Commits · 8d7a47f89f2488e5373101f5cd36517f93531382 · nexedi / gitlab-ce

18 Mar, 2021 1 commit

Replace Authorize instrument with gem auth · 8d7a47f8

charlie ablett authored Mar 18, 2021

This changes our GraphQL code to use the built-in `#authorize` methods
to handle permissions.

We originally implemented this functionality with a field-extension,
but this is no longer necessary. This commit replaces that unnecessary
field extension with implementations of `BaseObject#authorize` that
use our policy framework.

Significant changes included here:

- field authorization now works as per the library specification: it
  authorizes against the current object, not the resolved value.
  To apply permissions to the resolved value, use the type permissions.
- we allow resolvers to do the same (opt-in).
- we extend authorization to enums (currently no enums use
  authorization).

Note on enums:
We don't actually have any authorization on enums, but we need to detect
that efficiently. By supporting `ObjectAuthorization`, we can skip
redaction now, and support it later (if we add enum members that require
special authorization to see).

Removals:

- The ManualAuthorization temporary class
- The synchronized_object method on BaseResolver
- Field.authorize DSL method

Changes:

The error raised when there is no auth becomes an internal server
error (ConfigurationError) since it cannot be caused by the client,
and represents a programming mistake.

The board issue move mutation has unnecessary logic removed, and the
test for this is adjusted to verify the correctness of this change.
Co-authored-by: Alex Kalderimis <akalderimis@gitlab.com>
Co-authored-by: Charlie Ablett <cablett@gitlab.com>

8d7a47f8

17 Mar, 2021 39 commits
- Merge branch 'tags-api-performance' into 'master' · 3f1c24ce
  Sean McGivern authored Mar 17, 2021
```
API JSON caching for tags endpoint [RUN ALL RSPEC] [RUN AS-IF-FOSS]

See merge request gitlab-org/gitlab!54975
```
  3f1c24ce
- Merge branch 'btn-confirm-alerts' into 'master' · 75caa70f
  Enrique Alcántara authored Mar 17, 2021
```
Move to confirm variant from success in javascripts/alert_management directory

See merge request gitlab-org/gitlab!56206
```
  75caa70f
- Move to confirm variant from success in javascripts/alert_management directory · b1f64b05
  Yogi authored Mar 17, 2021
  
  b1f64b05
- Merge branch 'develop' into 'master' · d9a57f73
  Mike Jang authored Mar 17, 2021
```
Fixes typo in Frontend Guide docs

See merge request gitlab-org/gitlab!56853
```
  d9a57f73
- Merge branch 'chatops-multiline-messages' into 'master' · 16d2c280
  Arturo Herrero authored Mar 17, 2021
```
Support newlines for the chatops "run" command

See merge request gitlab-org/gitlab!56668
```
  16d2c280
- Merge branch '301010-remove-blank-state-pipelines' into 'master' · 26aafa97
  Mark Florian authored Mar 17, 2021
```
Replace blank state component with gitlab-ui

See merge request gitlab-org/gitlab!56651
```
  26aafa97
- Merge branch 'compliance-frameworks-do-not-submit-pipeline-config-when-disabled' into 'master' · bfa4ebdd
  Vitaly Slobodin authored Mar 17, 2021
```
Exclude the pipeline configuration path from form submission if it is disabled

See merge request gitlab-org/gitlab!56740
```
  bfa4ebdd
- Merge branch '299832-feature-flag-enable-individual-jira-issue-pages' into 'master' · f254fe87
  Amy Qualls authored Mar 17, 2021
```
Add documentation for Jira Issue Detail page

See merge request gitlab-org/gitlab!56182
```
  f254fe87
- Merge branch 'docs-aqualls-revise-notifications-page' into 'master' · d96bcdf7
  Amy Qualls authored Mar 17, 2021
```
Update formatting re: marketing emails

See merge request gitlab-org/gitlab!56804
```
  d96bcdf7
- Update formatting re: marketing emails · 48cc779e
  Amy Qualls authored Mar 17, 2021
```
Fix the formatting - because part of what was on the page was
incorrectly styled - and cross-link between the API and the page
describing the UI feature.
```
  48cc779e
- Merge branch '323483-skip-link-remove-tabindex' into 'master' · 19de8358
  Mark Florian authored Mar 17, 2021
```
Remove tabindex from navigation skip link

See merge request gitlab-org/gitlab!55756
```
  19de8358
- Remove tabindex from navigation skip link · 71ad4765
  Jeremy Elder authored Mar 17, 2021
```
* Since it’s the first focusable item in the DOM it doesn’t need `tabindex`.
* The use of a positive `tabindex` isn’t recommended and can negatively impact focus management.
```
  71ad4765
- Merge branch '301055-update-metrics-definitions-recorded-at' into 'master' · f888c766
  Mikołaj Wawrzyniak authored Mar 17, 2021
```
Update Metrics definitions for recording_ce_finished_at

See merge request gitlab-org/gitlab!56382
```
  f888c766
- Merge branch 'pb-fix-in-progress-for-single-stage-manual-pipelines' into 'master' · 6e0ecc1f
  Vitaly Slobodin authored Mar 17, 2021
```
Add skipped state to duration cell

See merge request gitlab-org/gitlab!56669
```
  6e0ecc1f
- Merge branch '277162-regexp-support-for-search_files_by_name' into 'master' · d262a196
  Peter Leitzen authored Mar 17, 2021
```
Implement wildcard support for file searching in repository

See merge request gitlab-org/gitlab!55871
```
  d262a196
- Implement wildcard support for file searching in repository · d634a988
  Furkan Ayhan authored Mar 17, 2021
```
Gitaly client and Git repository now support regexp searching.
However, Repository model now supports wildcard searching.
```
  d634a988
- Update index.md - fixes typo · fba7f742
  Victor authored Mar 17, 2021
  
