blob: 1f18a37fcb979e457027b0ad2ea6a8671ad32109 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
# frozen_string_literal: true
module Mutations
class BaseMutation < GraphQL::Schema::RelayClassicMutation
include Gitlab::Graphql::Authorize::AuthorizeResource
prepend Gitlab::Graphql::CopyFieldDescription
prepend ::Gitlab::Graphql::GlobalIDCompatibility
ERROR_MESSAGE = 'You cannot perform write operations on a read-only instance'
field_class ::Types::BaseField
argument_class ::Types::BaseArgument
field :errors, [GraphQL::STRING_TYPE],
null: false,
description: 'Errors encountered during execution of the mutation.'
def current_user
context[:current_user]
end
def api_user?
context[:is_sessionless_user]
end
# Returns Array of errors on an ActiveRecord object
def errors_on_object(record)
record.errors.full_messages
end
def ready?(**args)
raise_resource_not_available_error! ERROR_MESSAGE if Gitlab::Database.read_only?
true
end
def load_application_object(argument, lookup_as_type, id, context)
::Gitlab::Graphql::Lazy.new { super }.catch(::GraphQL::UnauthorizedError) do |e|
Gitlab::ErrorTracking.track_exception(e)
# The default behaviour is to abort processing and return nil for the
# entire mutation field, but not set any top-level errors. We prefer to
# at least say that something went wrong.
raise_resource_not_available_error!
end
end
def self.authorized?(object, context)
# we never provide an object to mutations, but we do need to have a user.
context[:current_user].present? && !context[:current_user].blocked?
end
# See: AuthorizeResource#authorized_resource?
def self.authorization
@authorization ||= ::Gitlab::Graphql::Authorize::ObjectAuthorization.new(authorize)
end
end
end
|