ebf98f27c4
Enables frozen string for the following: * lib/gitlab/fogbugz_import/**/*.rb * lib/gitlab/gfm/**/*.rb * lib/gitlab/git/**/*.rb * lib/gitlab/gitaly_client/**/*.rb * lib/gitlab/gitlab_import/**/*.rb * lib/gitlab/google_code_import/**/*.rb * lib/gitlab/gpg/**/*.rb * lib/gitlab/grape_logging/**/*.rb * lib/gitlab/graphql/**/*.rb * lib/gitlab/graphs/**/*.rb * lib/gitlab/hashed_storage/**/*.rb * lib/gitlab/health_checks/**/*.rb Partially address gitlab-org/gitlab-ce#47424.
30 lines
1,023 B
Ruby
30 lines
1,023 B
Ruby
# frozen_string_literal: true
|
|
|
|
module Gitlab
|
|
module Graphql
|
|
# Allow fields to declare permissions their objects must have. The field
|
|
# will be set to nil unless all required permissions are present.
|
|
module Authorize
|
|
extend ActiveSupport::Concern
|
|
|
|
def self.use(schema_definition)
|
|
schema_definition.instrument(:field, Instrumentation.new)
|
|
end
|
|
|
|
def required_permissions
|
|
# If the `#authorize` call is used on multiple classes, we add the
|
|
# permissions specified on a subclass, to the ones that were specified
|
|
# on it's superclass.
|
|
@required_permissions ||= if self.respond_to?(:superclass) && superclass.respond_to?(:required_permissions)
|
|
superclass.required_permissions.dup
|
|
else
|
|
[]
|
|
end
|
|
end
|
|
|
|
def authorize(*permissions)
|
|
required_permissions.concat(permissions)
|
|
end
|
|
end
|
|
end
|
|
end
|