GraphQL: Declarative way to disable Graphql/AuthorizeTypes
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Problem
The Graphql/AuthorizeTypes cop is disabled for 63 GraphQL types at time of writing.
The cop is very useful as it ensures a developer must either define an authorize or consciously switch the cop off, preventing a worst-case scenario of leaking data.
This issue is to propose ways to handle the obvious need for many types to skip authorization by making it declared in code instead.
Proposal
Allow types to declare that they do not require authorization rather than switch the cop off.
Currently, we're in favour of implementing this in a way that provides checks that certain authorization has applied to a parent node. Graphql/AuthorizeTypes would ignore the offence if skip_authorize was present. See #232921 (comment 390408201).
Click to see original (reasonably boring) proposals
First idea
Graphql/AuthorizeTypes would ignore the offence if skip_authorize was present.
This could also provide the opportunity for developers to give a reason for why authorization is being skipped.
module Types
class MyType < Types::BaseObject
skip_authorize
end
end
# or
module Types
class MyType < Types::BaseObject
skip_authorize 'Reason for skipping authorization'
end
endSecond idea
A second idea could be to pass a constant to authorize that our authorization instrumentation ignores.
module Gitlab
module Graphql
NO_AUTHORIZE = :_NO_AUTHORIZE
end
end
module Types
class MyType < Types::BaseObject
authorize Gitlab::GraphQL::NO_AUTHORIZE
end
endFWIW the author of the issue prefers the first idea