Allow GraphQL Scalar-fields to be authorized (!26338) · Merge requests · GitLab.org / GitLab FOSS

Brett Walker requested to merge 57831-allow-graphql-scalar-fields-to-be-authorized into master Mar 19, 2019

What does this MR do?

We now allow GraphQL Scalar fields (e.g., ones that return Strings, or Integers) to have authorization applied to them, such as

module Types
  class ExampleType < BaseObject
    graphql_name 'Example'

    expose_permissions Types::PermissionTypes::Example

    field :id, GraphQL::ID_TYPE, null: false
    field :path, GraphQL::STRING_TYPE, null: false, authorize: :admin_example
  end
end

What are the relevant issue numbers?

Closes #57831 (closed)

Does this MR meet the acceptance criteria?

~~[ ] Changelog entry added, if necessary~~
~~[ ] Documentation created/updated via this MR~~
~~[ ] Documentation reviewed by technical writer or follow-up review issue created~~
Tests added for this feature/bug
~~[ ] Tested in all supported browsers~~
Conforms to the code review guidelines
Conforms to the merge request performance guidelines
Conforms to the style guides
Conforms to the database guides
~~[ ] Link to e2e tests MR added if this MR has Requires e2e tests label. See the [Test Planning Process]~~(https://about.gitlab.com/handbook/engineering/quality/guidelines/test-engineering/).
Security reports checked/validated by reviewer

Edited Apr 04, 2019 by Brett Walker

Allow GraphQL Scalar-fields to be authorized

What does this MR do?

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Merge request reports