Merge branch 'philipcunningham-clean-up-graphql-errors' into 'master'

Replace GraphQL error string with constant

See merge request gitlab-org/gitlab!72562

ee/app/services/boards/epics/create_service.rb

@@ -11,7 +11,7 @@ module Boards
 
       def execute
         return ServiceResponse.error(message: 'This feature is not available') unless available?
-        return ServiceResponse.error(message: "The resource that you are attempting to access does not exist or you don't have permission to perform this action") unless allowed?
+        return ServiceResponse.error(message: Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR) unless allowed?
 
         error = check_arguments
         if error

ee/spec/graphql/mutations/incident_management/oncall_rotation/update_spec.rb

@@ -222,7 +222,7 @@ RSpec.describe Mutations::IncidentManagement::OncallRotation::Update do
 
     context 'when resource is not accessible to the user' do
       it 'raises an error' do
-        expect { resolve }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable, "The resource that you are attempting to access does not exist or you don't have permission to perform this action")
+        expect { resolve }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable, Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
       end
     end
   end

ee/spec/requests/api/graphql/mutations/boards/epic_boards/epic_move_list_spec.rb

@@ -43,7 +43,7 @@ RSpec.describe 'Reposition and move epic between board lists' do
       it 'raises resource not available error' do
         subject
 
-        message = "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
+        message = Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR
         expect(graphql_errors).to include(a_hash_including('message' => message))
       end
     end

ee/spec/requests/api/graphql/mutations/compliance_management/frameworks/destroy_spec.rb

@@ -27,7 +27,7 @@ RSpec.describe 'Delete a compliance framework' do
     end
 
     it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ["The resource that you are attempting to access does not exist or you don't have permission to perform this action"]
+                    errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
   end
 
   context 'when licensed' do
@@ -57,7 +57,7 @@ RSpec.describe 'Delete a compliance framework' do
       end
 
       it_behaves_like 'a mutation that returns top-level errors',
-                      errors: ["The resource that you are attempting to access does not exist or you don't have permission to perform this action"]
+                      errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
     end
   end
 end

ee/spec/requests/api/graphql/mutations/compliance_management/frameworks/update_spec.rb

@@ -31,7 +31,7 @@ RSpec.describe 'Update a compliance framework' do
     end
 
     it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ["The resource that you are attempting to access does not exist or you don't have permission to perform this action"]
+                    errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
   end
 
   context 'feature is licensed but disabled' do
@@ -40,7 +40,7 @@ RSpec.describe 'Update a compliance framework' do
     end
 
     it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ["The resource that you are attempting to access does not exist or you don't have permission to perform this action"]
+                    errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
   end
 
   context 'feature is licensed' do
@@ -97,7 +97,7 @@ RSpec.describe 'Update a compliance framework' do
         let_it_be(:current_user) { create(:user) }
 
         it_behaves_like 'a mutation that returns top-level errors',
-                        errors: ["The resource that you are attempting to access does not exist or you don't have permission to perform this action"]
+                        errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
       end
     end
 

ee/spec/requests/api/graphql/mutations/environments/canary_ingress/update_spec.rb

@@ -42,7 +42,7 @@ RSpec.describe 'Update Environment Canary Ingress', :clean_gitlab_redis_cache do
       post_graphql_mutation(mutation, current_user: actor)
 
       expect(graphql_errors.first)
-        .to include('message' => "The resource that you are attempting to access does not exist or you don't have permission to perform this action")
+        .to include('message' => Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
     end
   end
 end

ee/spec/requests/api/graphql/mutations/incident_management/escalation_policy/create_spec.rb

@@ -66,7 +66,7 @@ RSpec.describe 'creating escalation policy' do
       it 'raises an error' do
         resolve
 
