Freeze the authorize value to prevent changes

1e126638 · Alex Kalderimis · Brett Walker · c153ce12 · 1e126638 · 1e126638
Commit 1e126638 authored Apr 19, 2022 by Alex Kalderimis Committed by Brett Walker Apr 19, 2022
Show whitespace changes
Inline Side-by-side

Showing with 6 additions and 5 deletions

app/graphql/types/base_object.rb app/graphql/types/base_object.rb +3 -1

spec/graphql/types/base_object_spec.rb spec/graphql/types/base_object_spec.rb +3 -4

No files found.
--- a/app/graphql/types/base_object.rb
+++ b/app/graphql/types/base_object.rb
@@ -10,7 +10,9 @@ module Types
    edge_type_class Types::BaseEdge
    def self.authorize(*args)
-      @authorize_args = args if args.any?
+      raise 'Cannot redefine authorize' if @authorize_args && args.any?
+      @authorize_args = args.freeze if args.any?
      @authorize_args || (superclass.respond_to?(:authorize) ? superclass.authorize : nil)
    end

--- a/spec/graphql/types/base_object_spec.rb
+++ b/spec/graphql/types/base_object_spec.rb
@@ -442,11 +442,10 @@ RSpec.describe Types::BaseObject do
        expect(described_class.authorize).to be_nil
        expect(read_only_type.authorize).to match_array [:read_only]
        expect(inherited_read_only_type.authorize).to match_array [:read_only]
+      end
-        read_only_type.authorize(:write_only)
+      it 'can not redefine the authorize value' do
+        expect { read_only_type.authorize(:write_only) }.to raise_error('Cannot redefine authorize')
-        expect(read_only_type.authorize).to match_array [:write_only]
-        expect(inherited_read_only_type.authorize).to match_array [:write_only]
      end
    end
  end