Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
13f59d3d
Commit
13f59d3d
authored
Mar 02, 2021
by
Sean Arnold
Committed by
Markus Koller
Mar 02, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Disable Graphql/AuthorizeTypes for BaseInputType
- Disable cop - Remove existing disable comments
parent
e3a06b84
Changes
25
Show whitespace changes
Inline
Side-by-side
Showing
25 changed files
with
35 additions
and
41 deletions
+35
-41
app/graphql/types/boards/board_issue_input_base_type.rb
app/graphql/types/boards/board_issue_input_base_type.rb
+0
-2
app/graphql/types/boards/board_issue_input_type.rb
app/graphql/types/boards/board_issue_input_type.rb
+0
-2
app/graphql/types/ci_configuration/sast/analyzers_entity_input_type.rb
...ypes/ci_configuration/sast/analyzers_entity_input_type.rb
+0
-1
app/graphql/types/ci_configuration/sast/entity_input_type.rb
app/graphql/types/ci_configuration/sast/entity_input_type.rb
+0
-1
app/graphql/types/ci_configuration/sast/input_type.rb
app/graphql/types/ci_configuration/sast/input_type.rb
+1
-1
app/graphql/types/commit_action_type.rb
app/graphql/types/commit_action_type.rb
+0
-2
app/graphql/types/diff_paths_input_type.rb
app/graphql/types/diff_paths_input_type.rb
+0
-2
app/graphql/types/jira_users_mapping_input_type.rb
app/graphql/types/jira_users_mapping_input_type.rb
+0
-2
app/graphql/types/notes/diff_image_position_input_type.rb
app/graphql/types/notes/diff_image_position_input_type.rb
+0
-2
app/graphql/types/notes/diff_position_base_input_type.rb
app/graphql/types/notes/diff_position_base_input_type.rb
+0
-2
app/graphql/types/notes/diff_position_input_type.rb
app/graphql/types/notes/diff_position_input_type.rb
+0
-2
app/graphql/types/notes/update_diff_image_position_input_type.rb
...phql/types/notes/update_diff_image_position_input_type.rb
+0
-3
app/graphql/types/range_input_type.rb
app/graphql/types/range_input_type.rb
+0
-2
app/graphql/types/release_asset_link_input_type.rb
app/graphql/types/release_asset_link_input_type.rb
+0
-1
app/graphql/types/release_assets_input_type.rb
app/graphql/types/release_assets_input_type.rb
+0
-1
app/graphql/types/snippets/blob_action_input_type.rb
app/graphql/types/snippets/blob_action_input_type.rb
+1
-1
app/graphql/types/timeframe_input_type.rb
app/graphql/types/timeframe_input_type.rb
+0
-2
ee/app/graphql/types/alert_management/payload_alert_field_input_type.rb
.../types/alert_management/payload_alert_field_input_type.rb
+0
-1
ee/app/graphql/types/compliance_management/compliance_framework_input_type.rb
.../compliance_management/compliance_framework_input_type.rb
+0
-1
ee/app/graphql/types/epic_tree/epic_tree_node_input_type.rb
ee/app/graphql/types/epic_tree/epic_tree_node_input_type.rb
+0
-2
ee/app/graphql/types/incident_management/oncall_rotation_date_input_type.rb
...es/incident_management/oncall_rotation_date_input_type.rb
+0
-2
ee/app/graphql/types/incident_management/oncall_rotation_length_input_type.rb
.../incident_management/oncall_rotation_length_input_type.rb
+0
-2
ee/app/graphql/types/incident_management/oncall_user_input_type.rb
...aphql/types/incident_management/oncall_user_input_type.rb
+0
-2
rubocop/cop/graphql/authorize_types.rb
rubocop/cop/graphql/authorize_types.rb
+3
-2
spec/rubocop/cop/graphql/authorize_types_spec.rb
spec/rubocop/cop/graphql/authorize_types_spec.rb
+30
-0
No files found.
app/graphql/types/boards/board_issue_input_base_type.rb
View file @
13f59d3d
...
...
@@ -2,7 +2,6 @@
module
Types
module
Boards
# rubocop: disable Graphql/AuthorizeTypes
class
BoardIssueInputBaseType
<
BaseInputObject
argument
:label_name
,
GraphQL
::
STRING_TYPE
.
to_list_type
,
required:
false
,
...
...
@@ -28,7 +27,6 @@ module Types
required:
false
,
description:
'Filter by reaction emoji.'
end
# rubocop: enable Graphql/AuthorizeTypes
end
end
...
