graphql 2.3.5 → 2.3.6

data/lib/graphql/analysis/visitor.rb

@@ -0,0 +1,282 @@
+# frozen_string_literal: true
+module GraphQL
+  module Analysis
+    # Depth first traversal through a query AST, calling AST analyzers
+    # along the way.
+    #
+    # The visitor is a special case of GraphQL::Language::StaticVisitor, visiting
+    # only the selected operation, providing helpers for common use cases such
+    # as skipped fields and visiting fragment spreads.
+    #
+    # @see {GraphQL::Analysis::Analyzer} AST Analyzers for queries
+    class Visitor < GraphQL::Language::StaticVisitor
+      def initialize(query:, analyzers:)
+        @analyzers = analyzers
+        @path = []
+        @object_types = []
+        @directives = []
+        @field_definitions = []
+        @argument_definitions = []
+        @directive_definitions = []
+        @rescued_errors = []
+        @query = query
+        @schema = query.schema
+        @response_path = []
+        @skip_stack = [false]
+        super(query.selected_operation)
+      end
+
+      # @return [GraphQL::Query] the query being visited
+      attr_reader :query
+
+      # @return [Array<GraphQL::ObjectType>] Types whose scope we've entered
+      attr_reader :object_types
+
+      # @return [Array<GraphQL::AnalysisError]
+      attr_reader :rescued_errors
+
+      def visit
+        return unless @document
+        super
+      end
+
+      # Visit Helpers
+
+      # @return [GraphQL::Execution::Interpreter::Arguments] Arguments for this node, merging default values, literal values and query variables
+      # @see {GraphQL::Query#arguments_for}
+      def arguments_for(ast_node, field_definition)
+        @query.arguments_for(ast_node, field_definition)
+      end
+
+      # @return [Boolean] If the visitor is currently inside a fragment definition
+      def visiting_fragment_definition?
+        @in_fragment_def
+      end
+
+      # @return [Boolean] If the current node should be skipped because of a skip or include directive
+      def skipping?
+        @skipping
+      end
+
+      # @return [Array<String>] The path to the response key for the current field
+      def response_path
+        @response_path.dup
+      end
+
+      # Visitor Hooks
+      [
+        :operation_definition, :fragment_definition,
+        :inline_fragment, :field, :directive, :argument, :fragment_spread
+      ].each do |node_type|
+        module_eval <<-RUBY, __FILE__, __LINE__
+        def call_on_enter_#{node_type}(node, parent)
+          @analyzers.each do |a|
+            begin
+              a.on_enter_#{node_type}(node, parent, self)
+            rescue AnalysisError => err
+              @rescued_errors << err
+            end
+          end
+        end
+
+        def call_on_leave_#{node_type}(node, parent)
+          @analyzers.each do |a|
+            begin
+              a.on_leave_#{node_type}(node, parent, self)
+            rescue AnalysisError => err
+              @rescued_errors << err
+            end
+          end
+        end
+
+        RUBY
+      end
+
+      def on_operation_definition(node, parent)
+        object_type = @schema.root_type_for_operation(node.operation_type)
+        @object_types.push(object_type)
+        @path.push("#{node.operation_type}#{node.name ? " #{node.name}" : ""}")
+        call_on_enter_operation_definition(node, parent)
+        super
+        call_on_leave_operation_definition(node, parent)
+        @object_types.pop
+        @path.pop
+      end
+
+      def on_fragment_definition(node, parent)
+        on_fragment_with_type(node) do
+          @path.push("fragment #{node.name}")
+          @in_fragment_def = false
+          call_on_enter_fragment_definition(node, parent)
+          super
+          @in_fragment_def = false
+          call_on_leave_fragment_definition(node, parent)
+        end
+      end
+
+      def on_inline_fragment(node, parent)
+        on_fragment_with_type(node) do
+          @path.push("...#{node.type ? " on #{node.type.name}" : ""}")
+          @skipping = @skip_stack.last || skip?(node)
+          @skip_stack << @skipping
+
+          call_on_enter_inline_fragment(node, parent)
+          super
+          @skipping = @skip_stack.pop
+          call_on_leave_inline_fragment(node, parent)
+        end
+      end
+
+      def on_field(node, parent)
+        @response_path.push(node.alias || node.name)
+        parent_type = @object_types.last
+        # This could be nil if the previous field wasn't found:
+        field_definition = parent_type && @schema.get_field(parent_type, node.name, @query.context)
