diff options
Diffstat (limited to 'app/graphql/mutations/snippets')
| -rw-r--r-- | app/graphql/mutations/snippets/base.rb | 2 | ||||
| -rw-r--r-- | app/graphql/mutations/snippets/create.rb | 9 |
2 files changed, 11 insertions, 0 deletions
diff --git a/app/graphql/mutations/snippets/base.rb b/app/graphql/mutations/snippets/base.rb index 9dc6d49774e..c8cc721b2e0 100644 --- a/app/graphql/mutations/snippets/base.rb +++ b/app/graphql/mutations/snippets/base.rb @@ -15,6 +15,8 @@ module Mutations end def authorized_resource?(snippet) + return false if snippet.nil? + Ability.allowed?(context[:current_user], ability_for(snippet), snippet) end diff --git a/app/graphql/mutations/snippets/create.rb b/app/graphql/mutations/snippets/create.rb index 266a123de82..6fc223fbee7 100644 --- a/app/graphql/mutations/snippets/create.rb +++ b/app/graphql/mutations/snippets/create.rb @@ -36,6 +36,10 @@ module Mutations required: false, description: 'The project full path the snippet is associated with' + argument :uploaded_files, [GraphQL::STRING_TYPE], + required: false, + description: 'The paths to files uploaded in the snippet description' + def resolve(args) project_path = args.delete(:project_path) @@ -45,9 +49,14 @@ module Mutations raise_resource_not_available_error! end + # We need to rename `uploaded_files` into `files` because + # it's the expected key param + args[:files] = args.delete(:uploaded_files) + service_response = ::Snippets::CreateService.new(project, context[:current_user], args).execute + snippet = service_response.payload[:snippet] { |