graphql 2.3.5 → 2.3.8

data/lib/graphql/schema/subset.rb

@@ -0,0 +1,397 @@
+# frozen_string_literal: true
+
+module GraphQL
+  class Schema
+    class Subset
+      def initialize(query)
+        @query = query
+        @context = query.context
+        @schema = query.schema
+        @all_types = {}
+        @all_types_loaded = false
+        @unvisited_types = []
+        @referenced_types = Hash.new { |h, type_defn| h[type_defn] = [] }.compare_by_identity
+        @cached_possible_types = nil
+        @cached_visible = Hash.new { |h, member|
+          h[member] = @schema.visible?(member, @context)
+        }.compare_by_identity
+
+        @cached_visible_fields = Hash.new { |h, owner|
+          h[owner] = Hash.new do |h2, field|
+            h2[field] = if @cached_visible[field] &&
+                (ret_type = field.type.unwrap) &&
+                @cached_visible[ret_type] &&
+                reachable_type?(ret_type.graphql_name) &&
+                (owner == field.owner || (!owner.kind.object?) || field_on_visible_interface?(field, owner))
+
+              if !field.introspection?
+                # The problem is that some introspection fields may have references
+                # to non-custom introspection types.
+                # If those were added here, they'd cause a DuplicateNamesError.
+                # This is basically a bug -- those fields _should_ reference the custom types.
+                add_type(ret_type, field)
+              end
+              true
+            else
+              false
+            end
+          end.compare_by_identity
+        }.compare_by_identity
+
+        @cached_visible_arguments = Hash.new do |h, arg|
+          h[arg] = if @cached_visible[arg] && (arg_type = arg.type.unwrap) && @cached_visible[arg_type]
+            add_type(arg_type, arg)
+            true
+          else
+            false
+          end
+        end.compare_by_identity
+
+        @unfiltered_pt = Hash.new do |hash, type|
+          hash[type] = @schema.possible_types(type)
+        end.compare_by_identity
+      end
+
+      def field_on_visible_interface?(field, owner)
+        ints = owner.interface_type_memberships.map(&:abstract_type)
+        field_name = field.graphql_name
+        filtered_ints = interfaces(owner)
+        any_interface_has_field = false
+        any_interface_has_visible_field = false
+        ints.each do |int_t|
+          if (_int_f_defn = int_t.get_field(field_name, @context))
+            any_interface_has_field = true
+
+            if filtered_ints.include?(int_t) # TODO cycles, or maybe not necessary since previously checked? && @cached_visible_fields[owner][field]
+              any_interface_has_visible_field = true
+              break
+            end
+          end
+        end
+
+        if any_interface_has_field
+          any_interface_has_visible_field
+        else
+          true
+        end
+      end
+
+      def type(type_name)
+        t = if (loaded_t = @all_types[type_name])
+          loaded_t
+       elsif !@all_types_loaded
+         load_all_types
+          @all_types[type_name]
+        end
+
+        if t
+          if t.is_a?(Array)
+            vis_t = nil
+            t.each do |t_defn|
+              if @cached_visible[t_defn]
+                if vis_t.nil?
+                  vis_t = t_defn
+                else
+                  raise_duplicate_definition(vis_t, t_defn)
+                end
+              end
+            end
+            vis_t
+          else
+            if t && @cached_visible[t]
+              t
+            else
+              nil
+            end
+          end
+        end
+      end
+
+      def field(owner, field_name)
+        f = if owner.kind.fields? && (field = owner.get_field(field_name, @context))
+          field
+        elsif owner == query_root && (entry_point_field = @schema.introspection_system.entry_point(name: field_name))
+          entry_point_field
+        elsif (dynamic_field = @schema.introspection_system.dynamic_field(name: field_name))
+          dynamic_field
+        else
+          nil
+        end
+        if f.is_a?(Array)
+          visible_f = nil
+          f.each do |f_defn|