+        @field_definitions.push(field_definition)
+        if !field_definition.nil?
+          next_object_type = field_definition.type.unwrap
+          @object_types.push(next_object_type)
+        else
+          @object_types.push(nil)
+        end
+        @path.push(node.alias || node.name)
+
+        @skipping = @skip_stack.last || skip?(node)
+        @skip_stack << @skipping
+
+        call_on_enter_field(node, parent)
+        super
+        @skipping = @skip_stack.pop
+        call_on_leave_field(node, parent)
+        @response_path.pop
+        @field_definitions.pop
+        @object_types.pop
+        @path.pop
+      end
+
+      def on_directive(node, parent)
+        directive_defn = @schema.directives[node.name]
+        @directive_definitions.push(directive_defn)
+        call_on_enter_directive(node, parent)
+        super
+        call_on_leave_directive(node, parent)
+        @directive_definitions.pop
+      end
+
+      def on_argument(node, parent)
+        argument_defn = if (arg = @argument_definitions.last)
+          arg_type = arg.type.unwrap
+          if arg_type.kind.input_object?
+            arg_type.get_argument(node.name, @query.context)
+          else
+            nil
+          end
+        elsif (directive_defn = @directive_definitions.last)
+          directive_defn.get_argument(node.name, @query.context)
+        elsif (field_defn = @field_definitions.last)
+          field_defn.get_argument(node.name, @query.context)
+        else
+          nil
+        end
+
+        @argument_definitions.push(argument_defn)
+        @path.push(node.name)
+        call_on_enter_argument(node, parent)
+        super
+        call_on_leave_argument(node, parent)
+        @argument_definitions.pop
+        @path.pop
+      end
+
+      def on_fragment_spread(node, parent)
+        @path.push("... #{node.name}")
+        @skipping = @skip_stack.last || skip?(node)
+        @skip_stack << @skipping
+
+        call_on_enter_fragment_spread(node, parent)
+        enter_fragment_spread_inline(node)
+        super
+        @skipping = @skip_stack.pop
+        leave_fragment_spread_inline(node)
+        call_on_leave_fragment_spread(node, parent)
+        @path.pop
+      end
+
+      # @return [GraphQL::BaseType] The current object type
+      def type_definition
+        @object_types.last
+      end
+
+      # @return [GraphQL::BaseType] The type which the current type came from
+      def parent_type_definition
+        @object_types[-2]
+      end
+
+      # @return [GraphQL::Field, nil] The most-recently-entered GraphQL::Field, if currently inside one
+      def field_definition
+        @field_definitions.last
+      end
+
+      # @return [GraphQL::Field, nil] The GraphQL field which returned the object that the current field belongs to
+      def previous_field_definition
+        @field_definitions[-2]
+      end
+
+      # @return [GraphQL::Directive, nil] The most-recently-entered GraphQL::Directive, if currently inside one
+      def directive_definition
+        @directive_definitions.last
+      end
+
+      # @return [GraphQL::Argument, nil] The most-recently-entered GraphQL::Argument, if currently inside one
+      def argument_definition
+        @argument_definitions.last
+      end
+
+      # @return [GraphQL::Argument, nil] The previous GraphQL argument
+      def previous_argument_definition
+        @argument_definitions[-2]
+      end
+
+      private
+
+      # Visit a fragment spread inline instead of visiting the definition
+      # by itself.
+      def enter_fragment_spread_inline(fragment_spread)
+        fragment_def = query.fragments[fragment_spread.name]
+
+        object_type = if fragment_def.type
+          @query.warden.get_type(fragment_def.type.name)
+        else
+          object_types.last
+        end
+
+        object_types << object_type
+
+        on_fragment_definition_children(fragment_def)
+      end
+
+      # Visit a fragment spread inline instead of visiting the definition
+      # by itself.
+      def leave_fragment_spread_inline(_fragment_spread)
+        object_types.pop
+      end
+
+      def skip?(ast_node)
+        dir = ast_node.directives
+        dir.any? && !GraphQL::Execution::DirectiveChecks.include?(dir, query)
+      end
+
+      def on_fragment_with_type(node)
+        object_type = if node.type
+          @query.warden.get_type(node.type.name)
+        else
+          @object_types.last
+        end
+        @object_types.push(object_type)
+        yield(node)
+        @object_types.pop
+        @path.pop
+      end
+    end
+  end
+end

