Module: Gitlab::Graphql::Authorize::AuthorizeResource
- Extended by:
- ActiveSupport::Concern
- Included in:
- Mutations::Achievements::Award, Mutations::Achievements::Create, Mutations::Achievements::Delete, Mutations::Achievements::DeleteUserAchievement, Mutations::Achievements::Revoke, Mutations::Achievements::Update, Mutations::Achievements::UpdateUserAchievement, Mutations::BaseMutation, Mutations::CustomerRelations::Contacts::Base, Mutations::CustomerRelations::Contacts::Create, Mutations::CustomerRelations::Organizations::Create, Mutations::Issues::BulkUpdate, Resolvers::AbuseReportLabelsResolver, Resolvers::Admin::Analytics::UsageTrends::MeasurementsResolver, Resolvers::AwardEmoji::BaseVotesCountResolver, Resolvers::BlameResolver, Resolvers::BlobsResolver, Resolvers::BoardListResolver, Resolvers::BoardListsResolver, Resolvers::BulkLabelsResolver, Resolvers::Ci::Catalog::ResourceResolver, Resolvers::Ci::ConfigResolver, Resolvers::Ci::JobTokenAuthLogsResolver, Resolvers::Ci::JobTokenScopeAllowlistResolver, Resolvers::Ci::JobTokenScopeResolver, Resolvers::Ci::PipelineTriggersResolver, Resolvers::Ci::ProjectPipelineAnalyticsResolver, Resolvers::Ci::RunnerGroupsResolver, Resolvers::Ci::RunnerJobCountResolver, Resolvers::Ci::RunnerJobsResolver, Resolvers::Ci::RunnerProjectsResolver, Resolvers::Ci::RunnersResolver, Resolvers::Ci::TestSuiteResolver, Resolvers::CodequalityReportsComparerResolver, Resolvers::Crm::ContactStateCountsResolver, Resolvers::Crm::ContactsResolver, Resolvers::Crm::OrganizationStateCountsResolver, Resolvers::Crm::OrganizationsResolver, Resolvers::CustomEmojiResolver, Resolvers::DataTransfer::GroupDataTransferResolver, Resolvers::DataTransfer::ProjectDataTransferResolver, Resolvers::DesignManagement::DesignAtVersionResolver, Resolvers::DesignManagement::Version::DesignAtVersionResolver, Resolvers::DesignManagement::Version::DesignsAtVersionResolver, Resolvers::DesignManagement::VersionInCollectionResolver, Resolvers::DesignManagement::VersionResolver, Resolvers::Environments::NestedEnvironmentsResolver, Resolvers::GroupMembers::NotificationEmailResolver, Resolvers::Import::SourceUsersResolver, Resolvers::Integrations::ExclusionsResolver, Resolvers::LabelsResolver, Resolvers::MembersResolver, Resolvers::MilestonesResolver, Resolvers::Notes::SyntheticNoteResolver, Resolvers::Organizations::GroupsResolver, Resolvers::Organizations::OrganizationResolver, Resolvers::Organizations::OrganizationUsersResolver, Resolvers::Organizations::OrganizationsResolver, Resolvers::Organizations::ProjectsResolver, Resolvers::PackagePipelinesResolver, Resolvers::ProjectJobsResolver, Resolvers::Projects::CommitReferencesResolver, Resolvers::Projects::ForkTargetsResolver, Resolvers::Projects::JiraProjectsResolver, Resolvers::Projects::PlanLimitsResolver, Resolvers::Projects::ServicesResolver, Resolvers::Snippets::BlobsResolver, Resolvers::TimelogResolver, Resolvers::UserDiscussionsCountResolver, Resolvers::UserNotesCountResolver, Resolvers::UserResolver, Resolvers::Users::FrecentGroupsResolver, Resolvers::Users::FrecentProjectsResolver, Resolvers::Users::GroupsResolver, Resolvers::Users::OrganizationsResolver, Resolvers::UsersResolver, Resolvers::WorkItemReferencesResolver, Resolvers::WorkItemResolver, Resolvers::WorkItems::WorkItemDiscussionsResolver, Types::Admin::Analytics::UsageTrends::MeasurementType, Types::BaseField, Types::ContainerRegistry::ContainerRepositoryDetailsType, Types::ContainerRegistry::ContainerRepositoryType
- Defined in:
- lib/gitlab/graphql/authorize/authorize_resource.rb
Constant Summary collapse
- ConfigurationError =
Class.new(StandardError)
- RESOURCE_ACCESS_ERROR =
"The resource that you are attempting to access does " \ "not exist or you don't have permission to perform this action"
Instance Method Summary collapse
- #authorize!(object) ⇒ Object
- #authorized_find!(*args, **kwargs) ⇒ Object
- #authorized_resource?(object) ⇒ Boolean
- #find_object(id:) ⇒ Object
- #raise_resource_not_available_error! ⇒ Object
Instance Method Details
#authorize!(object) ⇒ Object
60 61 62 |
# File 'lib/gitlab/graphql/authorize/authorize_resource.rb', line 60 def (object) raise_resource_not_available_error! unless (object) end |
#authorized_find!(*args, **kwargs) ⇒ Object
52 53 54 55 56 57 58 |
# File 'lib/gitlab/graphql/authorize/authorize_resource.rb', line 52 def (*args, **kwargs) object = Graphql::Lazy.force(find_object(*args, **kwargs)) (object) object end |
#authorized_resource?(object) ⇒ Boolean
64 65 66 67 68 |
# File 'lib/gitlab/graphql/authorize/authorize_resource.rb', line 64 def (object) raise ConfigurationError, "#{self.class.name} has no authorizations" if self.class..none? self.class..ok?(object, current_user, scope_validator: context[:scope_validator]) end |
#find_object(id:) ⇒ Object
48 49 50 |
# File 'lib/gitlab/graphql/authorize/authorize_resource.rb', line 48 def find_object(id:) GitlabSchema.find_by_gid(id) end |
#raise_resource_not_available_error! ⇒ Object
70 71 72 |
# File 'lib/gitlab/graphql/authorize/authorize_resource.rb', line 70 def raise_resource_not_available_error!(...) self.class.raise_resource_not_available_error!(...) end |