Check for all scalar types

lib/gitlab/graphql/authorize/authorize_field_service.rb

@@ -48,7 +48,7 @@ module Gitlab
         end
 
         def authorize_against(parent_typed_object, resolved_type)
-          if built_in_type?
+          if scalar_type?
             # The field is a built-in/scalar type, or a list of scalars
             # authorize using the parent's object
             parent_typed_object.object
@@ -108,8 +108,8 @@ module Gitlab
           type.unwrap
         end
 
-        def built_in_type?
-          GraphQL::Schema::BUILT_IN_TYPES.has_value?(node_type_for_basic_connection(@field.type))
+        def scalar_type?
+          node_type_for_basic_connection(@field.type).kind.scalar?
         end
       end
     end

spec/lib/gitlab/graphql/authorize/authorize_field_service_spec.rb

@@ -45,7 +45,7 @@ describe Gitlab::Graphql::Authorize::AuthorizeFieldService do
         end
       end
 
-      context "when the field is a scalar type" do
+      context "when the field is a built-in scalar type" do
         let(:field) { type_with_field(GraphQL::STRING_TYPE, :read_field).fields["testField"].to_graphql }
         let(:expected_permissions) { [:read_field] }
 
@@ -58,6 +58,20 @@ describe Gitlab::Graphql::Authorize::AuthorizeFieldService do
 
         it_behaves_like "checking permissions on the presented object"
       end
+
+      context "when the field is sub-classed scalar type" do
+        let(:field) { type_with_field(Types::TimeType, :read_field).fields["testField"].to_graphql }
+        let(:expected_permissions) { [:read_field] }
+
+        it_behaves_like "checking permissions on the presented object"
+      end
+
+      context "when the field is a list of sub-classed scalar types" do
+        let(:field) { type_with_field([Types::TimeType], :read_field).fields["testField"].to_graphql }
+        let(:expected_permissions) { [:read_field] }
+
+        it_behaves_like "checking permissions on the presented object"
+      end
     end
 
     context "when the field is a specific type" do