Commit 52a7120a authored by Rémy Coutable's avatar Rémy Coutable

Merge branch 'ajk-gql-ci-job-permission-check' into 'master'

Enforce permission check on CI builds in GraphQL

See merge request gitlab-org/gitlab!50882
parents 77ffacbc d9cd4d65
...@@ -2,9 +2,9 @@ ...@@ -2,9 +2,9 @@
module Types module Types
module Ci module Ci
# rubocop: disable Graphql/AuthorizeTypes
class JobType < BaseObject class JobType < BaseObject
graphql_name 'CiJob' graphql_name 'CiJob'
authorize :read_commit_status
field :pipeline, Types::Ci::PipelineType, null: true, field :pipeline, Types::Ci::PipelineType, null: true,
description: 'Pipeline the job belongs to' description: 'Pipeline the job belongs to'
......
...@@ -4,6 +4,7 @@ require 'spec_helper' ...@@ -4,6 +4,7 @@ require 'spec_helper'
RSpec.describe Types::Ci::JobType do RSpec.describe Types::Ci::JobType do
specify { expect(described_class.graphql_name).to eq('CiJob') } specify { expect(described_class.graphql_name).to eq('CiJob') }
specify { expect(described_class).to require_graphql_authorizations(:read_commit_status) }
it 'exposes the expected fields' do it 'exposes the expected fields' do
expected_fields = %i[ expected_fields = %i[
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment