Rescue from AccessDeniedError in GraphQL consistently
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
The REST API rescues from Gitlab::Access::AccessDeniedError consistently.
The GraphQL API however does not, and each mutation/resolver currently needs to rescue from AccessDeniedError individually:
% ag -A 2 -B 2 'rescue Gitlab::Access::AccessDeniedError' app/graphql/ ee/app/graphql/
app/graphql/mutations/branch_rules/create.rb
33- { errors: errors_on_object(protected_branch) }
34- end
35: rescue Gitlab::Access::AccessDeniedError
36- raise_resource_not_available_error!
37- end
app/graphql/mutations/members/bulk_update_base.rb
35- errors: Array.wrap(result[:message])
36- }
37: rescue Gitlab::Access::AccessDeniedError
38- {
39- errors: ["Unable to update members, please check user permissions."]
app/graphql/resolvers/ci/runners_resolver.rb
63- .new(current_user: current_user, params: runners_finder_params(args))
64- .execute)
65: rescue Gitlab::Access::AccessDeniedError
66- handle_access_denied_error!
67- end
ee/app/graphql/mutations/vulnerabilities/bulk_dismiss.rb
44- errors: response.success? ? [] : [response.message]
45- }
46: rescue Gitlab::Access::AccessDeniedError
47- raise_resource_not_available_error!
48- end
ee/app/graphql/mutations/approval_project_rules/delete.rb
25- errors: approval_rule.errors.full_messages
26- }
27: rescue Gitlab::Access::AccessDeniedError
28- raise_resource_not_available_error!
29- end
ee/app/graphql/resolvers/remote_development/agents_for_namespace_resolver.rb
30- user: current_user
31- )
32: rescue Gitlab::Access::AccessDeniedError
33- raise_resource_not_available_error!
34- endThe GraphQL API should also handle AccessDeniedError in a central place.
Edited by 🤖 GitLab Bot 🤖