...
app/graphql/types/boards/board_issue_input_type.rb
View file @
13f59d3d
...
...
@@ -2,7 +2,6 @@
module
Types
module
Boards
# rubocop: disable Graphql/AuthorizeTypes
class
NegatedBoardIssueInputType
<
BoardIssueInputBaseType
end
...
...
@@ -17,7 +16,6 @@ module Types
required:
false
,
description:
'Search query for issue title or description.'
end
# rubocop: enable Graphql/AuthorizeTypes
end
end
...
...
app/graphql/types/ci_configuration/sast/analyzers_entity_input_type.rb
View file @
13f59d3d
...
...
@@ -3,7 +3,6 @@
module
Types
module
CiConfiguration
module
Sast
# rubocop: disable Graphql/AuthorizeTypes
class
AnalyzersEntityInputType
<
BaseInputObject
graphql_name
'SastCiConfigurationAnalyzersEntityInput'
description
'Represents the analyzers entity in SAST CI configuration'
...
...
app/graphql/types/ci_configuration/sast/entity_input_type.rb
View file @
13f59d3d
...
...
@@ -3,7 +3,6 @@
module
Types
module
CiConfiguration
module
Sast
# rubocop: disable Graphql/AuthorizeTypes
class
EntityInputType
<
BaseInputObject
graphql_name
'SastCiConfigurationEntityInput'
description
'Represents an entity in SAST CI configuration'
...
...
app/graphql/types/ci_configuration/sast/input_type.rb
View file @
13f59d3d
...
...
@@ -3,7 +3,7 @@
module
Types
module
CiConfiguration
module
Sast
class
InputType
<
BaseInputObject
# rubocop:disable Graphql/AuthorizeTypes
class
InputType
<
BaseInputObject
graphql_name
'SastCiConfigurationInput'
description
'Represents a CI configuration of SAST'
...
...
app/graphql/types/commit_action_type.rb
View file @
13f59d3d
# frozen_string_literal: true
module
Types
# rubocop: disable Graphql/AuthorizeTypes
class
CommitActionType
<
BaseInputObject
argument
:action
,
type:
Types
::
CommitActionModeEnum
,
required:
true
,
description:
'The action to perform, create, delete, move, update, chmod.'
...
...
@@ -18,5 +17,4 @@ module Types
argument
:encoding
,
type:
Types
::
CommitEncodingEnum
,
required:
false
,
description:
'Encoding of the file. Default is text.'
end
# rubocop: enable Graphql/AuthorizeTypes
end
app/graphql/types/diff_paths_input_type.rb
View file @
13f59d3d
# frozen_string_literal: true
module
Types
# rubocop: disable Graphql/AuthorizeTypes
class
DiffPathsInputType
<
BaseInputObject
argument
:old_path
,
GraphQL
::
STRING_TYPE
,
required:
false
,
description:
'The path of the file on the start sha.'
argument
:new_path
,
GraphQL
::
STRING_TYPE
,
required:
false
,
description:
'The path of the file on the head sha.'
end
# rubocop: enable Graphql/AuthorizeTypes
end
app/graphql/types/jira_users_mapping_input_type.rb
View file @
13f59d3d
# frozen_string_literal: true
module
Types
# rubocop: disable Graphql/AuthorizeTypes
class
JiraUsersMappingInputType
<
BaseInputObject
graphql_name
'JiraUsersMappingInputType'
...
...
@@ -14,5 +13,4 @@ module Types
required:
false
,
description:
'Id of the GitLab user.'
end
# rubocop: enable Graphql/AuthorizeTypes
end
app/graphql/types/notes/diff_image_position_input_type.rb
View file @
13f59d3d
...
...
@@ -2,7 +2,6 @@
module
Types
module
Notes
# rubocop: disable Graphql/AuthorizeTypes
class
DiffImagePositionInputType
<
DiffPositionBaseInputType
graphql_name
'DiffImagePositionInput'
...
...
@@ -15,6 +14,5 @@ module Types
argument
:height
,
GraphQL
::
INT_TYPE
,
required:
true
,
description:
copy_field_description
(
Types
::
Notes
::
DiffPositionType
,
:height
)
end
# rubocop: enable Graphql/AuthorizeTypes
end
end
app/graphql/types/notes/diff_position_base_input_type.rb
View file @
13f59d3d
...
...
