• Luke Duncalfe's avatar
    Improve GraphQL Authorization DSL · ccb4edbc
    Luke Duncalfe authored
    Previously GraphQL field authorization happened like this:
    
        class ProjectType
          field :my_field, MyFieldType do
            authorize :permission
          end
        end
    
    This change allowed us to authorize like this instead:
    
        class ProjectType
          field :my_field, MyFieldType, authorize: :permission
        end
    
    A new initializer registers the `authorize` metadata keyword on GraphQL
    Schema Objects and Fields, and we can collect this data within the
    context of Instrumentation like this:
    
        field.metadata[:authorize]
    
    The previous functionality of authorize is still being used for
    mutations, as the #authorize method here is called at during the code
    that executes during the mutation, rather than when a field resolves.
    
    https://gitlab.com/gitlab-org/gitlab-ce/issues/57828
    ccb4edbc
authorization_spec.rb 2.45 KB