Adjust permissions for Release data in GraphQL endpoint
What does this MR do?
Updates permissions of Release-related data points in our GraphQL endpoint (data that was added in !30753 (merged) and !30873 (merged)). The goal is to make Release data available through GraphQL consistent with what's currently available through the REST.
Specific changes
When private project Release data is accessed by a user with Guest permissions:
- The
assets_count
property now excludes sources from the count -
tag_path
andtag_name
returnnull
Feature flag
This data was and still is hidden behind the disabled feature flag graphql_release_data
.
Related issues/MRs
#208702 (closed), #208724 (closed), !30873 (merged), !27448 (closed), !27614 (closed), !30753 (merged)
Edited by Nathan Friend