2019-09-30 21:07:59 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
module Mutations
|
|
|
|
module Notes
|
|
|
|
module Create
|
|
|
|
# This is a Base class for the Note creation Mutations and is not
|
|
|
|
# mounted as a GraphQL mutation itself.
|
|
|
|
class Base < Mutations::Notes::Base
|
|
|
|
authorize :create_note
|
|
|
|
|
|
|
|
argument :noteable_id,
|
2021-01-03 14:25:43 +05:30
|
|
|
::Types::GlobalIDType[::Noteable],
|
2019-09-30 21:07:59 +05:30
|
|
|
required: true,
|
2021-10-27 15:23:28 +05:30
|
|
|
description: 'Global ID of the resource to add a note to.'
|
2019-09-30 21:07:59 +05:30
|
|
|
|
|
|
|
argument :body,
|
2021-10-27 15:23:28 +05:30
|
|
|
GraphQL::Types::String,
|
2019-09-30 21:07:59 +05:30
|
|
|
required: true,
|
|
|
|
description: copy_field_description(Types::Notes::NoteType, :body)
|
|
|
|
|
2020-07-28 23:09:34 +05:30
|
|
|
argument :confidential,
|
2021-10-27 15:23:28 +05:30
|
|
|
GraphQL::Types::Boolean,
|
2020-07-28 23:09:34 +05:30
|
|
|
required: false,
|
2021-10-27 15:23:28 +05:30
|
|
|
description: 'Confidentiality flag of a note. Default is false.'
|
2020-07-28 23:09:34 +05:30
|
|
|
|
2019-09-30 21:07:59 +05:30
|
|
|
def resolve(args)
|
|
|
|
noteable = authorized_find!(id: args[:noteable_id])
|
2021-03-11 19:13:27 +05:30
|
|
|
verify_rate_limit!(current_user)
|
2019-09-30 21:07:59 +05:30
|
|
|
|
|
|
|
note = ::Notes::CreateService.new(
|
|
|
|
noteable.project,
|
|
|
|
current_user,
|
|
|
|
create_note_params(noteable, args)
|
|
|
|
).execute
|
|
|
|
|
|
|
|
{
|
|
|
|
note: (note if note.persisted?),
|
|
|
|
errors: errors_on_object(note)
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
2019-12-04 20:38:33 +05:30
|
|
|
private
|
|
|
|
|
2021-01-03 14:25:43 +05:30
|
|
|
def find_object(id:)
|
|
|
|
# TODO: remove explicit coercion once compatibility layer has been removed
|
|
|
|
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
|
|
|
|
id = ::Types::GlobalIDType[::Noteable].coerce_isolated_input(id)
|
|
|
|
GitlabSchema.find_by_gid(id)
|
|
|
|
end
|
|
|
|
|
2019-09-30 21:07:59 +05:30
|
|
|
def create_note_params(noteable, args)
|
|
|
|
{
|
|
|
|
noteable: noteable,
|
2020-07-28 23:09:34 +05:30
|
|
|
note: args[:body],
|
|
|
|
confidential: args[:confidential]
|
2019-09-30 21:07:59 +05:30
|
|
|
}
|
|
|
|
end
|
2021-03-11 19:13:27 +05:30
|
|
|
|
|
|
|
def verify_rate_limit!(current_user)
|
|
|
|
return unless rate_limit_throttled?
|
|
|
|
|
|
|
|
raise Gitlab::Graphql::Errors::ResourceNotAvailable,
|
|
|
|
'This endpoint has been requested too many times. Try again later.'
|
|
|
|
end
|
|
|
|
|
|
|
|
def rate_limit_throttled?
|
|
|
|
rate_limiter = ::Gitlab::ApplicationRateLimiter
|
|
|
|
allowlist = Gitlab::CurrentSettings.current_application_settings.notes_create_limit_allowlist
|
|
|
|
|
|
|
|
rate_limiter.throttled?(:notes_create, scope: [current_user], users_allowlist: allowlist)
|
|
|
|
end
|
2019-09-30 21:07:59 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|