From db49e962f4009c10a330141350681f54bc971a3b Mon Sep 17 00:00:00 2001
From: Jake Barnby <jakeb994@gmail.com>
Date: Fri, 28 Oct 2022 20:12:11 +1300
Subject: [PATCH] Use abuse status instead of dev/prod for graphql abuse check

---
 app/controllers/api/graphql.php          | 2 +-
 tests/e2e/Services/GraphQL/AbuseTest.php | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/controllers/api/graphql.php b/app/controllers/api/graphql.php
index 63b0ec1076..c9c62be089 100644
--- a/app/controllers/api/graphql.php
+++ b/app/controllers/api/graphql.php
@@ -137,7 +137,7 @@ function execute(
     $flags = DebugFlag::INCLUDE_DEBUG_MESSAGE | DebugFlag::INCLUDE_TRACE;
     $validations = GraphQL::getStandardValidationRules();
 
-    if (App::isProduction()) {
+    if (App::getEnv('_APP_OPTIONS_ABUSE', 'enabled') !== 'disabled') {
         $validations[] = new DisableIntrospection();
         $validations[] = new QueryComplexity($maxComplexity);
         $validations[] = new QueryDepth($maxDepth);
diff --git a/tests/e2e/Services/GraphQL/AbuseTest.php b/tests/e2e/Services/GraphQL/AbuseTest.php
index c07d960ac1..77b77c4579 100644
--- a/tests/e2e/Services/GraphQL/AbuseTest.php
+++ b/tests/e2e/Services/GraphQL/AbuseTest.php
@@ -20,8 +20,8 @@ class AbuseTest extends Scope
     {
         parent::setUp();
 
-        if (App::isDevelopment()) {
-            $this->markTestSkipped('Skipping abuse test in development environment');
+        if (App::getEnv('_APP_OPTIONS_ABUSE') === 'disabled') {
+            $this->markTestSkipped('Abuse is not enabled.');
         }
     }