Evaluate usage of new authorisation system of graphql gem for Todo GraphQL API
The following discussion from !18581 (merged) should be addressed:
-
@a_akgun started a discussion: (+6 comments) Do we need an authorization for
base
like:authorize :update_todo
similar toapp/graphql/mutations/merge_requests
and several others?
@digitalmoksha performed the gem updated of
graphql-ruby
recently, and it has an authorisation system (as an alternative than the homecooked one we currently use). Any thoughts here to add?
This should be investigated and implemented if possible.
Related issue: #31914 (closed)
Edited by Patrick Derichs