Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Tree: ad8b4770f8
Branches Tags
zammad
/
app
/
graphql
/
gql
/
fields
/
scoped_field.rb

scoped_field.rb 954 B
History Raw

123456789101112131415161718192021222324252627282930 
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
    2. 

  2. 

  3. module Gql::Fields
    4. 

  4. 

  5.   # Represents fields that can be restricted by by Pundit 'FieldScope' results.
    6. 

  6.   class ScopedField < BaseField
    7. 

  7. 

  8.     def initialize(*args, **kwargs, &)
    9. 

  9.       # Schema verification check: require nullability for scoped fields.
    10. 

  10.       if !kwargs[:null].nil? && !kwargs[:null]
    11. 

  11.         raise "The scoped field #{kwargs[:name]} must be nullable."
    12. 

  12.       end
    13. 

  13. 

  14.       super
    15. 

  15.     end
    16. 

  16. 

  17.     # If a field is not authorized, just return 'nil' rather than throwing a GraphQL error.
    18. 

  18.     def resolve(object, args, context)
    19. 

  19.       field_authorized?(object) ? super : nil
    20. 

  20.     end
    21. 

  21. 

  22.     private
    23. 

  23. 

  24.     def field_authorized?(object)
    25. 

  25.       pundit_result = object.cached_pundit_authorize
    26. 

  26.       # Check if the pundit result is a 'FieldScope' object.
    27. 

  27.       pundit_result.respond_to?(:field_authorized?) ? pundit_result.field_authorized?(original_name) : !!pundit_result
    28. 

  28.     end
    29. 

  29.   end
    30. 

  30. end
    31.