+            if @cached_visible_fields[owner][f_defn]
+
+              if visible_f.nil?
+                visible_f = f_defn
+              else
+                raise_duplicate_definition(visible_f, f_defn)
+              end
+            end
+          end
+          visible_f
+        else
+          if f && @cached_visible_fields[owner][f]
+            f
+          else
+            nil
+          end
+        end
+      end
+
+      def fields(owner)
+        non_duplicate_items(owner.all_field_definitions, @cached_visible_fields[owner])
+      end
+
+      def arguments(owner)
+        non_duplicate_items(owner.all_argument_definitions, @cached_visible_arguments)
+      end
+
+      def argument(owner, arg_name)
+        # TODO this makes a Warden.visible_entry call down the stack
+        # I need a non-Warden implementation
+        arg = owner.get_argument(arg_name, @context)
+        if arg.is_a?(Array)
+          visible_arg = nil
+          arg.each do |arg_defn|
+            if @cached_visible_arguments[arg_defn]
+              if arg_defn&.loads
+                add_type(arg_defn.loads, arg_defn)
+              end
+              if visible_arg.nil?
+                visible_arg = arg_defn
+              else
+                raise_duplicate_definition(visible_arg, arg_defn)
+              end
+            end
+          end
+          visible_arg
+        else
+          if arg && @cached_visible_arguments[arg]
+            if arg&.loads
+              add_type(arg.loads, arg)
+            end
+            arg
+          else
+            nil
+          end
+        end
+      end
+
+      def possible_types(type)
+        @cached_possible_types ||= Hash.new do |h, type|
+          pt = case type.kind.name
+          when "INTERFACE"
+            # TODO this requires the global map
+            @unfiltered_pt[type]
+          when "UNION"
+            type.type_memberships.select { |tm| @cached_visible[tm] && @cached_visible[tm.object_type] }.map!(&:object_type)
+          else
+            [type]
+          end
+
+          # TODO use `select!` when possible, skip it for `[type]`
+          h[type] = pt.select { |t|
+            @cached_visible[t] && referenced?(t)
+          }
+        end.compare_by_identity
+        @cached_possible_types[type]
+      end
+
+      def interfaces(obj_or_int_type)
+        ints = obj_or_int_type.interface_type_memberships
+          .select { |itm| @cached_visible[itm] && @cached_visible[itm.abstract_type] }
+          .map!(&:abstract_type)
+        ints.uniq! # Remove any duplicate interfaces implemented via other interfaces
+        ints
+      end
+
+      def query_root
+        add_if_visible(@schema.query)
+      end
+
+      def mutation_root
+        add_if_visible(@schema.mutation)
+      end
+
+      def subscription_root
+        add_if_visible(@schema.subscription)
+      end
+
+      def all_types
+        @all_types_filtered ||= begin
+          load_all_types
+          at = []
+          @all_types.each do |_name, type_defn|
+            if possible_types(type_defn).any? || referenced?(type_defn)
+              at << type_defn
+            end
+          end
+          at
+        end
+      end
+
+      def enum_values(owner)
+        values = non_duplicate_items(owner.all_enum_value_definitions, @cached_visible)
+        if values.size == 0
+          raise GraphQL::Schema::Enum::MissingValuesError.new(owner)
+        end
+        values
+      end
+
+      def directive_exists?(dir_name)
+        dir = @schema.directives[dir_name]
+        dir && @cached_visible[dir]
+      end
+
+      def directives
+        @schema.directives.each_value.select { |d| @cached_visible[d] }
+      end
+
+      def loadable?(t, _ctx)
+        !@all_types[t.graphql_name] # TODO make sure t is not reachable but t is visible
+      end
+
+      # TODO rename this to indicate that it is called with a typename
+      def reachable_type?(type_name)
+        load_all_types
+        !!((t = @all_types[type_name]) && referenced?(t))
+      end
+
+      def loaded_types
+        @all_types.values
+      end
+
+      private
+
+      def add_if_visible(t)
+        (t && @cached_visible[t]) ? (add_type(t, true); t) : nil