data/lib/graphql/analysis.rb

@@ -1,2 +1,93 @@
 # frozen_string_literal: true
-require "graphql/analysis/ast"
+require "graphql/analysis/visitor"
+require "graphql/analysis/analyzer"
+require "graphql/analysis/field_usage"
+require "graphql/analysis/query_complexity"
+require "graphql/analysis/max_query_complexity"
+require "graphql/analysis/query_depth"
+require "graphql/analysis/max_query_depth"
+require "timeout"
+
+module GraphQL
+  module Analysis
+    AST = self
+    module_function
+    # Analyze a multiplex, and all queries within.
+    # Multiplex analyzers are ran for all queries, keeping state.
+    # Query analyzers are ran per query, without carrying state between queries.
+    #
+    # @param multiplex [GraphQL::Execution::Multiplex]
+    # @param analyzers [Array<GraphQL::Analysis::Analyzer>]
+    # @return [Array<Any>] Results from multiplex analyzers
+    def analyze_multiplex(multiplex, analyzers)
+      multiplex_analyzers = analyzers.map { |analyzer| analyzer.new(multiplex) }
+
+      multiplex.current_trace.analyze_multiplex(multiplex: multiplex) do
+        query_results = multiplex.queries.map do |query|
+          if query.valid?
+            analyze_query(
+              query,
+              query.analyzers,
+              multiplex_analyzers: multiplex_analyzers
+            )
+          else
+            []
+          end
+        end
+
+        multiplex_results = multiplex_analyzers.map(&:result)
+        multiplex_errors = analysis_errors(multiplex_results)
+
+        multiplex.queries.each_with_index do |query, idx|
+          query.analysis_errors = multiplex_errors + analysis_errors(query_results[idx])
+        end
+        multiplex_results
+      end
+    end
+
+    # @param query [GraphQL::Query]
+    # @param analyzers [Array<GraphQL::Analysis::Analyzer>]
+    # @return [Array<Any>] Results from those analyzers
+    def analyze_query(query, analyzers, multiplex_analyzers: [])
+      query.current_trace.analyze_query(query: query) do
+        query_analyzers = analyzers
+          .map { |analyzer| analyzer.new(query) }
+          .tap { _1.select!(&:analyze?) }
+
+        analyzers_to_run = query_analyzers + multiplex_analyzers
+        if analyzers_to_run.any?
+
+          analyzers_to_run.select!(&:visit?)
+          if analyzers_to_run.any?
+            visitor = GraphQL::Analysis::Visitor.new(
+              query: query,
+              analyzers: analyzers_to_run
+            )
+
+            # `nil` or `0` causes no timeout
+            Timeout::timeout(query.validate_timeout_remaining) do
+              visitor.visit
+            end
+
+            if visitor.rescued_errors.any?
+              return visitor.rescued_errors
+            end
+          end
+
+          query_analyzers.map(&:result)
+        else
+          []
+        end
+      end
+    rescue Timeout::Error
+      [GraphQL::AnalysisError.new("Timeout on validation of query")]
+    rescue GraphQL::UnauthorizedError
+      # This error was raised during analysis and will be returned the client before execution
+      []
+    end
+
+    def analysis_errors(results)
+      results.flatten.tap { _1.select! { |r| r.is_a?(GraphQL::AnalysisError) } }
+    end
+  end
+end

data/lib/graphql/dataloader/async_dataloader.rb

@@ -21,6 +21,7 @@ module GraphQL
         manager = spawn_fiber do
           while first_pass || job_fibers.any?
             first_pass = false
+            fiber_vars = get_fiber_variables
 
             while (f = (job_fibers.shift || spawn_job_fiber))
               if f.alive?
@@ -34,6 +35,7 @@ module GraphQL
             next_job_fibers.clear
 
             Sync do |root_task|
+              set_fiber_variables(fiber_vars)
               while source_tasks.any? || @source_cache.each_value.any? { |group_sources| group_sources.each_value.any?(&:pending?) }
                 while (task = source_tasks.shift || spawn_source_task(root_task, sources_condition))
                   if task.alive?

data/lib/graphql/execution/interpreter.rb

@@ -40,7 +40,7 @@ module GraphQL
             lazies_at_depth = Hash.new { |h, k| h[k] = [] }
             multiplex_analyzers = schema.multiplex_analyzers
             if multiplex.max_complexity
-              multiplex_analyzers += [GraphQL::Analysis::AST::MaxQueryComplexity]
+              multiplex_analyzers += [GraphQL::Analysis::MaxQueryComplexity]
             end
 
             schema.analysis_engine.analyze_multiplex(multiplex, multiplex_analyzers)

