date: Mon, 4 Mar 2019 15:30:32 +1300
Subject: GraphQL Type authorization

Enables authorizations to be defined on GraphQL Types.

    module Types
      class ProjectType < BaseObject
        authorize :read_project
      end
    end

If a field has authorizations defined on it, and the return type of the
field also has authorizations defined on it. then all of the combined
permissions in the authorizations will be checked and must pass.

Connection fields are checked by "digging" to find the type class of the
"node" field in the expected location of edges->node.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54417
---
 app/graphql/types/query_type.rb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'app/graphql/types/query_type.rb')

diff --git a/app/graphql/types/query_type.rb b/app/graphql/types/query_type.rb
index 472fe5d6ec2..0f655ab9d03 100644
--- a/app/graphql/types/query_type.rb
+++ b/app/graphql/types/query_type.rb
@@ -7,8 +7,7 @@ module Types
     field :project, Types::ProjectType,
           null: true,
           resolver: Resolvers::ProjectResolver,
-          description: "Find a project",
-          authorize: :read_project
+          description: "Find a project"
 
     field :metadata, Types::MetadataType,
           null: true,
-- 
cgit v1.2.1