+      end
+
+      def add_type(t, by_member)
+        if t && @cached_visible[t]
+          n = t.graphql_name
+          if (prev_t = @all_types[n])
+            if !prev_t.equal?(t)
+              raise_duplicate_definition(prev_t, t)
+            end
+            false
+          else
+            @referenced_types[t] << by_member
+            @all_types[n] = t
+            @unvisited_types << t
+            true
+          end
+        else
+          false
+        end
+      end
+
+      def non_duplicate_items(definitions, visibility_cache)
+        non_dups = []
+        definitions.each do |defn|
+          if visibility_cache[defn]
+            if (dup_defn = non_dups.find { |d| d.graphql_name == defn.graphql_name })
+              raise_duplicate_definition(dup_defn, defn)
+            end
+            non_dups << defn
+          end
+        end
+        non_dups
+      end
+
+      def raise_duplicate_definition(first_defn, second_defn)
+        raise DuplicateNamesError.new(duplicated_name: first_defn.path, duplicated_definition_1: first_defn.inspect, duplicated_definition_2: second_defn.inspect)
+      end
+
+      def referenced?(t)
+        load_all_types
+        res = if @referenced_types[t].any? { |member| (member == true) || @cached_visible[member] }
+          if t.kind.abstract?
+            possible_types(t).any?
+          else
+            true
+          end
+        end
+        res
+      end
+
+      def load_all_types
+        return if @all_types_loaded
+        @all_types_loaded = true
+        schema_types = [
+          query_root,
+          mutation_root,
+          subscription_root,
+          *@schema.introspection_system.types.values,
+        ]
+
+        # Don't include any orphan_types whose interfaces aren't visible.
+        @schema.orphan_types.each do |orphan_type|
+          if @cached_visible[orphan_type] &&
+            orphan_type.interface_type_memberships.any? { |tm| @cached_visible[tm] && @cached_visible[tm.abstract_type] }
+            schema_types << orphan_type
+          end
+        end
+        schema_types.compact! # TODO why is this necessary?!
+        schema_types.flatten! # handle multiple defns
+        schema_types.each { |t| add_type(t, true) }
+
+        while t = @unvisited_types.pop
+          # These have already been checked for `.visible?`
+          visit_type(t)
+        end
+
+        @all_types.delete_if { |type_name, type_defn| !referenced?(type_defn) }
+        nil
+      end
+
+      def visit_type(type)
+        if type.kind.input_object?
+          # recurse into visible arguments
+          arguments(type).each do |argument|
+            add_type(argument.type.unwrap, argument)
+          end
+        elsif type.kind.union?
+          # recurse into visible possible types
+          type.type_memberships.each do |tm|
+            if @cached_visible[tm] && @cached_visible[tm.object_type]
+              add_type(tm.object_type, tm)
+            end
+          end
+        elsif type.kind.fields?
+          if type.kind.object?
+            # recurse into visible implemented interfaces
+            interfaces(type).each do |interface|
+              add_type(interface, type)
+            end
+          end
+
+          # recurse into visible fields
+          t_f = type.all_field_definitions
+          t_f.each do |field|
+            if @cached_visible[field]
+              field_type = field.type.unwrap
+              if field_type.kind.interface?
+                pt = @unfiltered_pt[field_type]
+                pt.each do |obj_type|
+                  if @cached_visible[obj_type] &&
+                      (tm = obj_type.interface_type_memberships.find { |tm| tm.abstract_type == field_type }) &&
+                      @cached_visible[tm]
+                    add_type(obj_type, tm)
+                  end
+                end
+              end
+              add_type(field_type, field)
+
+              # recurse into visible arguments
+              arguments(field).each do |argument|
+                add_type(argument.type.unwrap, argument)
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/graphql/schema/type_expression.rb

