graphql 2.3.4 → 2.3.6

data/lib/graphql/analysis/visitor.rb

@@ -0,0 +1,282 @@
+# frozen_string_literal: true
+module GraphQL
+  module Analysis
+    # Depth first traversal through a query AST, calling AST analyzers
+    # along the way.
+    #
+    # The visitor is a special case of GraphQL::Language::StaticVisitor, visiting
+    # only the selected operation, providing helpers for common use cases such
+    # as skipped fields and visiting fragment spreads.
+    #
+    # @see {GraphQL::Analysis::Analyzer} AST Analyzers for queries
+    class Visitor < GraphQL::Language::StaticVisitor
+      def initialize(query:, analyzers:)
+        @analyzers = analyzers
+        @path = []
+        @object_types = []
+        @directives = []
+        @field_definitions = []
+        @argument_definitions = []
+        @directive_definitions = []
+        @rescued_errors = []
+        @query = query
+        @schema = query.schema
+        @response_path = []
+        @skip_stack = [false]
+        super(query.selected_operation)
+      end
+
+      # @return [GraphQL::Query] the query being visited
+      attr_reader :query
+
+      # @return [Array<GraphQL::ObjectType>] Types whose scope we've entered
+      attr_reader :object_types
+
+      # @return [Array<GraphQL::AnalysisError]
+      attr_reader :rescued_errors
+
+      def visit
+        return unless @document
+        super
+      end
+
+      # Visit Helpers
+
+      # @return [GraphQL::Execution::Interpreter::Arguments] Arguments for this node, merging default values, literal values and query variables
+      # @see {GraphQL::Query#arguments_for}
+      def arguments_for(ast_node, field_definition)
+        @query.arguments_for(ast_node, field_definition)
+      end
+
+      # @return [Boolean] If the visitor is currently inside a fragment definition
+      def visiting_fragment_definition?
+        @in_fragment_def
+      end
+
+      # @return [Boolean] If the current node should be skipped because of a skip or include directive
+      def skipping?
+        @skipping
+      end
+
+      # @return [Array<String>] The path to the response key for the current field
+      def response_path
+        @response_path.dup
+      end
+
+      # Visitor Hooks
+      [
+        :operation_definition, :fragment_definition,
+        :inline_fragment, :field, :directive, :argument, :fragment_spread
+      ].each do |node_type|
+        module_eval <<-RUBY, __FILE__, __LINE__
+        def call_on_enter_#{node_type}(node, parent)
+          @analyzers.each do |a|
+            begin
+              a.on_enter_#{node_type}(node, parent, self)
+            rescue AnalysisError => err
+              @rescued_errors << err
+            end
+          end
+        end
+
+        def call_on_leave_#{node_type}(node, parent)
+          @analyzers.each do |a|
+            begin
+              a.on_leave_#{node_type}(node, parent, self)
+            rescue AnalysisError => err
+              @rescued_errors << err
+            end
+          end
+        end
+
+        RUBY
+      end
+
+      def on_operation_definition(node, parent)
+        object_type = @schema.root_type_for_operation(node.operation_type)
+        @object_types.push(object_type)
+        @path.push("#{node.operation_type}#{node.name ? " #{node.name}" : ""}")
+        call_on_enter_operation_definition(node, parent)
+        super
+        call_on_leave_operation_definition(node, parent)
+        @object_types.pop
+        @path.pop
+      end
+
+      def on_fragment_definition(node, parent)
+        on_fragment_with_type(node) do
+          @path.push("fragment #{node.name}")
+          @in_fragment_def = false
+          call_on_enter_fragment_definition(node, parent)
+          super
+          @in_fragment_def = false
+          call_on_leave_fragment_definition(node, parent)
+        end
+      end
+
+      def on_inline_fragment(node, parent)
+        on_fragment_with_type(node) do
+          @path.push("...#{node.type ? " on #{node.type.name}" : ""}")
+          @skipping = @skip_stack.last || skip?(node)
+          @skip_stack << @skipping
+
+          call_on_enter_inline_fragment(node, parent)
+          super
+          @skipping = @skip_stack.pop
+          call_on_leave_inline_fragment(node, parent)
+        end
+      end
+
+      def on_field(node, parent)
+        @response_path.push(node.alias || node.name)
+        parent_type = @object_types.last
+        # This could be nil if the previous field wasn't found:
+        field_definition = parent_type && @schema.get_field(parent_type, node.name, @query.context)
