Merge branch 'ajk-13984-minor-tidying' into 'master'

Minor resolver tidying

See merge request gitlab-org/gitlab!49909

.rubocop.yml

@@ -368,6 +368,8 @@ Cop/SidekiqOptionsQueue:
 
 Graphql/ResolverType:
   Enabled: true
+  Exclude:
+    - 'app/graphql/resolvers/base_resolver.rb'
   Include:
     - 'app/graphql/resolvers/**/*'
     - 'ee/app/graphql/resolvers/**/*'

.rubocop_manual_todo.yml

@@ -32,14 +32,6 @@ Graphql/IDType:
     - 'app/graphql/resolvers/error_tracking/sentry_error_stack_trace_resolver.rb'
     - 'app/graphql/resolvers/user_merge_requests_resolver.rb'
 
-Graphql/ResolverType:
-  Exclude:
-    - 'app/graphql/resolvers/base_resolver.rb'
-    - 'app/graphql/resolvers/ci/jobs_resolver.rb'
-    - 'app/graphql/resolvers/ci/pipeline_stages_resolver.rb'
-    - 'app/graphql/resolvers/users/group_count_resolver.rb'
-    - 'ee/app/graphql/resolvers/vulnerabilities_base_resolver.rb'
-
 Gitlab/PolicyRuleBoolean:
   Exclude:
     - 'ee/app/policies/ee/identity_provider_policy.rb'

app/graphql/mutations/snippets/create.rb

@@ -4,7 +4,8 @@ module Mutations
   module Snippets
     class Create < BaseMutation
       include SpammableMutationFields
-      include ResolvesProject
+
+      authorize :create_snippet
 
       graphql_name 'CreateSnippet'
 
@@ -37,17 +38,15 @@ module Mutations
                description: 'Actions to perform over the snippet repository and blobs',
                required: false
 
-      def resolve(args)
-        project_path = args.delete(:project_path)
-
+      def resolve(project_path: nil, **args)
         if project_path.present?
-          project = find_project!(project_path: project_path)
-        elsif !can_create_personal_snippet?
-          raise_resource_not_available_error!
+          project = authorized_find!(project_path)
+        else
+          authorize!(:global)
         end
 
         service_response = ::Snippets::CreateService.new(project,
-                                                         context[:current_user],
+                                                         current_user,
                                                          create_params(args)).execute
 
         snippet = service_response.payload[:snippet]
@@ -67,20 +66,8 @@ module Mutations
 
       private
 
-      def find_project!(project_path:)
-        authorized_find!(full_path: project_path)
-      end
-
-      def find_object(full_path:)
-        resolve_project(full_path: full_path)
-      end
-
-      def authorized_resource?(project)
-        Ability.allowed?(context[:current_user], :create_snippet, project)
-      end
-
-      def can_create_personal_snippet?
-        Ability.allowed?(context[:current_user], :create_snippet)
+      def find_object(full_path)
+        Project.find_by_full_path(full_path)
       end
 
       def create_params(args)

app/graphql/mutations/snippets/update.rb

@@ -27,11 +27,11 @@ module Mutations
                description: 'Actions to perform over the snippet repository and blobs',
                required: false
 
-      def resolve(args)
-        snippet = authorized_find!(id: args.delete(:id))
+      def resolve(id:, **args)
+        snippet = authorized_find!(id: id)
 
         result = ::Snippets::UpdateService.new(snippet.project,
-                                               context[:current_user],
+                                               current_user,
                                                update_params(args)).execute(snippet)
         snippet = result.payload[:snippet]
 

app/graphql/resolvers/ci/jobs_resolver.rb

@@ -5,6 +5,8 @@ module Resolvers
     class JobsResolver < BaseResolver
       alias_method :pipeline, :object
 
+      type ::Types::Ci::JobType.connection_type, null: true
+
       argument :security_report_types, [Types::Security::ReportTypeEnum],
               required: false,
               description: 'Filter jobs by the type of security report they produce'

app/graphql/resolvers/ci/pipeline_stages_resolver.rb

@@ -5,6 +5,9 @@ module Resolvers
     class PipelineStagesResolver < BaseResolver
       include LooksAhead
 