@@ -5,13 +5,13 @@ module GraphQL
     module TypeExpression
       # Fetch a type from a type map by its AST specification.
       # Return `nil` if not found.
-      # @param type_owner [#get_type] A thing for looking up types by name
+      # @param type_owner [#type] A thing for looking up types by name
       # @param ast_node [GraphQL::Language::Nodes::AbstractNode]
       # @return [Class, GraphQL::Schema::NonNull, GraphQL::Schema:List]
       def self.build_type(type_owner, ast_node)
         case ast_node
         when GraphQL::Language::Nodes::TypeName
-          type_owner.get_type(ast_node.name) # rubocop:disable Development/ContextIsPassedCop -- this is a `context` or `warden`, it's already query-aware
+          type_owner.type(ast_node.name) # rubocop:disable Development/ContextIsPassedCop -- this is a `context` or `warden`, it's already query-aware
         when GraphQL::Language::Nodes::NonNullType
           ast_inner_type = ast_node.of_type
           inner_type = build_type(type_owner, ast_inner_type)

data/lib/graphql/schema/validator/all_validator.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+module GraphQL
+  class Schema
+    class Validator
+      # Use this to validate each member of an array value.
+      #
+      # @example validate format of all strings in an array
+      #
+      #   argument :handles, [String],
+      #     validates: { all: { format: { with: /\A[a-z0-9_]+\Z/ } } }
+      #
+      # @example multiple validators can be combined
+      #
+      #   argument :handles, [String],
+      #     validates: { all: { format: { with: /\A[a-z0-9_]+\Z/ }, length: { maximum: 32 } } }
+      #
+      # @example any type can be used
+      #
+      #   argument :choices, [Integer],
+      #     validates: { all: { inclusion: { in: 1..12 } } }
+      #
+      class AllValidator < Validator
+        def initialize(validated:, allow_blank: false, allow_null: false, **validators)
+          super(validated: validated, allow_blank: allow_blank, allow_null: allow_null)
+
+          @validators = Validator.from_config(validated, validators)
+        end
+
+        def validate(object, context, value)
+          all_errors = EMPTY_ARRAY
+
+          value.each do |subvalue|
+            @validators.each do |validator|
+              errors = validator.validate(object, context, subvalue)
+              if errors &&
+                  (errors.is_a?(Array) && errors != EMPTY_ARRAY) ||
+                  (errors.is_a?(String))
+                if all_errors.frozen? # It's empty
+                  all_errors = []
+                end
+                if errors.is_a?(String)
+                  all_errors << errors
+                else
+                  all_errors.concat(errors)
+                end
+              end
+            end
+          end
+
+          unless all_errors.frozen?
+            all_errors.uniq!
+          end
+
+          all_errors
+        end
+      end
+    end
+  end
+end

data/lib/graphql/schema/validator.rb

@@ -169,3 +169,5 @@ require "graphql/schema/validator/allow_null_validator"
 GraphQL::Schema::Validator.install(:allow_null, GraphQL::Schema::Validator::AllowNullValidator)
 require "graphql/schema/validator/allow_blank_validator"
 GraphQL::Schema::Validator.install(:allow_blank, GraphQL::Schema::Validator::AllowBlankValidator)
+require "graphql/schema/validator/all_validator"
+GraphQL::Schema::Validator.install(:all, GraphQL::Schema::Validator::AllValidator)

data/lib/graphql/schema/warden.rb

@@ -61,14 +61,27 @@ module GraphQL
           def interface_type_memberships(obj_t, ctx); obj_t.interface_type_memberships; end
           def arguments(owner, ctx); owner.arguments(ctx); end
           def loadable?(type, ctx); type.visible?(ctx); end
+          def schema_subset
+            @schema_subset ||= Warden::SchemaSubset.new(self)
+          end
         end
       end
 
       class NullWarden
         def initialize(_filter = nil, context:, schema:)
           @schema = schema
+          @schema_subset = Warden::SchemaSubset.new(self)
+        end
+
+        # @api private
+        module NullSubset
+          def self.new(query)
+            NullWarden.new(context: query.context, schema: query.schema).schema_subset
+          end
         end
 
+        attr_reader :schema_subset
+
         def visible_field?(field_defn, _ctx = nil, owner = nil); true; end
         def visible_argument?(arg_defn, _ctx = nil); true; end
         def visible_type?(type_defn, _ctx = nil); true; end
@@ -91,6 +104,80 @@ module GraphQL
         def interfaces(obj_type); obj_type.interfaces; end
       end
 
