graphql-relay-walker 0.0.10 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: f313210bb570cb222d880fe8366826dac2a67dfa
-  data.tar.gz: 526a75f19efffb79fa3daba6cf232bc4ce198e17
+SHA256:
+  metadata.gz: 00cf59d81c662ef188eb65959cc248670a7903f1106bdf8fff03f8bfe1806fb4
+  data.tar.gz: cf5fbf3ff44b0021eb52794e79f4344b249652ce27e9b2a70ae4e1405a87a544
 SHA512:
-  metadata.gz: d22c84ebd382d999c204f193350899d8c41c96f20c5f001e21470710c098c0183dc7b2113629de97d06eb3d27c603ded7b00aa615a756ec095025e56bd55346e
-  data.tar.gz: 8e3f30ceeb5280e995eb6dc618148dada50b0a17d5a0d73220e6b220df805fb5258d3f710d650325f584d14bf1fdd6678b224f18f8e74162f1341db9695e54f4
+  metadata.gz: 2600d978d68cac1e8c68df7ea99afec158079c01eb6499e8870c02a1deab7b4e5afbe9a615751d5ecc02c3fcfcde6ace04d129e918eeac61e8c31c59da16ad5a
+  data.tar.gz: 6df67485eacbb46bfcecda62e8a2314d8a7341961d5eddf63e7ea7fac9e350155567476ba4bdb3b47c3d19ff7d5fe3dec351d3e76ffe0012f60d72655371f926

data/graphql-relay-walker.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name        = 'graphql-relay-walker'
-  s.version     = '0.0.10'
+  s.version     = '0.1.0'
   s.licenses    = ['MIT']
   s.summary     = 'A tool for traversing your GraphQL schema to proactively detect potential data access vulnerabilities.'
   s.authors     = ['Ben Toews']

data/lib/graphql/relay/walker/query_builder.rb

@@ -58,27 +58,6 @@ module GraphQL::Relay::Walker
       true
     end
 
-    # Private: Make a AST of the given type.
-    #
-    # klass             - The GraphQL::Language::Nodes::AbstractNode subclass
-    #                     to create.
-    # needs_selections: - Boolean. Will this AST be invalid if it doesn't have
-    #                     any selections?
-    #
-    # Returns a GraphQL::Language::Nodes::AbstractNode subclass instance or nil
-    # if the created AST was invalid for having no selections.
-    def make(klass, needs_selections: true)
-      k_ast = klass.new
-      yield(k_ast) if block_given?
-      k_ast.selections.compact!
-
-      if k_ast.selections.empty? && needs_selections
-        nil
-      else
-        k_ast
-      end
-    end
-
     # Make an inline fragment AST.
     #
     # type           - The GraphQL::ObjectType instance to make the fragment
@@ -89,21 +68,29 @@ module GraphQL::Relay::Walker
     # Returns a GraphQL::Language::Nodes::InlineFragment instance or nil if the
     # created AST was invalid for having no selections.
     def inline_fragment_ast(type, with_children: true)
-      make(GraphQL::Language::Nodes::InlineFragment) do |if_ast|
-        if_ast.type = make_type_name_node(type.name)
-
-        if with_children
-          type.all_fields.each do |field|
-            field_type = field.type.unwrap
-            if node_field?(field) && include?(field_type)
-              if_ast.selections << node_field_ast(field)
-            elsif connection_field?(field) && include?(field_type)
-              if_ast.selections << connection_field_ast(field)
-            end
+      selections = []
+      if with_children
+        type.all_fields.each do |field|
+          field_type = field.type.unwrap
+          if node_field?(field) && include?(field_type)
+            selections << node_field_ast(field)
+          elsif connection_field?(field) && include?(field_type)
+            selections << connection_field_ast(field)
           end
-        elsif id = type.get_field('id')
-          if_ast.selections << field_ast(id)
         end
+      elsif id = type.get_field('id')
+        selections << field_ast(id)
+      end
+
+      selections.compact!
+
+      if selections.none?
+        nil
+      else
+        GraphQL::Language::Nodes::InlineFragment.new(
+          type: make_type_name_node(type.name),
+          selections: selections,
+        )
       end
     end
 
