Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Boxiang Sun
gitlab-ce
Commits
50491d32
Commit
50491d32
authored
Feb 14, 2019
by
Lin Jen-Shin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Instead of returning all or nothing, return whichever passed
And add tests
parent
30918929
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
70 additions
and
13 deletions
+70
-13
lib/gitlab/graphql/authorize/instrumentation.rb
lib/gitlab/graphql/authorize/instrumentation.rb
+6
-9
spec/lib/gitlab/graphql/authorize/instrumentation_spec.rb
spec/lib/gitlab/graphql/authorize/instrumentation_spec.rb
+28
-4
spec/requests/api/graphql/project/issues_spec.rb
spec/requests/api/graphql/project/issues_spec.rb
+36
-0
No files found.
lib/gitlab/graphql/authorize/instrumentation.rb
View file @
50491d32
...
@@ -45,15 +45,12 @@ module Gitlab
...
@@ -45,15 +45,12 @@ module Gitlab
end
end
end
end
checked
=
case
value
case
value
when
Array
when
Array
value
.
select
(
&
check
)
value
.
all?
(
&
check
)
else
else
value
if
check
.
call
(
value
)
check
.
call
(
value
)
end
end
value
if
checked
end
end
end
end
end
end
...
...
spec/lib/gitlab/graphql/authorize/instrumentation_spec.rb
View file @
50491d32
...
@@ -15,7 +15,7 @@ describe Gitlab::Graphql::Authorize::Instrumentation do
...
@@ -15,7 +15,7 @@ describe Gitlab::Graphql::Authorize::Instrumentation do
object
=
double
(
:object
)
object
=
double
(
:object
)
abilities
.
each
do
|
ability
|
abilities
.
each
do
|
ability
|
spy_ability_check_for
(
ability
,
object
)
spy_ability_check_for
(
ability
,
object
,
passed:
true
)
end
end
expect
(
checker
.
call
(
object
)).
to
eq
(
object
)
expect
(
checker
.
call
(
object
)).
to
eq
(
object
)
...
@@ -26,18 +26,42 @@ describe Gitlab::Graphql::Authorize::Instrumentation do
...
@@ -26,18 +26,42 @@ describe Gitlab::Graphql::Authorize::Instrumentation do
abilities
.
each
do
|
ability
|
abilities
.
each
do
|
ability
|
objects
.
each
do
|
object
|
objects
.
each
do
|
object
|
spy_ability_check_for
(
ability
,
object
)
spy_ability_check_for
(
ability
,
object
,
passed:
true
)
end
end
end
end
expect
(
checker
.
call
(
objects
)).
to
eq
(
objects
)
expect
(
checker
.
call
(
objects
)).
to
eq
(
objects
)
end
end
def
spy_ability_check_for
(
ability
,
object
)
context
'when some objects would not pass the check'
do
it
'returns nil when it is single object'
do
disallowed
=
double
(
:object
)
spy_ability_check_for
(
abilities
.
first
,
disallowed
,
passed:
false
)
expect
(
checker
.
call
(
disallowed
)).
to
be_nil
end
it
'returns only objects which passed when there are more than one'
do
allowed
=
double
(
:allowed
)
disallowed
=
double
(
:disallowed
)
spy_ability_check_for
(
abilities
.
first
,
disallowed
,
passed:
false
)
abilities
.
each
do
|
ability
|
spy_ability_check_for
(
ability
,
allowed
,
passed:
true
)
end
expect
(
checker
.
call
([
disallowed
,
allowed
]))
.
to
contain_exactly
(
allowed
)
end
end
def
spy_ability_check_for
(
ability
,
object
,
passed:
true
)
expect
(
Ability
)
expect
(
Ability
)
.
to
receive
(
:allowed?
)
.
to
receive
(
:allowed?
)
.
with
(
current_user
,
ability
,
object
)
.
with
(
current_user
,
ability
,
object
)
.
and_return
(
true
)
.
and_return
(
passed
)
end
end
end
end
end
end
spec/requests/api/graphql/project/issues_spec.rb
View file @
50491d32
...
@@ -56,4 +56,40 @@ describe 'getting an issue list for a project' do
...
@@ -56,4 +56,40 @@ describe 'getting an issue list for a project' do
expect
(
issues_data
).
to
eq
[]
expect
(
issues_data
).
to
eq
[]
end
end
end
end
context
'when there is a confidential issue'
do
let!
(
:confidential_issue
)
do
create
(
:issue
,
:confidential
,
project:
project
)
end
context
'when the user cannot see confidential issues'
do
it
'returns issues without confidential issues'
do
post_graphql
(
query
,
current_user:
current_user
)
expect
(
issues_data
.
size
).
to
eq
(
2
)
issues_data
.
each
do
|
issue
|
expect
(
issue
.
dig
(
'node'
,
'confidential'
)).
to
eq
(
false
)
end
end
end
context
'when the user can see confidential issues'
do
before
do
project
.
add_developer
(
current_user
)
end
it
'returns issues with confidential issues'
do
post_graphql
(
query
,
current_user:
current_user
)
expect
(
issues_data
.
size
).
to
eq
(
3
)
confidentials
=
issues_data
.
map
do
|
issue
|
issue
.
dig
(
'node'
,
'confidential'
)
end
expect
(
confidentials
).
to
eq
([
true
,
false
,
false
])
end
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment