gitlab-org--gitlab-foss/lib/gitlab/graphql/authorize.rb

31 lines
1,023 B
Ruby
Raw Normal View History

# frozen_string_literal: true
2017-08-16 09:04:41 -04:00
module Gitlab
module Graphql
# Allow fields to declare permissions their objects must have. The field
# will be set to nil unless all required permissions are present.
module Authorize
extend ActiveSupport::Concern
2017-08-16 09:04:41 -04:00
def self.use(schema_definition)
schema_definition.instrument(:field, Instrumentation.new)
2017-08-16 09:04:41 -04:00
end
def required_permissions
# If the `#authorize` call is used on multiple classes, we add the
# permissions specified on a subclass, to the ones that were specified
# on it's superclass.
@required_permissions ||= if self.respond_to?(:superclass) && superclass.respond_to?(:required_permissions)
superclass.required_permissions.dup
else
[]
end
2017-08-16 09:04:41 -04:00
end
def authorize(*permissions)
required_permissions.concat(permissions)
2017-08-16 09:04:41 -04:00
end
end
end
end