Commit graph

14 commits

Author SHA1 Message Date
Luke Duncalfe
67030789f5 Include AuthorizeResource module for all mutations
This makes our authorization calls available to all GraphQL mutations
without the additional step of including the module first.
2019-07-11 15:08:34 +12:00
Marcel Amirault
e108f0d961 Small markdown tweaks to clear kramdown warnings
Fixing square brackets, links, etc in:
  merge_requests.md
  vulnerabilities.md
  issues.md
  issues_statistics.md
  pipelines.md
  services.md
  group_milestones.md
  milestones.md
  runners.md
  changelog.md
  issue_workflow.md
  elasticsearch.md
  api_graphql_styleguide.md
  automatic_ce_ee_merge.md
  file_storage.md
  architecture.md
  database_debugging.md
  index.md
  index.md
  frontend_testing.md
  pry_debugging.md
  vue.md
  development_process.md
2019-07-04 22:46:12 +00:00
Luke Duncalfe
bbdcbd98ae Remove unused authorized_find method
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/29921#note_184713939
2019-06-26 10:15:14 +12:00
Evan Read
e128239340 Add Markdown linting
Also adds and one linting rule
and makes project conform to it.
2019-06-25 04:34:55 +00:00
Douwe Maan
9b3295d341
Add Create Deep Dives to development docs
See https://gitlab.com/gitlab-org/create-stage/issues/1 for more context
2019-06-18 17:35:29 +02:00
Bob Van Landuyt
ed503d51a3 Expose IDs in GraphQL as a GlobalID
This exposes all fields named `id` as GlobalIDs so they can be used
across our entire GraphQL implementation.

When the objects loaded are `ApplicationRecord`s. We'll use our
existing batchloading to find them. Otherwise, we'll fall back to the
default implementation of `GlobalID`: Calling the `.find` method on
the class.
2019-06-03 21:59:25 +02:00
Luke Duncalfe
8cf0d8926a Added documentation for GraphQL Type authorization 2019-04-03 14:36:33 +13:00
Luke Duncalfe
ccb4edbca1 Improve GraphQL Authorization DSL
Previously GraphQL field authorization happened like this:

    class ProjectType
      field :my_field, MyFieldType do
        authorize :permission
      end
    end

This change allowed us to authorize like this instead:

    class ProjectType
      field :my_field, MyFieldType, authorize: :permission
    end

A new initializer registers the `authorize` metadata keyword on GraphQL
Schema Objects and Fields, and we can collect this data within the
context of Instrumentation like this:

    field.metadata[:authorize]

The previous functionality of authorize is still being used for
mutations, as the #authorize method here is called at during the code
that executes during the mutation, rather than when a field resolves.

https://gitlab.com/gitlab-org/gitlab-ce/issues/57828
2019-02-26 10:22:12 +13:00
George Tsiolis
733ae94921 Fix typos in comments and specs 2018-11-01 08:59:20 +02:00
Bob Van Landuyt
3bcb04f100 Add mutation toggling WIP state of merge requests
This is mainly the setup of mutations for GraphQL. Including
authorization and basic return type-structure.
2018-07-25 18:37:12 +02:00
Bob Van Landuyt
04b046587f Add pipeline lists to GraphQL
This adds Keyset pagination to GraphQL lists. PoC for that is
pipelines on merge requests and projects.

When paginating a list, the base-64 encoded id of the ordering
field (in most cases the primary key) can be passed in the `before` or
`after` GraphQL argument.
2018-07-04 10:53:39 +02:00
Bob Van Landuyt
54b56f20b7 Expose permissions on types in GraphQL
This adds a reusable way to expose permissions for a user to types in
GraphQL.
2018-06-28 13:50:17 +02:00
Bob Van Landuyt
9b65d4bb41 Initial setup GraphQL using graphql-ruby 1.8
- All definitions have been replaced by classes:
  http://graphql-ruby.org/schema/class_based_api.html
- Authorization & Presentation have been refactored to work in the
  class based system
- Loaders have been replaced by resolvers
- Times are now coersed as ISO 8601
2018-06-06 10:58:54 +02:00
Bob Van Landuyt
aa4b1ae712 Add present_using to types
By specifying a presenter for the object type, we can keep the logic
out of `GitlabSchema`.

The presenter gets initialized using the object being presented, and
the context (including the `current_user`).
2018-06-05 20:47:42 +02:00