Handle unauthorized loading failure for GraphQL custom InputObjects
When the authorization check fails for an object, the default behavior of the GraphQL gem is to ignore the entire mutation and return nil. In GitLab, we prefer to return an error as done in Mutations::BaseMutation
:
# https://gitlab.com/gitlab-org/gitlab/-/blob/7359d23f4e078479969c872924150219c6f1665f/app/graphql/mutations/base_mutation.rb#L46
def unauthorized_object(error)
# The default behavior is to abort processing and return nil for the
# entire mutation field, but not set any top-level errors. We prefer to
# at least say that something went wrong.
Gitlab::ErrorTracking.track_exception(error)
raise_resource_not_available_error!
end
The above handling does not work if a mutation uses custom InputObjects like IterationInputType
. We need to also customize the behavior by adding the same custom implementation to Types::BaseInputObject
.