-        expect_graphql_errors_to_include("The resource that you are attempting to access does not exist or you don't have permission to perform this action")
+        expect_graphql_errors_to_include(Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
       end
     end
 

spec/graphql/mutations/customer_relations/contacts/create_spec.rb

@@ -29,7 +29,7 @@ RSpec.describe Mutations::CustomerRelations::Contacts::Create do
 
       it 'raises an error' do
         expect { resolve_mutation }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
-          .with_message("The resource that you are attempting to access does not exist or you don't have permission to perform this action")
+          .with_message(Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
       end
     end
 

spec/graphql/mutations/customer_relations/contacts/update_spec.rb

@@ -10,7 +10,7 @@ RSpec.describe Mutations::CustomerRelations::Contacts::Update do
   let(:last_name) { 'Smith' }
   let(:email) { 'ls@gitlab.com' }
   let(:description) { 'VIP' }
-  let(:does_not_exist_or_no_permission) { "The resource that you are attempting to access does not exist or you don't have permission to perform this action" }
+  let(:does_not_exist_or_no_permission) { Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR }
   let(:contact) { create(:contact, group: group) }
   let(:attributes) do
     {

spec/graphql/mutations/customer_relations/organizations/create_spec.rb

@@ -30,7 +30,7 @@ RSpec.describe Mutations::CustomerRelations::Organizations::Create do
 
         it 'raises an error' do
           expect { resolve_mutation }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
-            .with_message("The resource that you are attempting to access does not exist or you don't have permission to perform this action")
+            .with_message(Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
         end
       end
 

spec/graphql/mutations/customer_relations/organizations/update_spec.rb

@@ -9,7 +9,7 @@ RSpec.describe Mutations::CustomerRelations::Organizations::Update do
   let(:name) { 'GitLab' }
   let(:default_rate) { 1000.to_f }
   let(:description) { 'VIP' }
-  let(:does_not_exist_or_no_permission) { "The resource that you are attempting to access does not exist or you don't have permission to perform this action" }
+  let(:does_not_exist_or_no_permission) { Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR }
   let(:organization) { create(:organization, group: group) }
   let(:attributes) do
     {

spec/graphql/mutations/discussions/toggle_resolve_spec.rb

@@ -26,7 +26,7 @@ RSpec.describe Mutations::Discussions::ToggleResolve do
         it 'raises an error if the resource is not accessible to the user' do
           expect { subject }.to raise_error(
             Gitlab::Graphql::Errors::ResourceNotAvailable,
-            "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
+            Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR
           )
         end
       end
@@ -40,7 +40,7 @@ RSpec.describe Mutations::Discussions::ToggleResolve do
           it 'raises an error' do
             expect { subject }.to raise_error(
               Gitlab::Graphql::Errors::ResourceNotAvailable,
-              "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
+              Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR
             )
           end
         end

spec/graphql/mutations/environments/canary_ingress/update_spec.rb

@@ -60,7 +60,7 @@ RSpec.describe Mutations::Environments::CanaryIngress::Update do
       let(:user) { reporter }
 
       it 'raises an error' do
-        expect { subject }.to raise_error("The resource that you are attempting to access does not exist or you don't have permission to perform this action")
+        expect { subject }.to raise_error(Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
       end
     end
   end

spec/graphql/mutations/notes/reposition_image_diff_note_spec.rb

@@ -29,7 +29,7 @@ RSpec.describe Mutations::Notes::RepositionImageDiffNote do
       it 'raises an error if the resource is not accessible to the user' do
         expect { subject }.to raise_error(
           Gitlab::Graphql::Errors::ResourceNotAvailable,
-          "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
+          Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR
         )
       end
     end

spec/graphql/mutations/releases/delete_spec.rb

@@ -28,7 +28,7 @@ RSpec.describe Mutations::Releases::Delete do
 
   shared_examples 'unauthorized or not found error' do
     it 'raises a Gitlab::Graphql::Errors::ResourceNotAvailable error' do
-      expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable, "The resource that you are attempting to access does not exist or you don't have permission to perform this action")
+      expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable, Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
     end
   end
 

spec/graphql/mutations/releases/update_spec.rb

@@ -232,7 +232,7 @@ RSpec.describe Mutations::Releases::Update do
           let(:mutation_arguments) { super().merge(project_path: 'not/a/real/path') }
 
           it 'raises an error' do
-            expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable, "The resource that you are attempting to access does not exist or you don't have permission to perform this action")
+            expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable, Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
           end
         end
       end
@@ -242,7 +242,7 @@ RSpec.describe Mutations::Releases::Update do
       let(:current_user) { reporter }
 
