Merge branch 'fj-add-sessionless-param-to-graphql-context' into 'master'

Add sessionless param to graphql context Closes #232841 See merge request gitlab-org/gitlab!39830

Merge branch 'fj-add-sessionless-param-to-graphql-context' into 'master'
Add sessionless param to graphql context Closes #232841 See merge request gitlab-org/gitlab!39830
64ee4bdf · charlie ablett · c8ea49b9 · 3de8ddcb · 64ee4bdf · 64ee4bdf
Commit 64ee4bdf authored Aug 20, 2020 by charlie ablett
3 changed files
--- a/app/controllers/graphql_controller.rb
+++ b/app/controllers/graphql_controller.rb
@@ -81,7 +81,7 @@ class GraphqlController < ApplicationController
  end

  def context
-    @context ||= { current_user: current_user }
+    @context ||= { current_user: current_user, is_sessionless_user: !!sessionless_user? }
  end

  def build_variables(variable_info)

--- a/app/graphql/mutations/base_mutation.rb
+++ b/app/graphql/mutations/base_mutation.rb
@@ -17,6 +17,10 @@ module Mutations
      context[:current_user]
    end

+    def api_user?
+      context[:is_sessionless_user]
+    end
+
    # Returns Array of errors on an ActiveRecord object
    def errors_on_object(record)
      record.errors.full_messages

--- a/spec/controllers/graphql_controller_spec.rb
+++ b/spec/controllers/graphql_controller_spec.rb
@@ -60,14 +60,28 @@ RSpec.describe GraphqlController do
      it 'updates the users last_activity_on field' do
        expect { post :execute }.to change { user.reload.last_activity_on }
      end
+
+      it "sets context's sessionless value as false" do
+        post :execute
+
+        expect(assigns(:context)[:is_sessionless_user]).to be false
+      end
    end

    context 'when user uses an API token' do
      let(:user) { create(:user, last_activity_on: Date.yesterday) }
      let(:token) { create(:personal_access_token, user: user, scopes: [:api]) }

+      subject { post :execute, params: { access_token: token.token } }
+
      it 'updates the users last_activity_on field' do
-        expect { post :execute, params: { access_token: token.token } }.to change { user.reload.last_activity_on }
+        expect { subject }.to change { user.reload.last_activity_on }
+      end
+
+      it "sets context's sessionless value as true" do
+        subject
+
+        expect(assigns(:context)[:is_sessionless_user]).to be true
      end
    end

@@ -77,6 +91,12 @@ RSpec.describe GraphqlController do

        expect(response).to have_gitlab_http_status(:ok)
      end
+
+      it "sets context's sessionless value as false" do
+        post :execute
+
+        expect(assigns(:context)[:is_sessionless_user]).to be false
+      end
    end
  end