Expose approval rules in MergeRequest GraphQL object

Why are we doing this work

There's been a customer question about using the GraphQL API to see MR vulnerability-check approvals. This is currently only possible in the REST API.

On top of being a customer request, it's also part of the GraphQL Vision:

anything possible in the REST API should also be possible in the GraphQL API.

Relevant links

REST Get the approval state of merge requests
GraphQL MergeRequest

Non-functional requirements

Documentation: as required by GraphQL implementation
Feature flag: N/A
Performance: TBC
Testing: specs

Implementation plan

backend Introduce a new field for the MergeRequest GraphQL type called approval_state and its type with the following fields;
- approval_rules_overwritten Boolean not null
- rules with the type of a collection of ApprovalRule(not null). This is a new type with the following fields;
  - id ID not null
  - name String not null
  - rule_type Enum defined in ApprovalProjectRule model not null
  - approvals_required Integer not null
  - approved Boolean not null
  - overridden Boolean not null
  - contains_hidden_groups Boolean not null
  - source_rule type of an ApprovalRule can be null
  - eligible_approvers list of Users
  - users list of Users
  - approved_by list of Users
  - groups list of Groups

Note: We can check the existing entity and presenter classes to figure out how these fields are populated on REST API to implement similar logic or use existing ones on GraphQL API.

/cc @matt_wilson

Edited Aug 24, 2021 by Alan (Maciej) Paruszewski

Assignee Loading

Time tracking Loading

Confidentiality

Confidentiality controls have moved to the issue actions menu () at the top of the page.