Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GraphQL API: Site Permissions #880

Open
wants to merge 5 commits into
base: the-future
Choose a base branch
from
Open

GraphQL API: Site Permissions #880

wants to merge 5 commits into from
+109 −1

Conversation

NuckChorris
Copy link
Member

@NuckChorris NuckChorris commented Oct 31, 2020
edited
Loading

What

mutation {
  account {
    setSitePermissions(input: { accountId: "5554", permissions: [ADMIN] }) {
      account {
        id
        permissions
      }
    }
  }
}

Why

Whenever we add and remove moderators, I have to pop into a rails console to manually do it. This is the first step to on-site permission management.

Checklist

  • All files pass Rubocop
  • Any complex logic is commented
  • Any new systems have thorough documentation
  • Any user-facing changes are behind a feature flag (or: explain why they can't be)
  • All the tests pass
  • Tests have been added to cover the new code

toyhammered
toyhammered requested changes Oct 31, 2020
View reviewed changes
Copy link
Member

@toyhammered toyhammered left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

couple small questions, but love it!

app/graphql/mutations/account/grant_site_permission.rb Outdated Show resolved Hide resolved
app/graphql/mutations/account/grant_site_permission.rb Outdated Show resolved Hide resolved
app/graphql/mutations/account/revoke_site_permission.rb Outdated Show resolved Hide resolved
app/graphql/types/mutation_type.rb Outdated Show resolved Hide resolved
Base automatically changed from mod-flags to the-future November 1, 2020 02:42
@NuckChorris NuckChorris mentioned this pull request Nov 1, 2020
Merged
6 tasks
@codeclimate
Copy link

codeclimate bot commented Nov 1, 2020

Code Climate has analyzed commit 62ad2f3 and detected 0 issues on this pull request.

View more on Code Climate.

toyhammered
toyhammered reviewed Nov 1, 2020
View reviewed changes
Copy link
Member

@toyhammered toyhammered left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some questions, but looks good for the most part!

app/graphql/mutations/account/set_site_permissions.rb
Comment on lines +14 to +17
res = Accounts::SetSitePermissions.call(
user: input.account,
permissions: permissions
)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What type of errors can happen here and should we account for them?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

UnknownPermissions could happen due to a programming error but otherwise it won't happen, and the only other ones are RecordNotFound or RecordInvalid which I believe are accounted for automatically

app/graphql/types/input/account/set_site_permissions.rb
Comment on lines +11 to +13
def load_account(value)
::User.find(value)
end
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want this here, or inside the mutation?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here, because we use it in authorized?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ooooh, I see what you've done. If you want to go that route shouldn't we rename the value argument to id to be more specific?

Also unless I am thinking of this wrong from the load_account it takes what that returns and passes that along to the authorized? method (which would be a user) not an input?

I'll test this locally tomorrow because either this won't work at all or you are about to teach me something new (and I'm hoping it is the latter because this really opens up the possibilities).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think I'm doing anything weird, I'm pretty sure I've just copied it from your stuff… my thinking is that this should run on the input type to load the record and then when authorized? runs it's available as input.account

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So the load_* isn't actually related to an input. Its the graphql-ruby gem magic and it must be in the mutation file itself.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codeclimate codeclimate[bot] codeclimate[bot] left review comments

@toyhammered toyhammered toyhammered requested changes

@matthewdias matthewdias Awaiting requested review from matthewdias

@wopian wopian Awaiting requested review from wopian

Assignees
No one assigned
Labels
Updates Needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@NuckChorris @toyhammered