Adds AuthorizeTypes cop to EE-only GraphQL types

0e2f0750 · Max Woolf · e80b3b81 · 0e2f0750 · 0e2f0750 · 0e2f0750
Commit 0e2f0750 authored Jun 29, 2020 by Max Woolf
3 changed files
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -316,6 +316,9 @@ Cop/SidekiqOptionsQueue:
 Graphql/AuthorizeTypes:
  Enabled: true
+  Include:
+    - 'app/graphql/types/**/*'
+    - 'ee/app/graphql/types/**/*'
  Exclude:
    - 'spec/**/*.rb'
    - 'ee/spec/**/*.rb'

--- a/rubocop/cop/graphql/authorize_types.rb
+++ b/rubocop/cop/graphql/authorize_types.rb
@@ -7,8 +7,6 @@ module RuboCop
        MSG = 'Add an `authorize :ability` call to the type: '\
              'https://docs.gitlab.com/ee/development/api_graphql_styleguide.html#type-authorization'
-        TYPES_DIR = 'app/graphql/types'
        # We want to exclude our own basetypes and scalars
        WHITELISTED_TYPES = %w[BaseEnum BaseScalar BasePermissionType MutationType
                               QueryType GraphQL::Schema BaseUnion].freeze
@@ -18,7 +16,6 @@ module RuboCop
        PATTERN
        def on_class(node)
-          return unless in_type?(node)
          return if whitelisted?(class_constant(node))
          return if whitelisted?(superclass_constant(node))
@@ -27,12 +24,6 @@ module RuboCop
        private
-        def in_type?(node)
-          path = node.location.expression.source_buffer.name
-          path.include? TYPES_DIR
-        end
        def whitelisted?(class_node)
          class_const = class_node&.const_name

--- a/spec/rubocop/cop/graphql/authorize_types_spec.rb
+++ b/spec/rubocop/cop/graphql/authorize_types_spec.rb
@@ -10,83 +10,60 @@ RSpec.describe RuboCop::Cop::Graphql::AuthorizeTypes, type: :rubocop do
  subject(:cop) { described_class.new }
-  context 'when NOT in a type folder' do
+  it 'adds an offense when there is no authorize call' do
-    before do
+    inspect_source(<<~TYPE)
-      allow(cop).to receive(:in_type?).and_return(false)
+      module Types
-    end
+        class AType < BaseObject
+          field :a_thing
-    it 'does not add an offense even though there is no authorize call' do
+          field :another_thing
-      expect_no_offenses(<<~TYPE.strip)
-        module Types
-          class AType < BaseObject
-            field :a_thing
-            field :another_thing
-          end
-        end
-      TYPE
-    end
-  end
-  context 'when in a type folder' do
-    before do
-      allow(cop).to receive(:in_type?).and_return(true)
-    end
-    it 'adds an offense when there is no authorize call' do
-      inspect_source(<<~TYPE)
-        module Types
-          class AType < BaseObject
-            field :a_thing
-            field :another_thing
-          end
        end
-      TYPE
+      end
+    TYPE
-      expect(cop.offenses.size).to eq 1
+    expect(cop.offenses.size).to eq 1
-    end
+  end
-    it 'does not add an offense for classes that have an authorize call' do
+  it 'does not add an offense for classes that have an authorize call' do
-      expect_no_offenses(<<~TYPE.strip)
+    expect_no_offenses(<<~TYPE.strip)
-        module Types
+      module Types
-          class AType < BaseObject
+        class AType < BaseObject
-            graphql_name 'ATypeName'
+          graphql_name 'ATypeName'
-            authorize :an_ability, :second_ability
+          authorize :an_ability, :second_ability
-            field :a_thing
+          field :a_thing
-          end
        end
-      TYPE
+      end
-    end
+    TYPE
+  end
-    it 'does not add an offense for classes that only have an authorize call' do
+  it 'does not add an offense for classes that only have an authorize call' do
-      expect_no_offenses(<<~TYPE.strip)
+    expect_no_offenses(<<~TYPE.strip)
-        module Types
+      module Types
-          class AType < SuperClassWithFields
+        class AType < SuperClassWithFields
-            authorize :an_ability
+          authorize :an_ability
-          end
        end
-      TYPE
+      end
-    end
+    TYPE
+  end
-    it 'does not add an offense for base types' do
+  it 'does not add an offense for base types' do
-      expect_no_offenses(<<~TYPE)
+    expect_no_offenses(<<~TYPE)
-        module Types
+      module Types
-          class AType < BaseEnum
+        class AType < BaseEnum
-            field :a_thing
+          field :a_thing
-          end
        end
-      TYPE
+      end
-    end
+    TYPE
+  end
-    it 'does not add an offense for Enums' do
+  it 'does not add an offense for Enums' do
-      expect_no_offenses(<<~TYPE)
+    expect_no_offenses(<<~TYPE)
-        module Types
+      module Types
-          class ATypeEnum < AnotherEnum
+        class ATypeEnum < AnotherEnum
-            field :a_thing
+          field :a_thing
-          end
        end
-      TYPE
+      end
-    end
+    TYPE
  end
 end