blob: 3653c01e0e218f82b04e0482c1a31e02799bf917 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
# frozen_string_literal: true
module Subscriptions
module Notes
class Base < ::Subscriptions::BaseSubscription
include Gitlab::Graphql::Laziness
argument :noteable_id, ::Types::GlobalIDType[::Noteable],
required: false,
description: 'ID of the noteable.'
def subscribe(*args)
nil
end
def authorized?(noteable_id:)
noteable = force(GitlabSchema.find_by_gid(noteable_id))
# unsubscribe if user cannot read the noteable anymore for any reason, e.g. issue was set confidential,
# in the meantime the read note permissions is checked within its corresponding returned type, i.e. NoteType
unauthorized! unless noteable && Ability.allowed?(current_user, :"read_#{noteable.to_ability_name}", noteable)
true
end
end
end
end
|