diff options
author | Nick Thomas <nick@gitlab.com> | 2017-08-16 16:04:41 +0300 |
---|---|---|
committer | Bob Van Landuyt <bob@vanlanduyt.co> | 2018-06-05 21:47:42 +0300 |
commit | 9c6c17cbcdb8bf8185fc1b873dcfd08f723e4df5 (patch) | |
tree | 624dba30e87ed0ea39afa0535d92c37c7718daef /app/controllers | |
parent | 67dc43db2f30095cce7fe01d7f475d084be936e8 (diff) |
Add a minimal GraphQL API
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/graphql_controller.rb | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/app/controllers/graphql_controller.rb b/app/controllers/graphql_controller.rb new file mode 100644 index 00000000000..ef258bf07cb --- /dev/null +++ b/app/controllers/graphql_controller.rb @@ -0,0 +1,49 @@ +class GraphqlController < ApplicationController + # Unauthenticated users have access to the API for public data + skip_before_action :authenticate_user! + + before_action :check_graphql_feature_flag! + + def execute + variables = ensure_hash(params[:variables]) + query = params[:query] + operation_name = params[:operationName] + context = { + current_user: current_user + } + result = GitlabSchema.execute(query, variables: variables, context: context, operation_name: operation_name) + render json: result + end + + private + + # Overridden from the ApplicationController to make the response look like + # a GraphQL response. That is nicely picked up in Graphiql. + def render_404 + error = { errors: [ message: "Not found" ] } + + render json: error, status: :not_found + end + + def check_graphql_feature_flag! + render_404 unless Feature.enabled?(:graphql) + end + + # Handle form data, JSON body, or a blank value + def ensure_hash(ambiguous_param) + case ambiguous_param + when String + if ambiguous_param.present? + ensure_hash(JSON.parse(ambiguous_param)) + else + {} + end + when Hash, ActionController::Parameters + ambiguous_param + when nil + {} + else + raise ArgumentError, "Unexpected parameter: #{ambiguous_param}" + end + end +end |