- 03 7月, 2019 1 次提交
-
-
由 charlieablett 提交于
- Add a complexity of 1 if Gitaly is called at least once - Add an error notification if `calls_gitaly` isn't right for a particular field
-
- 21 6月, 2019 2 次提交
-
-
由 Bob Van Landuyt 提交于
This makes sure we also enforce authorizations for non-nullable fields. We are defining our authorizations on the unwrapped types (Repository). But when a type like that is presented in a non-nullable field, it's type is different (Repository!). The non-nullable type would not have the authorization metadata. This makes sure we check the metadata on the unwrapped type for finding authorizations.
-
由 Bob Van Landuyt 提交于
This also disables the cop with a reasoning in types where appropriate
-
- 20 6月, 2019 1 次提交
-
-
由 Bob Van Landuyt 提交于
This adds a `markdown_field` to our types. Using this helper will render a model's markdown field using the existing `MarkupHelper` with the context of the GraphQL query available to the helper. Having the context available to the helper is needed for redacting links to resources that the current user is not allowed to see. Because rendering the HTML can cause queries, the complexity of a these fields is raised by 5 above the default. The markdown field helper can be used as follows: ``` markdown_field :note_html, null: false ``` This would generate a field that will render the markdown field `note` of the model. This could be overridden by adding the `method:` argument. Passing a symbol for the method name: ``` markdown_field :body_html, null: false, method: :note ``` It will have this description by default: > The GitLab Flavored Markdown rendering of `note` This could be overridden by passing a `description:` argument. The type of a `markdown_field` is always `GraphQL::STRING_TYPE`.
-
- 15 6月, 2019 1 次提交
-
-
由 Mayra Cabrera 提交于
Add the missing check on GraphQL API for project statistics
-
- 03 6月, 2019 1 次提交
-
-
由 Alessio Caiazza 提交于
We can query namespaces, and nested projects. Projects now exposes statistics
-
- 22 5月, 2019 1 次提交
-
-
由 Phil Hughes 提交于
-
- 24 4月, 2019 1 次提交
-
-
由 Brett Walker 提交于
Add new query for Groups, with new GroupType and NamespaceType
-
- 03 4月, 2019 1 次提交
-
-
由 Luke Duncalfe 提交于
Enables authorizations to be defined on GraphQL Types. module Types class ProjectType < BaseObject authorize :read_project end end If a field has authorizations defined on it, and the return type of the field also has authorizations defined on it. then all of the combined permissions in the authorizations will be checked and must pass. Connection fields are checked by "digging" to find the type class of the "node" field in the expected location of edges->node. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54417
-
- 26 2月, 2019 1 次提交
-
-
由 Luke Duncalfe 提交于
Previously GraphQL field authorization happened like this: class ProjectType field :my_field, MyFieldType do authorize :permission end end This change allowed us to authorize like this instead: class ProjectType field :my_field, MyFieldType, authorize: :permission end A new initializer registers the `authorize` metadata keyword on GraphQL Schema Objects and Fields, and we can collect this data within the context of Instrumentation like this: field.metadata[:authorize] The previous functionality of authorize is still being used for mutations, as the #authorize method here is called at during the code that executes during the mutation, rather than when a field resolves. https://gitlab.com/gitlab-org/gitlab-ce/issues/57828
-
- 18 2月, 2019 1 次提交
-
-
由 Luke Duncalfe 提交于
defaultBranch and ciConfigPath should only be available to users with the :download_code permission for the Project, as the respository might be private. When implementing the authorize check on these properties, it was found that our current Graphql::Authorize::Instrumentation class does not work with fields that resolve to subclasses of GraphQL::Schema::Scalar, like GraphQL::STRING_TYPE. After discussion with other Create Team members, it has been decided that because the GraphQL API is not GA, to remove these properties from ProjectType, and instead implement them as part of epic https://gitlab.com/groups/gitlab-org/-/epics/711 Issue: https://gitlab.com/gitlab-org/gitlab-ce/issues/55316
-
- 14 2月, 2019 3 次提交
-
-
由 Lin Jen-Shin 提交于
-
由 Lin Jen-Shin 提交于
And add tests
-
由 Lin Jen-Shin 提交于
And fix the tests so that it won't run into circular paths.
-
- 27 11月, 2018 1 次提交
-
-
由 Phil Hughes 提交于
This suggests possibly related issues when the user types a title. This uses GraphQL to allow the frontend to request the exact data that is requires. We also get free caching through the Vue Apollo plugin. With this we can include the ability to import .graphql files in JS and Vue files. Also we now have the Vue test utils library to make testing Vue components easier. Closes #22071
-
- 12 9月, 2018 1 次提交
-
-
由 gfyoung 提交于
Partially addresses #47424.
-
- 04 7月, 2018 1 次提交
-
-
由 Bob Van Landuyt 提交于
This adds Keyset pagination to GraphQL lists. PoC for that is pipelines on merge requests and projects. When paginating a list, the base-64 encoded id of the ordering field (in most cases the primary key) can be passed in the `before` or `after` GraphQL argument.
-
- 28 6月, 2018 1 次提交
-
-
由 Bob Van Landuyt 提交于
This adds a reusable way to expose permissions for a user to types in GraphQL.
-
- 15 6月, 2018 1 次提交
-
-
由 Bob Van Landuyt 提交于
This allows the user to get a single MR nested in a GraphQL project query. Since we need the full path and the iid anyway, this makes more sense than having a root query that needs the full path as well.
-
- 06 6月, 2018 3 次提交
-
-
由 Bob Van Landuyt 提交于
- All definitions have been replaced by classes: http://graphql-ruby.org/schema/class_based_api.html - Authorization & Presentation have been refactored to work in the class based system - Loaders have been replaced by resolvers - Times are now coersed as ISO 8601
-
由 Bob Van Landuyt 提交于
By specifying a presenter for the object type, we can keep the logic out of `GitlabSchema`. The presenter gets initialized using the object being presented, and the context (including the `current_user`).
-
由 Nick Thomas 提交于
-