data/lib/graphql/query/validation_pipeline.rb

@@ -100,10 +100,10 @@ module GraphQL
           # Depending on the analysis engine, we must use different analyzers
           # remove this once everything has switched over to AST analyzers
           if max_depth
-            qa << GraphQL::Analysis::AST::MaxQueryDepth
+            qa << GraphQL::Analysis::MaxQueryDepth
           end
           if max_complexity
-            qa << GraphQL::Analysis::AST::MaxQueryComplexity
+            qa << GraphQL::Analysis::MaxQueryComplexity
           end
           qa
         else

data/lib/graphql/schema/argument.rb

@@ -312,10 +312,15 @@ module GraphQL
           context.query.after_lazy(custom_loaded_value) do |custom_value|
             if loads
               if type.list?
-                loaded_values = custom_value.each_with_index.map { |custom_val, idx|
-                  id = coerced_value[idx]
-                  load_method_owner.authorize_application_object(self, id, context, custom_val)
-                }
+                loaded_values = []
+                context.dataloader.run_isolated do
+                  custom_value.each_with_index.map { |custom_val, idx|
+                    id = coerced_value[idx]
+                    context.dataloader.append_job do
+                      loaded_values[idx] = load_method_owner.authorize_application_object(self, id, context, custom_val)
+                    end
+                  }
+                end
                 context.schema.after_any_lazies(loaded_values, &:itself)
               else
                 load_method_owner.authorize_application_object(self, coerced_value, context, custom_loaded_value)
@@ -326,7 +331,16 @@ module GraphQL
           end
         elsif loads
           if type.list?
-            loaded_values = coerced_value.map { |val| load_method_owner.load_and_authorize_application_object(self, val, context) }
+            loaded_values = []
+            # We want to run these list items all together,
+            # but we also need to wait for the result so we can return it :S
+            context.dataloader.run_isolated do
+              coerced_value.each_with_index { |val, idx|
+                context.dataloader.append_job do
+                  loaded_values[idx] = load_method_owner.load_and_authorize_application_object(self, val, context)
+                end
+              }
+            end
             context.schema.after_any_lazies(loaded_values, &:itself)
           else
             load_method_owner.load_and_authorize_application_object(self, coerced_value, context)

data/lib/graphql/schema/directive.rb

@@ -188,6 +188,8 @@ module GraphQL
             assert_has_location(SCALAR)
           elsif @owner < GraphQL::Schema
             assert_has_location(SCHEMA)
+          elsif @owner < GraphQL::Schema::Resolver
+            assert_has_location(FIELD_DEFINITION)
           else
             raise "Unexpected directive owner class: #{@owner}"
           end

data/lib/graphql/schema/field.rb

@@ -41,6 +41,14 @@ module GraphQL
         end
       end
 
+      def directives
+        if @resolver_class
+          @resolver_class.directives
+        else
+          super
+        end
+      end
+
       # @return [Class] The thing this field was defined on (type, mutation, resolver)
       attr_accessor :owner
 

data/lib/graphql/schema/resolver.rb

@@ -25,6 +25,7 @@ module GraphQL
       extend GraphQL::Schema::Member::HasValidators
       include Schema::Member::HasPath
       extend Schema::Member::HasPath
+      extend Schema::Member::HasDirectives
 
       # @param object [Object] The application object that this field is being resolved on
       # @param context [GraphQL::Query::Context]

data/lib/graphql/subscriptions/broadcast_analyzer.rb

@@ -9,7 +9,7 @@ module GraphQL
     # Assign the result to `context.namespace(:subscriptions)[:subscription_broadcastable]`
     # @api private
     # @see Subscriptions#broadcastable? for a public API
-    class BroadcastAnalyzer < GraphQL::Analysis::AST::Analyzer
+    class BroadcastAnalyzer < GraphQL::Analysis::Analyzer
       def initialize(subject)
         super
         @default_broadcastable = subject.schema.subscriptions.default_broadcastable

data/lib/graphql/subscriptions.rb

@@ -235,7 +235,7 @@ module GraphQL
       if !query.valid?
         raise "Invalid query: #{query.validation_errors.map(&:to_h).inspect}"
       end
-      GraphQL::Analysis::AST.analyze_query(query, @schema.query_analyzers)
+      GraphQL::Analysis.analyze_query(query, @schema.query_analyzers)
       query.context.namespace(:subscriptions)[:subscription_broadcastable]
     end
 

