gitlab-org--gitlab-foss/app/controllers/graphql_controller.rb

49 lines
1.3 KiB
Ruby
Raw Normal View History

# frozen_string_literal: true
2017-08-16 09:04:41 -04:00
class GraphqlController < ApplicationController
# Unauthenticated users have access to the API for public data
skip_before_action :authenticate_user!
prepend_before_action(only: [:execute]) { authenticate_sessionless_user!(:api) }
2017-08-16 09:04:41 -04:00
before_action :check_graphql_feature_flag!
def execute
variables = Gitlab::Graphql::Variables.new(params[:variables]).to_h
2017-08-16 09:04:41 -04:00
query = params[:query]
operation_name = params[:operationName]
context = {
current_user: current_user
}
result = GitlabSchema.execute(query, variables: variables, context: context, operation_name: operation_name)
render json: result
end
rescue_from StandardError do |exception|
log_exception(exception)
render_error("Internal server error")
end
rescue_from Gitlab::Graphql::Variables::Invalid do |exception|
render_error(exception.message, status: :unprocessable_entity)
end
2017-08-16 09:04:41 -04:00
private
# Overridden from the ApplicationController to make the response look like
# a GraphQL response. That is nicely picked up in Graphiql.
def render_404
render_error("Not found!", status: :not_found)
end
def render_error(message, status: 500)
error = { errors: [message: message] }
2017-08-16 09:04:41 -04:00
render json: error, status: status
2017-08-16 09:04:41 -04:00
end
def check_graphql_feature_flag!
2018-12-13 05:12:13 -05:00
render_404 unless Gitlab::Graphql.enabled?
2017-08-16 09:04:41 -04:00
end
end