+      type Types::Ci::StageType.connection_type, null: true
+      extras [:lookahead]
+
       alias_method :pipeline, :object
 
       def resolve_with_lookahead

app/graphql/resolvers/design_management/versions_resolver.rb

@@ -9,6 +9,8 @@ module Resolvers
 
       VersionID = ::Types::GlobalIDType[::DesignManagement::Version]
 
+      extras [:parent]
+
       argument :earlier_or_equal_to_sha, GraphQL::STRING_TYPE,
                as: :sha,
                required: false,

app/graphql/resolvers/issue_status_counts_resolver.rb

@@ -6,6 +6,8 @@ module Resolvers
 
     type Types::IssueStatusCountsType, null: true
 
+    extras [:lookahead]
+
     def continue_issue_resolve(parent, finder, **args)
       finder.parent_param = parent
       apply_lookahead(Gitlab::IssuablesCountForState.new(finder, parent))

app/graphql/resolvers/users/group_count_resolver.rb

@@ -3,6 +3,8 @@
 module Resolvers
   module Users
     class GroupCountResolver < BaseResolver
+      type GraphQL::INT_TYPE, null: true
+
       alias_method :user, :object
 
       def resolve(**args)

app/graphql/types/ci/job_type.rb

@@ -5,6 +5,7 @@ module Types
     # rubocop: disable Graphql/AuthorizeTypes
     class JobType < BaseObject
       graphql_name 'CiJob'
+      authorize :read_build
 
       field :pipeline, Types::Ci::PipelineType, null: true,
             description: 'Pipeline the job belongs to'

app/graphql/types/terraform/state_type.rb

@@ -19,7 +19,6 @@ module Types
 
       field :locked_by_user, Types::UserType,
             null: true,
-            authorize: :read_user,
             description: 'The user currently holding a lock on the Terraform state'
 
       field :locked_at, Types::TimeType,

app/graphql/types/terraform/state_version_type.rb

@@ -15,7 +15,6 @@ module Types
 
       field :created_by_user, Types::UserType,
             null: true,
-            authorize: :read_user,
             description: 'The user that created this version'
 
       field :download_path, GraphQL::STRING_TYPE,
@@ -24,7 +23,6 @@ module Types
 
       field :job, Types::Ci::JobType,
             null: true,
-            authorize: :read_build,
             description: 'The job that created this version'
 
       field :serial, GraphQL::INT_TYPE,

ee/app/graphql/ee/types/project_type.rb

@@ -126,6 +126,7 @@ module EE
               null: true,
               description: 'Incident Management On-call schedules of the project',
               resolver: ::Resolvers::IncidentManagement::OncallScheduleResolver
+      end
 
       def dast_scanner_profiles
         DastScannerProfilesFinder.new(project_ids: [object.id]).execute
@@ -160,5 +161,4 @@ module EE
       end
     end
   end
-  end
 end

ee/app/graphql/resolvers/security_report_summary_resolver.rb

@@ -4,6 +4,8 @@ module Resolvers
   class SecurityReportSummaryResolver < BaseResolver
     type Types::SecurityReportSummaryType, null: true
 
+    extras [:lookahead]
+
     alias_method :pipeline, :object
 
     def resolve(lookahead:)

ee/app/graphql/resolvers/vulnerabilities_base_resolver.rb

@@ -5,6 +5,7 @@
 # to finding the object to get vulnerabilities from so that developers writing
 # new resolvers don't have to repeat it.
 
+# rubocop: disable Graphql/ResolverType
 module Resolvers
   class VulnerabilitiesBaseResolver < BaseResolver
     include Gitlab::Utils::StrongMemoize

ee/app/graphql/types/instance_security_dashboard_type.rb

@@ -9,7 +9,6 @@ module Types
     field :projects,
           Types::ProjectType.connection_type,
           null: false,
-          authorize: :read_project,
           description: 'Projects selected in Instance Security Dashboard'
 
     field :vulnerability_scanners,

ee/app/graphql/types/vulnerable_projects_by_grade_type.rb

@@ -15,7 +15,6 @@ module Types
 
     field :projects, Types::ProjectType.connection_type, null: false,
           description: 'Projects within this grade',
-          authorize: :read_project,
           complexity: 5
   end
   # rubocop: enable Graphql/AuthorizeTypes