  fba7f742
- Merge branch '296855-expose-dismissal-reason-comment' into 'master' · c7e98083
  Vitali Tatarintev authored Mar 17, 2021
```
Expose dismissal reason and dismissal descriptions in Vulnerability details view

See merge request gitlab-org/gitlab!55525
```
  c7e98083
- Merge branch 'skr-networks' into 'master' · b39f2900
  Markus Koller authored Mar 17, 2021
```
Catch network errors when testing integration

See merge request gitlab-org/gitlab!56457
```
  b39f2900
- Catch network errors when testing integration · f8249880
  Shubham Kumar authored Mar 17, 2021
  
  f8249880
- Merge branch 'btn-confirm-pipeline_editor' into 'master' · 82f32b6f
  Phil Hughes authored Mar 17, 2021
```
Move to confirm variant from success in javascripts/pipeline_editor directory

See merge request gitlab-org/gitlab!56200
```
  82f32b6f
- Move to confirm variant from success in javascripts/pipeline_editor directory · 53a93cc5
  Yogi authored Mar 17, 2021
  
  53a93cc5
- Merge branch '284471-use-provide-inject-for-group-full-path' into 'master' · 65a0a021
  Mark Florian authored Mar 17, 2021
```
Use provide/inject for groupFullPath instead of props

See merge request gitlab-org/gitlab!56472
```
  65a0a021
- Use provide/inject for groupFullPath instead of props · 42920455
  Daniel Tian authored Mar 17, 2021
  
  42920455
- Merge branch 'btn-confirm-schedules' into 'master' · ced2b137
  Phil Hughes authored Mar 17, 2021
```
Move from btn-success to btn-confirm in pipeline_schedules directory

See merge request gitlab-org/gitlab!56201
```
  ced2b137
- Move from btn-success to btn-confirm in pipeline_schedules directory · b7533aaa
  Yogi authored Mar 17, 2021
  
  b7533aaa
- Merge branch 'convert-events-to-list-yml' into 'master' · 5526d001
  charlie ablett authored Mar 17, 2021
```
Change array representation of events in YAML list syntax

See merge request gitlab-org/gitlab!56480
```
  5526d001
- Merge branch 'nfriend-add-release-asset-link-delete-mutation' into 'master' · 3e0256dd
  Jan Provaznik authored Mar 17, 2021
```
Add GraphQL mutation to delete release asset link

See merge request gitlab-org/gitlab!56417
```
  3e0256dd
- Add GraphQL mutation to delete release asset link · 6c8db7fa
  Nathan Friend authored Mar 17, 2021
```
This commit adds a new mutation - `releaseAssetLinkDelete` - that
deletes a release asset link.
```
  6c8db7fa
- Merge branch 'update-ci-template-default-branch-5' into 'master' · 0ab6c3f9
  Shinya Maeda authored Mar 17, 2021
```
Update android template to default branch

See merge request gitlab-org/gitlab!56738
```
  0ab6c3f9
- Update android template to default branch · 3c6b84ea
  Marcel Amirault authored Mar 17, 2021
  
  3c6b84ea
- Merge branch 'improve-metric-docs' into 'master' · d1acf508
  Mikołaj Wawrzyniak authored Mar 17, 2021
```
Improve metric docs

See merge request gitlab-org/gitlab!56673
```
  d1acf508
- Merge branch 'kerrizor/extract-delgated-predicate-methods' into 'master' · 542bb6da
  charlie ablett authored Mar 17, 2021
```
Replace delegated predicate methods with boolean-returning methods

See merge request gitlab-org/gitlab!56420
```
  542bb6da
- Merge branch '299465-default-enable-api-fuzzing-configuration-ui-ff' into 'master' · 30148d63
  James Lopez authored Mar 17, 2021
```
Enable api_fuzzing_configuration_ui by default

See merge request gitlab-org/gitlab!56548
```
  30148d63
- Merge branch 'simplify-docs-review-app-trigger' into 'master' · fbe982db
  Albert Salim authored Mar 17, 2021
```
Simplify the triggerring of 'gitlab-docs' Review App pipelines

See merge request gitlab-org/gitlab!53361
```
  fbe982db
- Merge branch '324689-cablett-dedicated-metric-activity-yml-file' into 'master' · a3bd306a
  Mikołaj Wawrzyniak authored Mar 17, 2021
```
Modify epic usage ping key to organise into separate file

See merge request gitlab-org/gitlab!56724
```
  a3bd306a
- Merge branch 'release-tools/update-gitaly' into 'master' · c0e30987
  🤖 GitLab Bot 🤖 authored Mar 17, 2021
```
Update Gitaly version

See merge request gitlab-org/gitlab!56834
```
  c0e30987
- Exclude the pipeline config if disabled · 377354af
  Robert Hunt authored Mar 16, 2021
```
If the pipeline config is enabled, it is added to the submission params
otherwise we won't send it. This needs to change because the backend
now expects the value to not be sent if the feature is disabled
```
  377354af
- Merge branch '321464-fix-file-commit' into 'master' · 3181eaad
  Sanad Liaquat authored Mar 17, 2021
```
Fix file commit error for system cancels merge train spec

See merge request gitlab-org/gitlab!55219
```
  3181eaad