data/lib/graphql/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module GraphQL
-  VERSION = "2.3.5"
+  VERSION = "2.3.6"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: graphql
 version: !ruby/object:Gem::Version
-  version: 2.3.5
+  version: 2.3.6
 platform: ruby
 authors:
 - Robert Mosolgo
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-06-13 00:00:00.000000000 Z
+date: 2024-06-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: base64
@@ -306,14 +306,13 @@ files:
 - lib/generators/graphql/union_generator.rb
 - lib/graphql.rb
 - lib/graphql/analysis.rb
-- lib/graphql/analysis/ast.rb
-- lib/graphql/analysis/ast/analyzer.rb
-- lib/graphql/analysis/ast/field_usage.rb
-- lib/graphql/analysis/ast/max_query_complexity.rb
-- lib/graphql/analysis/ast/max_query_depth.rb
-- lib/graphql/analysis/ast/query_complexity.rb
-- lib/graphql/analysis/ast/query_depth.rb
-- lib/graphql/analysis/ast/visitor.rb
+- lib/graphql/analysis/analyzer.rb
+- lib/graphql/analysis/field_usage.rb
+- lib/graphql/analysis/max_query_complexity.rb
+- lib/graphql/analysis/max_query_depth.rb
+- lib/graphql/analysis/query_complexity.rb
+- lib/graphql/analysis/query_depth.rb
+- lib/graphql/analysis/visitor.rb
 - lib/graphql/analysis_error.rb
 - lib/graphql/backtrace.rb
 - lib/graphql/backtrace/inspect_result.rb
@@ -645,7 +644,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.3
+rubygems_version: 3.5.12
 signing_key:
 specification_version: 4
 summary: A GraphQL language and runtime for Ruby

data/lib/graphql/analysis/ast/analyzer.rb

@@ -1,91 +0,0 @@
-# frozen_string_literal: true
-module GraphQL
-  module Analysis
-    module AST
-      # Query analyzer for query ASTs. Query analyzers respond to visitor style methods
-      # but are prefixed by `enter` and `leave`.
-      #
-      # When an analyzer is initialized with a Multiplex, you can always get the current query from
-      # `visitor.query` in the visit methods.
-      #
-      # @param [GraphQL::Query, GraphQL::Execution::Multiplex] The query or multiplex to analyze
-      class Analyzer
-        def initialize(subject)
-          @subject = subject
-
-          if subject.is_a?(GraphQL::Query)
-            @query = subject
-            @multiplex = nil
-          else
-            @multiplex = subject
-            @query = nil
-          end
-        end
-
-        # Analyzer hook to decide at analysis time whether a query should
-        # be analyzed or not.
-        # @return [Boolean] If the query should be analyzed or not
-        def analyze?
-          true
-        end
-
-        # Analyzer hook to decide at analysis time whether analysis
-        # requires a visitor pass; can be disabled for precomputed results.
-        # @return [Boolean] If analysis requires visitation or not
-        def visit?
-          true
-        end
-
-        # The result for this analyzer. Returning {GraphQL::AnalysisError} results
-        # in a query error.
-        # @return [Any] The analyzer result
-        def result
-          raise GraphQL::RequiredImplementationMissingError
-        end
-
-        class << self
-          private
-
-          def build_visitor_hooks(member_name)
-            class_eval(<<-EOS, __FILE__, __LINE__ + 1)
-              def on_enter_#{member_name}(node, parent, visitor)
-              end
-
-              def on_leave_#{member_name}(node, parent, visitor)
-              end
-            EOS
-          end
-        end
-
-        build_visitor_hooks :argument
-        build_visitor_hooks :directive
-        build_visitor_hooks :document
-        build_visitor_hooks :enum
-        build_visitor_hooks :field
-        build_visitor_hooks :fragment_spread
-        build_visitor_hooks :inline_fragment
-        build_visitor_hooks :input_object
-        build_visitor_hooks :list_type
-        build_visitor_hooks :non_null_type
-        build_visitor_hooks :null_value
-        build_visitor_hooks :operation_definition
-        build_visitor_hooks :type_name
-        build_visitor_hooks :variable_definition
-        build_visitor_hooks :variable_identifier
-        build_visitor_hooks :abstract_node
-
-        protected
-
-        # @return [GraphQL::Query, GraphQL::Execution::Multiplex] Whatever this analyzer is analyzing
-        attr_reader :subject
-
-        # @return [GraphQL::Query, nil] `nil` if this analyzer is visiting a multiplex
-        #  (When this is `nil`, use `visitor.query` inside visit methods to get the current query)
-        attr_reader :query
-
-        # @return [GraphQL::Execution::Multiplex, nil] `nil` if this analyzer is visiting a query
-        attr_reader :multiplex
-      end
-    end
-  end
-end