Module: Gitlab::Graphql::Authorize::AuthorizeResource

Constant Summary collapse

ConfigurationError =
Class.new(StandardError)
RESOURCE_ACCESS_ERROR =
"The resource that you are attempting to access does " \
"not exist or you don't have permission to perform this action"

Instance Method Summary collapse

Instance Method Details

#authorize!(object) ⇒ Object


54
55
56
# File 'lib/gitlab/graphql/authorize/authorize_resource.rb', line 54

def authorize!(object)
  raise_resource_not_available_error! unless authorized_resource?(object)
end

#authorized_find!(*args, **kwargs) ⇒ Object


46
47
48
49
50
51
52
# File 'lib/gitlab/graphql/authorize/authorize_resource.rb', line 46

def authorized_find!(*args, **kwargs)
  object = Graphql::Lazy.force(find_object(*args, **kwargs))

  authorize!(object)

  object
end

#authorized_resource?(object) ⇒ Boolean

Returns:

  • (Boolean)

Raises:


58
59
60
61
62
# File 'lib/gitlab/graphql/authorize/authorize_resource.rb', line 58

def authorized_resource?(object)
  raise ConfigurationError, "#{self.class.name} has no authorizations" if self.class.authorization.none?

  self.class.authorization.ok?(object, current_user)
end

#find_object(*args) ⇒ Object

Raises:

  • (NotImplementedError)

42
43
44
# File 'lib/gitlab/graphql/authorize/authorize_resource.rb', line 42

def find_object(*args)
  raise NotImplementedError, "Implement #find_object in #{self.class.name}"
end

#raise_resource_not_available_error!(*args) ⇒ Object


64
65
66
# File 'lib/gitlab/graphql/authorize/authorize_resource.rb', line 64

def raise_resource_not_available_error!(*args)
  self.class.raise_resource_not_available_error!(*args)
end