@@ -2,7 +2,6 @@
module
Types
module
Notes
# rubocop: disable Graphql/AuthorizeTypes
class
DiffPositionBaseInputType
<
BaseInputObject
argument
:head_sha
,
GraphQL
::
STRING_TYPE
,
required:
true
,
description:
copy_field_description
(
Types
::
DiffRefsType
,
:head_sha
)
...
...
@@ -17,6 +16,5 @@ module Types
description:
'The paths of the file that was changed. '
\
'Both of the properties of this input are optional, but at least one of them is required'
end
# rubocop: enable Graphql/AuthorizeTypes
end
end
app/graphql/types/notes/diff_position_input_type.rb
View file @
13f59d3d
...
...
@@ -2,7 +2,6 @@
module
Types
module
Notes
# rubocop: disable Graphql/AuthorizeTypes
class
DiffPositionInputType
<
DiffPositionBaseInputType
graphql_name
'DiffPositionInput'
...
...
@@ -11,6 +10,5 @@ module Types
argument
:new_line
,
GraphQL
::
INT_TYPE
,
required:
false
,
description:
copy_field_description
(
Types
::
Notes
::
DiffPositionType
,
:new_line
)
end
# rubocop: enable Graphql/AuthorizeTypes
end
end
app/graphql/types/notes/update_diff_image_position_input_type.rb
View file @
13f59d3d
...
...
@@ -3,8 +3,6 @@
module
Types
module
Notes
# InputType used for updateImageDiffNote mutation.
#
# rubocop: disable Graphql/AuthorizeTypes
class
UpdateDiffImagePositionInputType
<
BaseInputObject
graphql_name
'UpdateDiffImagePositionInput'
...
...
@@ -32,6 +30,5 @@ module Types
end
end
end
# rubocop: enable Graphql/AuthorizeTypes
end
end
app/graphql/types/range_input_type.rb
View file @
13f59d3d
# frozen_string_literal: true
module
Types
# rubocop: disable Graphql/AuthorizeTypes
class
RangeInputType
<
BaseInputObject
def
self
.
[]
(
type
,
closed
=
true
)
@subtypes
||=
{}
...
...
@@ -25,5 +24,4 @@ module Types
to_h
end
end
# rubocop: enable Graphql/AuthorizeTypes
end
app/graphql/types/release_asset_link_input_type.rb
View file @
13f59d3d
# frozen_string_literal: true
module
Types
# rubocop: disable Graphql/AuthorizeTypes
class
ReleaseAssetLinkInputType
<
BaseInputObject
graphql_name
'ReleaseAssetLinkInput'
description
'Fields that are available when modifying a release asset link'
...
...
app/graphql/types/release_assets_input_type.rb
View file @
13f59d3d
# frozen_string_literal: true
module
Types
# rubocop: disable Graphql/AuthorizeTypes
class
ReleaseAssetsInputType
<
BaseInputObject
graphql_name
'ReleaseAssetsInput'
description
'Fields that are available when modifying release assets'
...
...
app/graphql/types/snippets/blob_action_input_type.rb
View file @
13f59d3d
...
...
@@ -2,7 +2,7 @@
module
Types
module
Snippets
class
BlobActionInputType
<
BaseInputObject
# rubocop:disable Graphql/AuthorizeTypes
class
BlobActionInputType
<
BaseInputObject
graphql_name
'SnippetBlobActionInputType'
description
'Represents an action to perform over a snippet file'
...
...
app/graphql/types/timeframe_input_type.rb
View file @
13f59d3d
# frozen_string_literal: true
module
Types
# rubocop: disable Graphql/AuthorizeTypes
class
TimeframeInputType
<
RangeInputType
[
::
Types
::
DateType
]
graphql_name
'Timeframe'
description
'A time-frame defined as a closed inclusive range of two dates'
end
# rubocop: enable Graphql/AuthorizeTypes
end
ee/app/graphql/types/alert_management/payload_alert_field_input_type.rb
View file @
13f59d3d
...
...
@@ -2,7 +2,6 @@
module
Types
module
AlertManagement
# rubocop: disable Graphql/AuthorizeTypes
class
PayloadAlertFieldInputType
<
BaseInputObject
graphql_name
'AlertManagementPayloadAlertFieldInput'
description
'Field that are available while modifying the custom mapping attributes for an HTTP integration'
...
...
ee/app/graphql/types/compliance_management/compliance_framework_input_type.rb
View file @
13f59d3d
...
...
@@ -2,7 +2,6 @@
module
Types
module
ComplianceManagement
# rubocop: disable Graphql/AuthorizeTypes
class
ComplianceFrameworkInputType
<
BaseInputObject
graphql_name
'ComplianceFrameworkInput'
...
