diff options
| author | Luke Duncalfe <lduncalfe@eml.cc> | 2019-02-07 02:04:09 +0300 |
|---|---|---|
| committer | Luke Duncalfe <lduncalfe@eml.cc> | 2019-02-20 01:24:20 +0300 |
| commit | 979c5452ff300d366f6434d7689bfac0940157ea (patch) | |
| tree | ac781c81999004d03dab4a3cc4a820af7a66d20f /app | |
| parent | b3f59a587924d6fb5877d484a0f2b183d8db65fd (diff) | |
Removing sensitive properties from ProjectType
defaultBranch and ciConfigPath should only be available to users with
the :download_code permission for the Project, as the respository might
be private.
When implementing the authorize check on these properties, it was
found that our current Graphql::Authorize::Instrumentation class does
not work with fields that resolve to subclasses of
GraphQL::Schema::Scalar, like GraphQL::STRING_TYPE.
After discussion with other Create Team members, it has been decided
that because the GraphQL API is not GA, to remove these properties from
ProjectType, and instead implement them as part of epic
https://gitlab.com/groups/gitlab-org/-/epics/711
Issue:
https://gitlab.com/gitlab-org/gitlab-ce/issues/55316
Diffstat (limited to 'app')
| -rw-r--r-- | app/graphql/types/project_type.rb | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/app/graphql/types/project_type.rb b/app/graphql/types/project_type.rb index 050706f97be..587e55c611f 100644 --- a/app/graphql/types/project_type.rb +++ b/app/graphql/types/project_type.rb @@ -16,7 +16,6 @@ module Types field :description, GraphQL::STRING_TYPE, null: true - field :default_branch, GraphQL::STRING_TYPE, null: true field :tag_list, GraphQL::STRING_TYPE, null: true field :ssh_url_to_repo, GraphQL::STRING_TYPE, null: true @@ -59,7 +58,6 @@ module Types end field :import_status, GraphQL::STRING_TYPE, null: true - field :ci_config_path, GraphQL::STRING_TYPE, null: true field :only_allow_merge_if_pipeline_succeeds, GraphQL::BOOLEAN_TYPE, null: true field :request_access_enabled, GraphQL::BOOLEAN_TYPE, null: true |