Add GraphQL queries for abuse report notes
What does this MR do and why?
- Resolves sub-task 2 of https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/168 and follows-up from !132505 (merged)
- Implements the
NoteableInterface
in GraphQL'sAbuseReportType
- It updates the abuse report policy to allow admins to create notes. As part of that it also exposes an abuse report permission type
- In the frontend, it creates the GraphQL queries to create, read, update & delete notes on an abuse report.
How to set up and validate locally
- Create an abuse report from the rails console. Note down the ID of the report created for step 3.
AbuseReport.create(user: User.last, reporter: User.first, message: "obvious spam")
- Log-in as an admin and navigate to
127.0.0.1:3000/-/graphql-explorer
. Then, try to run the following queries/mutations to create, read, update, delete notes on an abuse report.
3. Create a Note
fragment Author on User {
id
avatarUrl
name
username
webUrl
}
fragment AbuseReportNotePermissions on NotePermissions {
adminNote
}
fragment AbuseReportNote on Note {
id
author {
...Author
}
body
bodyHtml
createdAt
resolved
userPermissions {
...AbuseReportNotePermissions
}
discussion {
id
notes {
nodes {
id
}
}
}
}
mutation createAbuseReportNote($input: CreateNoteInput!) {
createNote(input: $input) {
note {
id
discussion {
id
notes {
nodes {
...AbuseReportNote
}
}
}
}
errors
}
}
# QUERY VARIABLES
{
"input": {
"noteableId": "gid://gitlab/AbuseReport/<ID of Abuse Report>",
"body": "Test Note",
"discussionId": null,
"internal": false
}
}
4. Read a Note
fragment Author on User {
id
avatarUrl
name
username
webUrl
}
fragment AbuseReportNotePermissions on NotePermissions {
adminNote
}
fragment AbuseReportNote on Note {
id
author {
...Author
}
body
bodyHtml
createdAt
resolved
userPermissions {
...AbuseReportNotePermissions
}
discussion {
id
notes {
nodes {
id
}
}
}
}
fragment AbuseReportDiscussionResolvedStatus on Discussion {
id
resolvable
resolved
resolvedAt
resolvedBy {
id
name
webUrl
}
}
query ($id: AbuseReportID!) {
abuseReport(id: $id) {
discussions {
nodes {
id
replyId
...AbuseReportDiscussionResolvedStatus
notes {
nodes {
...AbuseReportNote
}
}
}
}
labels {
nodes {
id
title
description
color
textColor
}
}
}
}
# QUERY VARIABLES
{
"id": "gid://gitlab/AbuseReport/<ID of Abuse Report>"
}
5. Update a Note
fragment Author on User {
id
avatarUrl
name
username
webUrl
}
fragment AbuseReportNotePermissions on NotePermissions {
adminNote
}
fragment AbuseReportNote on Note {
id
author {
...Author
}
body
bodyHtml
createdAt
resolved
userPermissions {
...AbuseReportNotePermissions
}
discussion {
id
notes {
nodes {
id
}
}
}
}
mutation updateAbuseReportNote($input: UpdateNoteInput!) {
updateNote(input: $input) {
note {
...AbuseReportNote
}
errors
}
}
# QUERY VARIABLES
{
"input": {
"body": "Updated Note",
"id": <ID of note from step 3>
}
}
6. Delete a Note
mutation deleteWorkItemNote($input: DestroyNoteInput!) {
destroyNote(input: $input) {
note {
id
}
}
}
# QUERY VARIABLES
{
"input": {
"id": <ID of note from step 3>
}
}
Edited by Hinam Mehra