       it 'raises an error' do
-        expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable, "The resource that you are attempting to access does not exist or you don't have permission to perform this action")
+        expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable, Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
       end
     end
   end

spec/requests/api/graphql/mutations/ci/runners_registration_token/reset_spec.rb

@@ -15,7 +15,7 @@ RSpec.describe 'RunnersRegistrationTokenReset' do
       subject
 
       expect(graphql_errors).not_to be_empty
-      expect(graphql_errors).to include(a_hash_including('message' => "The resource that you are attempting to access does not exist or you don't have permission to perform this action"))
+      expect(graphql_errors).to include(a_hash_including('message' => Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR))
       expect(mutation_response).to be_nil
     end
   end

spec/requests/api/graphql/mutations/issues/move_spec.rb

@@ -33,7 +33,7 @@ RSpec.describe 'Moving an issue' do
 
   context 'when the user is not allowed to read source project' do
     it 'returns an error' do
-      error = "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
+      error = Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR
       post_graphql_mutation(mutation, current_user: user)
 
       expect(response).to have_gitlab_http_status(:success)

spec/requests/api/graphql/mutations/issues/set_confidential_spec.rb

@@ -36,7 +36,7 @@ RSpec.describe 'Setting an issue as confidential' do
   end
 
   it 'returns an error if the user is not allowed to update the issue' do
-    error = "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
+    error = Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR
     post_graphql_mutation(mutation, current_user: create(:user))
 
     expect(graphql_errors).to include(a_hash_including('message' => error))

spec/requests/api/graphql/mutations/issues/set_due_date_spec.rb

@@ -36,7 +36,7 @@ RSpec.describe 'Setting Due Date of an issue' do
   end
 
   it 'returns an error if the user is not allowed to update the issue' do
-    error = "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
+    error = Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR
     post_graphql_mutation(mutation, current_user: create(:user))
 
     expect(graphql_errors).to include(a_hash_including('message' => error))

spec/requests/api/graphql/mutations/issues/set_severity_spec.rb

@@ -35,7 +35,7 @@ RSpec.describe 'Setting severity level of an incident' do
 
   context 'when the user is not allowed to update the incident' do
     it 'returns an error' do
-      error = "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
+      error = Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR
       post_graphql_mutation(mutation, current_user: user)
 
       expect(response).to have_gitlab_http_status(:success)

spec/requests/api/graphql/mutations/releases/create_spec.rb

@@ -342,7 +342,7 @@ RSpec.describe 'Creation of a new release' do
   end
 
   context "when the current user doesn't have access to create releases" do
-    expected_error_message = "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
+    expected_error_message = Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR
 
     context 'when the current user is a Reporter' do
       let(:current_user) { reporter }

spec/requests/api/graphql/mutations/releases/delete_spec.rb

@@ -50,7 +50,7 @@ RSpec.describe 'Deleting a release' do
 
       expect(mutation_response).to be_nil
       expect(graphql_errors.count).to eq(1)
-      expect(graphql_errors.first['message']).to eq("The resource that you are attempting to access does not exist or you don't have permission to perform this action")
+      expect(graphql_errors.first['message']).to eq(Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
     end
   end
 

spec/requests/api/graphql/mutations/releases/update_spec.rb

@@ -218,13 +218,13 @@ RSpec.describe 'Updating an existing release' do
       context 'when the project does not exist' do
         let(:mutation_arguments) { super().merge(projectPath: 'not/a/real/path') }
 
-        it_behaves_like 'top-level error with message', "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
+        it_behaves_like 'top-level error with message', Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR
       end
     end
   end
 
   context "when the current user doesn't have access to update releases" do
-    expected_error_message = "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
+    expected_error_message = Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR
 
     context 'when the current user is a Reporter' do
       let(:current_user) { reporter }

spec/support/shared_examples/requests/api/graphql/mutations/destroy_list_shared_examples.rb

@@ -28,7 +28,7 @@ RSpec.shared_examples 'board lists destroy request' do
     it 'returns an error' do
       subject
 
-      expect(graphql_errors.first['message']).to include("The resource that you are attempting to access does not exist or you don't have permission to perform this action")
+      expect(graphql_errors.first['message']).to include(Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
     end
   end