@@ -120,20 +107,19 @@ module GraphQL::Relay::Walker
       type = field.type.unwrap
 
       # Bail unless we have the required arguments.
-      return unless field.arguments.reject do |_, arg|
-        valid_input?(arg.type, nil)
-      end.all? do |name, _|
-        arguments.key?(name)
+      required_args_are_present = field.arguments.all? do |arg_name, arg|
+        arguments.key?(arg_name) || valid_input?(arg.type, nil)
       end
 
-      make(GraphQL::Language::Nodes::Field, needs_selections: !type.kind.scalar?) do |f_ast|
-        f_ast.name = field.name
-        f_ast.alias = random_alias unless field.name == 'id'
-        f_ast.arguments = arguments.map do |name, value|
+      if !required_args_are_present
+        nil
+      else
+        f_alias = field.name == 'id' ? nil : random_alias
+        f_args = arguments.map do |name, value|
           GraphQL::Language::Nodes::Argument.new(name: name, value: value)
         end
 
-        yield(f_ast, type) if blk
+        GraphQL::Language::Nodes::Field.new(name: field.name, alias: f_alias, arguments: f_args)
       end
     end
 
@@ -143,17 +129,27 @@ module GraphQL::Relay::Walker
     #
     # Returns a GraphQL::Language::Nodes::Field instance.
     def node_field_ast(field)
-      field_ast(field) do |f_ast, type|
-        selections = f_ast.selections
-
-        if type.kind.object?
-          selections << field_ast(type.get_field('id'))
-        else
-          possible_node_types(type).each do |if_type|
-            selections << inline_fragment_ast(if_type, with_children: false)
-          end
+      f_ast = field_ast(field)
+      return nil if f_ast.nil?
+      type = field.type.unwrap
+      selections = f_ast.selections.dup
+
+      if type.kind.object?
+        selections << field_ast(type.get_field('id'))
+      else
+        possible_node_types(type).each do |if_type|
+          selections << inline_fragment_ast(if_type, with_children: false)
         end
       end
+
+      selections.compact!
+
+      if f_ast.respond_to?(:merge) # GraphQL-Ruby 1.9+
+        f_ast = f_ast.merge(selections: selections)
+      else
+        f_ast.selections = selections
+      end
+      f_ast
     end
 
     # Make a field AST for an edges field.
@@ -162,8 +158,14 @@ module GraphQL::Relay::Walker
     #
     # Returns a GraphQL::Language::Nodes::Field instance.
     def edges_field_ast(field)
-      field_ast(field) do |f_ast, type|
-        f_ast.selections << node_field_ast(type.get_field('node'))
+      f_ast = field_ast(field)
+      return nil if f_ast.nil?
+      node_fields = [node_field_ast(field.type.unwrap.get_field('node'))]
+      if f_ast.respond_to?(:merge) # GraphQL-Ruby 1.9+
+        f_ast.merge(selections: f_ast.selections + node_fields)
+      else
+        f_ast.selections.concat(node_fields)
+        f_ast
       end
     end
 
@@ -174,8 +176,14 @@ module GraphQL::Relay::Walker
     # Returns a GraphQL::Language::Nodes::Field instance or nil if the created
     # AST was invalid for missing required arguments.
     def connection_field_ast(field)
-      field_ast(field, connection_arguments) do |f_ast, type|
-        f_ast.selections << edges_field_ast(type.get_field('edges'))
+      f_ast = field_ast(field, connection_arguments)
+      return nil if f_ast.nil?
+      edges_fields = [edges_field_ast(field.type.unwrap.get_field('edges'))]
+      if f_ast.respond_to?(:merge) # GraphQL-Ruby 1.9+
+        f_ast.merge(selections: f_ast.selections + edges_fields)
+      else
+        f_ast.selections.concat(edges_fields)
+        f_ast
       end
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: graphql-relay-walker
 version: !ruby/object:Gem::Version
-  version: 0.0.10
+  version: 0.1.0
 platform: ruby
 authors:
 - Ben Toews
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-03-27 00:00:00.000000000 Z
+date: 2018-10-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: graphql
@@ -102,7 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.12
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
 summary: A tool for traversing your GraphQL schema to proactively detect potential