+        @field_definitions.push(field_definition)
+        if !field_definition.nil?
+          next_object_type = field_definition.type.unwrap
+          @object_types.push(next_object_type)
+        else
+          @object_types.push(nil)
+        end
+        @path.push(node.alias || node.name)
+
+        @skipping = @skip_stack.last || skip?(node)
+        @skip_stack << @skipping
+
+        call_on_enter_field(node, parent)
+        super
+        @skipping = @skip_stack.pop
+        call_on_leave_field(node, parent)
+        @response_path.pop
+        @field_definitions.pop
+        @object_types.pop
+        @path.pop
+      end
+
+      def on_directive(node, parent)
+        directive_defn = @schema.directives[node.name]
+        @directive_definitions.push(directive_defn)
+        call_on_enter_directive(node, parent)
+        super
+        call_on_leave_directive(node, parent)
+        @directive_definitions.pop
+      end
+
+      def on_argument(node, parent)
+        argument_defn = if (arg = @argument_definitions.last)
+          arg_type = arg.type.unwrap
+          if arg_type.kind.input_object?
+            arg_type.get_argument(node.name, @query.context)
+          else
+            nil
+          end
+        elsif (directive_defn = @directive_definitions.last)
+          directive_defn.get_argument(node.name, @query.context)
+        elsif (field_defn = @field_definitions.last)
+          field_defn.get_argument(node.name, @query.context)
+        else
+          nil
+        end
+
+        @argument_definitions.push(argument_defn)
+        @path.push(node.name)
+        call_on_enter_argument(node, parent)
+        super
+        call_on_leave_argument(node, parent)
+        @argument_definitions.pop
+        @path.pop
+      end
+
+      def on_fragment_spread(node, parent)
+        @path.push("... #{node.name}")
+        @skipping = @skip_stack.last || skip?(node)
+        @skip_stack << @skipping
+
+        call_on_enter_fragment_spread(node, parent)
+        enter_fragment_spread_inline(node)
+        super
+        @skipping = @skip_stack.pop
+        leave_fragment_spread_inline(node)
+        call_on_leave_fragment_spread(node, parent)
+        @path.pop
+      end
+
+      # @return [GraphQL::BaseType] The current object type
+      def type_definition
+        @object_types.last
+      end
+
+      # @return [GraphQL::BaseType] The type which the current type came from
+      def parent_type_definition
+        @object_types[-2]
+      end
+
+      # @return [GraphQL::Field, nil] The most-recently-entered GraphQL::Field, if currently inside one
+      def field_definition
+        @field_definitions.last
+      end
+
+      # @return [GraphQL::Field, nil] The GraphQL field which returned the object that the current field belongs to
+      def previous_field_definition
+        @field_definitions[-2]
+      end
+
+      # @return [GraphQL::Directive, nil] The most-recently-entered GraphQL::Directive, if currently inside one
+      def directive_definition
+        @directive_definitions.last
+      end
+
+      # @return [GraphQL::Argument, nil] The most-recently-entered GraphQL::Argument, if currently inside one
+      def argument_definition
+        @argument_definitions.last
+      end
+
+      # @return [GraphQL::Argument, nil] The previous GraphQL argument
+      def previous_argument_definition
+        @argument_definitions[-2]
+      end
+
+      private
+
+      # Visit a fragment spread inline instead of visiting the definition
+      # by itself.
+      def enter_fragment_spread_inline(fragment_spread)
+        fragment_def = query.fragments[fragment_spread.name]
+
+        object_type = if fragment_def.type
+          @query.warden.get_type(fragment_def.type.name)
+        else
+          object_types.last
+        end
+
+        object_types << object_type
+
+        on_fragment_definition_children(fragment_def)
+      end
+
+      # Visit a fragment spread inline instead of visiting the definition
+      # by itself.
+      def leave_fragment_spread_inline(_fragment_spread)
+        object_types.pop
+      end
+
+      def skip?(ast_node)
+        dir = ast_node.directives
+        dir.any? && !GraphQL::Execution::DirectiveChecks.include?(dir, query)
+      end
+
+      def on_fragment_with_type(node)
+        object_type = if node.type
+          @query.warden.get_type(node.type.name)
+        else
+          @object_types.last
+        end
+        @object_types.push(object_type)
+        yield(node)
+        @object_types.pop
+        @path.pop
+      end
+    end
+  end
+end

