DEVPROD-3065: Update directive to handle SetLastRevision permission #7689
Conversation
| @@ -136,6 +138,29 @@ func New(apiURL string) Config { | |||
| } | |||
| } | |||
|
|
|||
| if operationContext == SetLastRevisionMutation { | |||
| projectIdentifier, ok := args["opts"].(map[string]interface{})["projectIdentifier"].(string) | |||
There was a problem hiding this comment.
Can we just retrieve the project ID directly from the request or is that not possible?
There was a problem hiding this comment.
Could you show me which data structure you're referring to? "opts" refers to the mutation parameter where the directive was applied.
graphql/resolver.go
Outdated
| opts := gimlet.PermissionOpts{ | ||
| Resource: project.Id, | ||
| ResourceType: evergreen.ProjectResourceType, | ||
| Permission: evergreen.PermissionProjectSettings, | ||
| RequiredLevel: evergreen.ProjectSettingsEdit.Value, |
There was a problem hiding this comment.
Since these opts are shared by CopyProjectMutation, DeleteProjectMutation and SetLastRevisionMutation, I wonder if we can refactor a bit to make it less repetitive. I imagine CreateProjectMutation might eventually belong in a different directive like how the legacy UI does it
minnakt
changed the title
Co-authored-by: minnakt <[email protected]>
SupaJoon
requested review from
hadjri and
minnakt
and removed request for
hadjri
I was able to test the changes in staging by executing the code-block within the SetLastRevision condition. |
graphql/resolver.go
Outdated
| @@ -104,17 +106,21 @@ func New(apiURL string) Config { | |||
| } | |||
| } | |||
|
|
|||
| generatePermissionOpts := func(projectId string) gimlet.PermissionOpts { | |||
There was a problem hiding this comment.
nit. maybe getPermissionOpts would be a good name, i feel like generate implies something fancier
| @@ -104,17 +106,21 @@ func New(apiURL string) Config { | |||
| } | |||
| } | |||
There was a problem hiding this comment.
(request) can we move the block for CreateProjectMutation above the declaration of the args variable, since it doesn't use the args variable?
DEVPROD-3065
Description
SetLastRevision requires "edit project" permissions based on legacy code.
This mutation should always fail when dispatched from Spruce but it passes in during GQL integration tests and local EVG GQL playground. I think we discovered this before but I'm failing to find the ticket.