Merge two graphql queries into one

JoannaaKL · JoannaaKL · commit 77ef6d0a4b54 · 2025-11-07T13:27:57.000+01:00
diff --git a/pkg/github/issues.go b/pkg/github/issues.go
@@ -327,7 +327,10 @@ func GetIssue(ctx context.Context, client *github.Client, gqlClient *githubv4.Cl
 
 	if flags.LockdownMode {
 		if issue.User != nil && issue.Repository != nil && issue.Repository.Owner != nil && issue.Repository.Name != nil {
-			shouldRemoveContent := lockdown.ShouldRemoveContent(ctx, gqlClient, *issue.User.Login, *issue.Repository.Owner.Login, *issue.Repository.Name)
+			shouldRemoveContent, err := lockdown.ShouldRemoveContent(ctx, gqlClient, *issue.User.Login, *issue.Repository.Owner.Login, *issue.Repository.Name)
+			if err != nil {
+				return mcp.NewToolResultError(fmt.Sprintf("failed to check lockdown mode: %v", err)), nil
+			}
 			if shouldRemoveContent {
 				return mcp.NewToolResultError("access to issue details is restricted by lockdown mode"), nil
 			}
diff --git a/pkg/github/issues_test.go b/pkg/github/issues_test.go
@@ -108,16 +108,28 @@ func Test_GetIssue(t *testing.T) {
 				githubv4mock.NewQueryMatcher(
 					struct {
 						Repository struct {
-							IsPrivate githubv4.Boolean
+							IsPrivate     githubv4.Boolean
+							Collaborators struct {
+								Edges []struct {
+									Permission githubv4.String
+									Node       struct {
+										Login githubv4.String
+									}
+								}
+							} `graphql:"collaborators(query: $username, first: 1)"`
 						} `graphql:"repository(owner: $owner, name: $name)"`
 					}{},
 					map[string]any{
-						"owner": githubv4.String("owner"),
-						"name":  githubv4.String("repo"),
+						"owner":    githubv4.String("owner"),
+						"name":     githubv4.String("repo"),
+						"username": githubv4.String("testuser"),
 					},
 					githubv4mock.DataResponse(map[string]any{
 						"repository": map[string]any{
 							"isPrivate": true,
+							"collaborators": map[string]any{
+								"edges": []any{},
+							},
 						},
 					}),
 				),
@@ -143,22 +155,7 @@ func Test_GetIssue(t *testing.T) {
 				githubv4mock.NewQueryMatcher(
 					struct {
 						Repository struct {
-							IsPrivate githubv4.Boolean
-						} `graphql:"repository(owner: $owner, name: $name)"`
-					}{},
-					map[string]any{
-						"owner": githubv4.String("owner"),
-						"name":  githubv4.String("repo"),
-					},
-					githubv4mock.DataResponse(map[string]any{
-						"repository": map[string]any{
-							"isPrivate": false,
-						},
-					}),
-				),
-				githubv4mock.NewQueryMatcher(
-					struct {
-						Repository struct {
+							IsPrivate     githubv4.Boolean
 							Collaborators struct {
 								Edges []struct {
 									Permission githubv4.String
@@ -176,6 +173,7 @@ func Test_GetIssue(t *testing.T) {
 					},
 					githubv4mock.DataResponse(map[string]any{
 						"repository": map[string]any{
+							"isPrivate": false,
 							"collaborators": map[string]any{
 								"edges": []any{
 									map[string]any{
diff --git a/pkg/lockdown/lockdown.go b/pkg/lockdown/lockdown.go
@@ -9,7 +9,7 @@ import (
 )
 
 func ShouldRemoveContent(ctx context.Context, client *githubv4.Client, username, owner, repo string) (bool, error) {
-	isPrivate, err := IsPrivateRepo(ctx, client, owner, repo)
+	isPrivate, hasPushAccess, err := repoAccessInfo(ctx, client, username, owner, repo)
 	if err != nil {
 		return false, err
 	}
@@ -18,21 +18,18 @@ func ShouldRemoveContent(ctx context.Context, client *githubv4.Client, username,
 	if isPrivate {
 		return false, nil
 	}
-	hasPushAccess, err := HasPushAccess(ctx, client, username, owner, repo)
-	if err != nil {
-		return false, err
-	}
 
 	return !hasPushAccess, nil
 }
 
-func HasPushAccess(ctx context.Context, client *githubv4.Client, username, owner, repo string) (bool, error) {
+func repoAccessInfo(ctx context.Context, client *githubv4.Client, username, owner, repo string) (bool, bool, error) {
 	if client == nil {
-		return false, fmt.Errorf("nil GraphQL client")
+		return false, false, fmt.Errorf("nil GraphQL client")
 	}
 
 	var query struct {
 		Repository struct {
+			IsPrivate     githubv4.Boolean
 			Collaborators struct {
 				Edges []struct {
 					Permission githubv4.String
@@ -52,7 +49,7 @@ func HasPushAccess(ctx context.Context, client *githubv4.Client, username, owner
 
 	err := client.Query(ctx, &query, variables)
 	if err != nil {
-		return false, fmt.Errorf("failed to query user permissions: %w", err)
+		return false, false, fmt.Errorf("failed to query repository access info: %w", err)
 	}
 
 	// Check if the user has push access
@@ -67,30 +64,5 @@ func HasPushAccess(ctx context.Context, client *githubv4.Client, username, owner
 		}
 	}
 
-	return hasPush, nil
-}
-
-// IsPrivateRepo checks if a repository is private using GraphQL
-func IsPrivateRepo(ctx context.Context, client *githubv4.Client, owner, repo string) (bool, error) {
-	if client == nil {
-		return false, fmt.Errorf("nil GraphQL client")
-	}
-
-	var query struct {
-		Repository struct {
-			IsPrivate githubv4.Boolean
-		} `graphql:"repository(owner: $owner, name: $name)"`
-	}
-
-	variables := map[string]interface{}{
-		"owner": githubv4.String(owner),
-		"name":  githubv4.String(repo),
-	}
-
-	err := client.Query(ctx, &query, variables)
-	if err != nil {
-		return false, fmt.Errorf("failed to query repository visibility: %w", err)
-	}
-
-	return bool(query.Repository.IsPrivate), nil
+	return bool(query.Repository.IsPrivate), hasPush, nil
 }