data/lib/graphql/analysis.rb

@@ -1,2 +1,93 @@
 # frozen_string_literal: true
-require "graphql/analysis/ast"
+require "graphql/analysis/visitor"
+require "graphql/analysis/analyzer"
+require "graphql/analysis/field_usage"
+require "graphql/analysis/query_complexity"
+require "graphql/analysis/max_query_complexity"
+require "graphql/analysis/query_depth"
+require "graphql/analysis/max_query_depth"
+require "timeout"
+
+module GraphQL
+  module Analysis
+    AST = self
+    module_function
+    # Analyze a multiplex, and all queries within.
+    # Multiplex analyzers are ran for all queries, keeping state.
+    # Query analyzers are ran per query, without carrying state between queries.
+    #
+    # @param multiplex [GraphQL::Execution::Multiplex]
+    # @param analyzers [Array<GraphQL::Analysis::Analyzer>]
+    # @return [Array<Any>] Results from multiplex analyzers
+    def analyze_multiplex(multiplex, analyzers)
+      multiplex_analyzers = analyzers.map { |analyzer| analyzer.new(multiplex) }
+
+      multiplex.current_trace.analyze_multiplex(multiplex: multiplex) do
+        query_results = multiplex.queries.map do |query|
+          if query.valid?
+            analyze_query(
+              query,
+              query.analyzers,
+              multiplex_analyzers: multiplex_analyzers
+            )
+          else
+            []
+          end
+        end
+
+        multiplex_results = multiplex_analyzers.map(&:result)
+        multiplex_errors = analysis_errors(multiplex_results)
+
+        multiplex.queries.each_with_index do |query, idx|
+          query.analysis_errors = multiplex_errors + analysis_errors(query_results[idx])
+        end
+        multiplex_results
+      end
+    end
+
+    # @param query [GraphQL::Query]
+    # @param analyzers [Array<GraphQL::Analysis::Analyzer>]
+    # @return [Array<Any>] Results from those analyzers
+    def analyze_query(query, analyzers, multiplex_analyzers: [])
+      query.current_trace.analyze_query(query: query) do
+        query_analyzers = analyzers
+          .map { |analyzer| analyzer.new(query) }
+          .tap { _1.select!(&:analyze?) }
+
+        analyzers_to_run = query_analyzers + multiplex_analyzers
+        if analyzers_to_run.any?
+
+          analyzers_to_run.select!(&:visit?)
+          if analyzers_to_run.any?
+            visitor = GraphQL::Analysis::Visitor.new(
+              query: query,
+              analyzers: analyzers_to_run
+            )
+
+            # `nil` or `0` causes no timeout
+            Timeout::timeout(query.validate_timeout_remaining) do
+              visitor.visit
+            end
+
+            if visitor.rescued_errors.any?
+              return visitor.rescued_errors
+            end
+          end
+
+          query_analyzers.map(&:result)
+        else
+          []
+        end
+      end
+    rescue Timeout::Error
+      [GraphQL::AnalysisError.new("Timeout on validation of query")]
+    rescue GraphQL::UnauthorizedError
+      # This error was raised during analysis and will be returned the client before execution
+      []
+    end
+
+    def analysis_errors(results)
+      results.flatten.tap { _1.select! { |r| r.is_a?(GraphQL::AnalysisError) } }
+    end
+  end
+end

data/lib/graphql/dataloader/async_dataloader.rb

@@ -21,6 +21,7 @@ module GraphQL
         manager = spawn_fiber do
           while first_pass || job_fibers.any?
             first_pass = false
+            fiber_vars = get_fiber_variables
 
             while (f = (job_fibers.shift || spawn_job_fiber))
               if f.alive?
@@ -34,6 +35,7 @@ module GraphQL
             next_job_fibers.clear
 
             Sync do |root_task|
+              set_fiber_variables(fiber_vars)
               while source_tasks.any? || @source_cache.each_value.any? { |group_sources| group_sources.each_value.any?(&:pending?) }
                 while (task = source_tasks.shift || spawn_source_task(root_task, sources_condition))
                   if task.alive?

data/lib/graphql/dataloader/null_dataloader.rb

@@ -8,7 +8,7 @@ module GraphQL
     # simple internal code while adding the option to add Dataloader.
     class NullDataloader < Dataloader
       # These are all no-ops because code was
-      # executed sychronously.
+      # executed synchronously.
       def run; end
       def run_isolated; yield; end
       def yield

data/lib/graphql/execution/interpreter/runtime/graphql_result.rb

@@ -5,7 +5,7 @@ module GraphQL
     class Interpreter
       class Runtime
         module GraphQLResult
-          def initialize(result_name, result_type, application_value, parent_result, is_non_null_in_parent)
+          def initialize(result_name, result_type, application_value, parent_result, is_non_null_in_parent, selections, is_eager)
             @graphql_parent = parent_result
             @graphql_application_value = application_value
             @graphql_result_type = result_type
@@ -16,6 +16,8 @@ module GraphQL
             @graphql_is_non_null_in_parent = is_non_null_in_parent
             # Jump through some hoops to avoid creating this duplicate storage if at all possible.
             @graphql_metadata = nil
+            @graphql_selections = selections
+            @graphql_is_eager = is_eager
           end
 
           def path
@@ -28,14 +30,15 @@ module GraphQL
           end
 
           attr_accessor :graphql_dead
-          attr_reader :graphql_parent, :graphql_result_name, :graphql_is_non_null_in_parent, :graphql_application_value, :graphql_result_type
+          attr_reader :graphql_parent, :graphql_result_name, :graphql_is_non_null_in_parent,
+            :graphql_application_value, :graphql_result_type, :graphql_selections, :graphql_is_eager
 
           # @return [Hash] Plain-Ruby result data (`@graphql_metadata` contains Result wrapper objects)
           attr_accessor :graphql_result_data
         end
 
         class GraphQLResultHash
-          def initialize(_result_name, _result_type, _application_value, _parent_result, _is_non_null_in_parent)
+          def initialize(_result_name, _result_type, _application_value, _parent_result, _is_non_null_in_parent, _selections, _is_eager)
             super
             @graphql_result_data = {}
           end
@@ -123,7 +126,7 @@ module GraphQL
         class GraphQLResultArray
           include GraphQLResult
 
-          def initialize(_result_name, _result_type, _application_value, _parent_result, _is_non_null_in_parent)
+          def initialize(_result_name, _result_type, _application_value, _parent_result, _is_non_null_in_parent, _selections, _is_eager)
             super
             @graphql_result_data = []
           end