debian-mirror-gitlab/app/graphql/mutations/notes/create/base.rb

# frozen_string_literal: true

module Mutations
  module Notes
    module Create
      # This is a Base class for the Note creation Mutations and is not
      # mounted as a GraphQL mutation itself.
      class Base < Mutations::Notes::Base
        authorize :create_note

        argument :noteable_id,
                 ::Types::GlobalIDType[::Noteable],
                  required: true,
                  description: 'Global ID of the resource to add a note to.'

        argument :body,
                  GraphQL::Types::String,
                  required: true,
                  description: copy_field_description(Types::Notes::NoteType, :body)

        argument :confidential,
                  GraphQL::Types::Boolean,
                  required: false,
                  description: 'Confidentiality flag of a note. Default is false.'

        def resolve(args)
          noteable = authorized_find!(id: args[:noteable_id])
          verify_rate_limit!(current_user)

          note = ::Notes::CreateService.new(
            noteable.project,
            current_user,
            create_note_params(noteable, args)
          ).execute

          {
            note: (note if note.persisted?),
            errors: errors_on_object(note)
          }
        end

        private

        def find_object(id:)
          # TODO: remove explicit coercion once compatibility layer has been removed
          # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
          id = ::Types::GlobalIDType[::Noteable].coerce_isolated_input(id)
          GitlabSchema.find_by_gid(id)
        end

        def create_note_params(noteable, args)
          {
            noteable: noteable,
            note: args[:body],
            confidential: args[:confidential]
          }
        end

        def verify_rate_limit!(current_user)
          return unless rate_limit_throttled?

          raise Gitlab::Graphql::Errors::ResourceNotAvailable,
            'This endpoint has been requested too many times. Try again later.'
        end

        def rate_limit_throttled?
          rate_limiter = ::Gitlab::ApplicationRateLimiter
          allowlist = Gitlab::CurrentSettings.current_application_settings.notes_create_limit_allowlist

          rate_limiter.throttled?(:notes_create, scope: [current_user], users_allowlist: allowlist)
        end
      end
    end
  end
end
New upstream version 12.1.11 2019-09-30 21:07:59 +05:30			`# frozen_string_literal: true`

			`module Mutations`
			`module Notes`
			`module Create`
			`# This is a Base class for the Note creation Mutations and is not`
			`# mounted as a GraphQL mutation itself.`
			`class Base < Mutations::Notes::Base`
			`authorize :create_note`

			`argument :noteable_id,`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`::Types::GlobalIDType[::Noteable],`
New upstream version 12.1.11 2019-09-30 21:07:59 +05:30			`required: true,`
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`description: 'Global ID of the resource to add a note to.'`
New upstream version 12.1.11 2019-09-30 21:07:59 +05:30
			`argument :body,`
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`GraphQL::Types::String,`
New upstream version 12.1.11 2019-09-30 21:07:59 +05:30			`required: true,`
			`description: copy_field_description(Types::Notes::NoteType, :body)`

New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`argument :confidential,`
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`GraphQL::Types::Boolean,`
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`required: false,`
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`description: 'Confidentiality flag of a note. Default is false.'`
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30
New upstream version 12.1.11 2019-09-30 21:07:59 +05:30			`def resolve(args)`
			`noteable = authorized_find!(id: args[:noteable_id])`
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`verify_rate_limit!(current_user)`
New upstream version 12.1.11 2019-09-30 21:07:59 +05:30
			`note = ::Notes::CreateService.new(`
			`noteable.project,`
			`current_user,`
			`create_note_params(noteable, args)`
			`).execute`

			`{`
			`note: (note if note.persisted?),`
			`errors: errors_on_object(note)`
			`}`
			`end`

New upstream version 12.3.8 2019-12-04 20:38:33 +05:30			`private`

New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`def find_object(id:)`
			`# TODO: remove explicit coercion once compatibility layer has been removed`
			`# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883`
			`id = ::Types::GlobalIDType[::Noteable].coerce_isolated_input(id)`
			`GitlabSchema.find_by_gid(id)`
			`end`

New upstream version 12.1.11 2019-09-30 21:07:59 +05:30			`def create_note_params(noteable, args)`
			`{`
			`noteable: noteable,`
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`note: args[:body],`
			`confidential: args[:confidential]`
New upstream version 12.1.11 2019-09-30 21:07:59 +05:30			`}`
			`end`
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30
			`def verify_rate_limit!(current_user)`
			`return unless rate_limit_throttled?`

			`raise Gitlab::Graphql::Errors::ResourceNotAvailable,`
			`'This endpoint has been requested too many times. Try again later.'`
			`end`

			`def rate_limit_throttled?`
			`rate_limiter = ::Gitlab::ApplicationRateLimiter`
			`allowlist = Gitlab::CurrentSettings.current_application_settings.notes_create_limit_allowlist`

			`rate_limiter.throttled?(:notes_create, scope: [current_user], users_allowlist: allowlist)`
			`end`
New upstream version 12.1.11 2019-09-30 21:07:59 +05:30			`end`
			`end`
			`end`
			`end`