Refactor snippets create mutation to use declarative auth

This refactors the snippet creation mutation to use the declarative authorization methods.

Refactor snippets create mutation to use declarative auth
This refactors the snippet creation mutation to use the declarative authorization methods.
98f688ac · Alex Kalderimis · 31e5c252 · 98f688ac
Commit 98f688ac authored Dec 14, 2020 by Alex Kalderimis
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 21 deletions

app/graphql/mutations/snippets/create.rb app/graphql/mutations/snippets/create.rb +9 -21

No files found.
--- a/app/graphql/mutations/snippets/create.rb
+++ b/app/graphql/mutations/snippets/create.rb
@@ -6,6 +6,8 @@ module Mutations
      include SpammableMutationFields
      include ResolvesProject
+      authorize :create_snippet
      graphql_name 'CreateSnippet'
      field :snippet,
@@ -37,17 +39,15 @@ module Mutations
               description: 'Actions to perform over the snippet repository and blobs',
               required: false
-      def resolve(args)
+      def resolve(project_path: nil, **args)
-        project_path = args.delete(:project_path)
        if project_path.present?
-          project = find_project!(project_path: project_path)
+          project = authorized_find!(project_path)
-        elsif !can_create_personal_snippet?
+        else
-          raise_resource_not_available_error!
+          authorize!(:global)
        end
        service_response = ::Snippets::CreateService.new(project,
-                                                         context[:current_user],
+                                                         current_user,
                                                         create_params(args)).execute
        snippet = service_response.payload[:snippet]
@@ -67,20 +67,8 @@ module Mutations
      private
-      def find_project!(project_path:)
+      def find_object(full_path)
-        authorized_find!(full_path: project_path)
+        Project.find_by_full_path(full_path)
-      end
-      def find_object(full_path:)
-        resolve_project(full_path: full_path)
-      end
-      def authorized_resource?(project)
-        Ability.allowed?(context[:current_user], :create_snippet, project)
-      end
-      def can_create_personal_snippet?
-        Ability.allowed?(context[:current_user], :create_snippet)
      end
      def create_params(args)