...
ee/app/graphql/types/epic_tree/epic_tree_node_input_type.rb
View file @
13f59d3d
...
...
@@ -2,7 +2,6 @@
module
Types
module
EpicTree
# rubocop: disable Graphql/AuthorizeTypes
class
EpicTreeNodeInputType
<
BaseInputObject
graphql_name
'EpicTreeNodeFieldsInputType'
description
'A node of an epic tree.'
...
...
@@ -27,6 +26,5 @@ module Types
required:
false
,
description:
'ID of the new parent epic.'
end
# rubocop: enable Graphql/AuthorizeTypes
end
end
ee/app/graphql/types/incident_management/oncall_rotation_date_input_type.rb
View file @
13f59d3d
...
...
@@ -2,7 +2,6 @@
module
Types
module
IncidentManagement
# rubocop: disable Graphql/AuthorizeTypes
class
OncallRotationDateInputType
<
BaseInputObject
graphql_name
'OncallRotationDateInputType'
description
'Date input type for on-call rotation'
...
...
@@ -27,6 +26,5 @@ module Types
raise
Gitlab
::
Graphql
::
Errors
::
ArgumentError
,
'Date & time is invalid'
end
end
# rubocop: enable Graphql/AuthorizeTypes
end
end
ee/app/graphql/types/incident_management/oncall_rotation_length_input_type.rb
View file @
13f59d3d
...
...
@@ -2,7 +2,6 @@
module
Types
module
IncidentManagement
# rubocop: disable Graphql/AuthorizeTypes
class
OncallRotationLengthInputType
<
BaseInputObject
graphql_name
'OncallRotationLengthInputType'
description
'The rotation length of the on-call rotation'
...
...
@@ -15,6 +14,5 @@ module Types
required:
true
,
description:
'The unit of the rotation length of the on-call rotation.'
end
# rubocop: enable Graphql/AuthorizeTypes
end
end
ee/app/graphql/types/incident_management/oncall_user_input_type.rb
View file @
13f59d3d
...
...
@@ -2,7 +2,6 @@
module
Types
module
IncidentManagement
# rubocop: disable Graphql/AuthorizeTypes
class
OncallUserInputType
<
BaseInputObject
graphql_name
'OncallUserInputType'
description
'The rotation user and color palette'
...
...
@@ -19,6 +18,5 @@ module Types
required:
false
,
description:
'A value of DataVisualizationWeightEnum. The color weight to assign to for the on-call user.'
end
# rubocop: enable Graphql/AuthorizeTypes
end
end
rubocop/cop/graphql/authorize_types.rb
View file @
13f59d3d
...
...
@@ -9,7 +9,7 @@ module RuboCop
# We want to exclude our own basetypes and scalars
ALLOWED_TYPES
=
%w[BaseEnum BaseScalar BasePermissionType MutationType
QueryType GraphQL::Schema BaseUnion]
.
freeze
QueryType GraphQL::Schema BaseUnion
BaseInputObject
]
.
freeze
def_node_search
:authorize?
,
<<~
PATTERN
(send nil? :authorize ...)
...
...
@@ -29,8 +29,9 @@ module RuboCop
return
false
unless
class_const
return
true
if
class_const
.
end_with?
(
'Enum'
)
return
true
if
class_const
.
end_with?
(
'InputType'
)
ALLOWED_TYPES
.
any?
{
|
allowed
|
class_
node
.
const_name
.
include?
(
allowed
)
}
ALLOWED_TYPES
.
any?
{
|
allowed
|
class_
const
.
include?
(
allowed
)
}
end
def
class_constant
(
node
)
...
...
spec/rubocop/cop/graphql/authorize_types_spec.rb
View file @
13f59d3d
...
...
@@ -63,4 +63,34 @@ RSpec.describe RuboCop::Cop::Graphql::AuthorizeTypes do
end
TYPE
end
it
'does not add an offense for subtypes of BaseUnion'
do
expect_no_offenses
(
<<~
TYPE
)
module Types
class AType < BaseUnion
possible_types Types::Foo, Types::Bar
end
end
TYPE
end
it
'does not add an offense for subtypes of BaseInputObject'
do
expect_no_offenses
(
<<~
TYPE
)
module Types
class AType < BaseInputObject
argument :a_thing
end
end
TYPE
end
it
'does not add an offense for InputTypes'
do
expect_no_offenses
(
<<~
TYPE
)
module Types
class AInputType < SomeObjectType
argument :a_thing
end
end
TYPE
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment