-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: check authorization for GQL owners #426
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #426 +/- ##
=======================================
+ Coverage 95.65 95.72 +0.07
=======================================
Files 763 763
Lines 17504 17751 +247
=======================================
+ Hits 16743 16991 +248
+ Misses 761 760 -1
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #426 +/- ##
==========================================
+ Coverage 96.04% 96.05% +0.01%
==========================================
Files 643 643
Lines 17057 17080 +23
==========================================
+ Hits 16382 16407 +25
+ Misses 675 673 -2
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
Codecov ReportAll modified and coverable lines are covered by tests ✅
@@ Coverage Diff @@
## main #426 +/- ##
==========================================
+ Coverage 96.04% 96.06% +0.01%
==========================================
Files 643 643
Lines 17057 17082 +25
==========================================
+ Hits 16382 16409 +27
+ Misses 675 673 -2
Flags with carried forward coverage won't be shown. Click here to find out more.
|
Codecov ReportAll modified and coverable lines are covered by tests ✅ 📢 Thoughts on this report? Let us know! |
@@ -15,21 +15,21 @@ type Owner { | |||
repository(name: String!): RepositoryResult! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These fields can be null now, when the user is not part of the the field will be null and will also have error in the response with the appropriate message.
@@ -57,5 +58,20 @@ def authenticated_resolver(instance, info, *args, **kwargs): | |||
return authenticated_resolver | |||
|
|||
|
|||
def require_part_of_org(resolver): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is it easy to add a UT for this guy?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this function should be fully covered with the test_owner.py tests
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
just a small comment about UT but otherwise looks good
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cool
Purpose/Motivation
Add a authentication and authorization for a few sensitive fields in the Owners query, we don't want to expose these information to users that don't belong in this org.
Links to relevant tickets
codecov/engineering-team#1082
Legal Boilerplate
Look, I get it. The entity doing business as "Sentry" was incorporated in the State of Delaware in 2015 as Functional Software, Inc. In 2022 this entity acquired Codecov and as result Sentry is going to need some rights from me in order to utilize my contributions in this PR. So here's the deal: I retain all rights, title and interest in and to my contributions, and by keeping this boilerplate intact I confirm that Sentry can use, modify, copy, and redistribute my contributions, under Sentry's choice of terms.