+      def schema_subset
+        @schema_subset ||= SchemaSubset.new(self)
+      end
+
+      class SchemaSubset
+        def initialize(warden)
+          @warden = warden
+        end
+
+        def directives
+          @warden.directives
+        end
+
+        def directive_exists?(dir_name)
+          @warden.directives.any? { |d| d.graphql_name == dir_name }
+        end
+
+        def type(name)
+          @warden.get_type(name)
+        end
+
+        def field(owner, field_name)
+          @warden.get_field(owner, field_name)
+        end
+
+        def argument(owner, arg_name)
+          @warden.get_argument(owner, arg_name)
+        end
+
+        def query_root
+          @warden.root_type_for_operation("query")
+        end
+
+        def mutation_root
+          @warden.root_type_for_operation("mutation")
+        end
+
+        def subscription_root
+          @warden.root_type_for_operation("subscription")
+        end
+
+        def arguments(owner)
+          @warden.arguments(owner)
+        end
+
+        def fields(owner)
+          @warden.fields(owner)
+        end
+
+        def possible_types(type)
+          @warden.possible_types(type)
+        end
+
+        def enum_values(enum_type)
+          @warden.enum_values(enum_type)
+        end
+
+        def all_types
+          @warden.reachable_types
+        end
+
+        def interfaces(obj_type)
+          @warden.interfaces(obj_type)
+        end
+
+        def loadable?(t, ctx) # TODO remove ctx here?
+          @warden.loadable?(t, ctx)
+        end
+
+        def reachable_type?(type_name)
+          @warden.reachable_type?(type_name)
+        end
+      end
+
       # @param context [GraphQL::Query::Context]
       # @param schema [GraphQL::Schema]
       def initialize(context:, schema:)
@@ -107,7 +194,7 @@ module GraphQL
           @visible_possible_types = @visible_fields = @visible_arguments = @visible_enum_arrays =
           @visible_enum_values = @visible_interfaces = @type_visibility = @type_memberships =
           @visible_and_reachable_type = @unions = @unfiltered_interfaces =
-          @reachable_type_set =
+          @reachable_type_set = @schema_subset =
             nil
       end
 

data/lib/graphql/schema.rb

@@ -5,7 +5,6 @@ require "graphql/schema/always_visible"
 require "graphql/schema/base_64_encoder"
 require "graphql/schema/find_inherited_value"
 require "graphql/schema/finder"
-require "graphql/schema/invalid_type_error"
 require "graphql/schema/introspection_system"
 require "graphql/schema/late_bound_type"
 require "graphql/schema/null_mask"
@@ -46,6 +45,7 @@ require "graphql/schema/mutation"
 require "graphql/schema/has_single_input_argument"
 require "graphql/schema/relay_classic_mutation"
 require "graphql/schema/subscription"
+require "graphql/schema/subset"
 
 module GraphQL
   # A GraphQL schema which may be queried with {GraphQL::Query}.
@@ -370,20 +370,24 @@ module GraphQL
         when nil
           nil
         when Array
-          visible_t = nil
-          warden = Warden.from_context(context)
-          local_entry.each do |t|
-            if warden.visible_type?(t, context)
-              if visible_t.nil?
-                visible_t = t
-              else
-                raise DuplicateNamesError.new(
-                  duplicated_name: type_name, duplicated_definition_1: visible_t.inspect, duplicated_definition_2: t.inspect
-                )
+          if context.respond_to?(:types) && context.types.is_a?(GraphQL::Schema::Subset)
+            local_entry
+          else
+            visible_t = nil
+            warden = Warden.from_context(context)
+            local_entry.each do |t|
+              if warden.visible_type?(t, context)
+                if visible_t.nil?
+                  visible_t = t
+                else
+                  raise DuplicateNamesError.new(
+                    duplicated_name: type_name, duplicated_definition_1: visible_t.inspect, duplicated_definition_2: t.inspect
+                  )
+                end
               end
             end
+            visible_t
           end
-          visible_t
         when Module
           local_entry
         else
@@ -497,6 +501,28 @@ module GraphQL
 
       attr_writer :warden_class
 
+      def subset_class
+        if defined?(@subset_class)
+          @subset_class
+        elsif superclass.respond_to?(:subset_class)
+          superclass.subset_class
+        else
+          GraphQL::Schema::Subset
+        end
+      end
+
+      attr_writer :subset_class, :use_schema_subset
+
+      def use_schema_subset?
+        if defined?(@use_schema_subset)
+          @use_schema_subset
+        elsif superclass.respond_to?(:use_schema_subset?)
+          superclass.use_schema_subset?
+        else
+          false
+        end
+      end
+
       # @param type [Module] The type definition whose possible types you want to see
       # @return [Hash<String, Module>] All possible types, if no `type` is given.
       # @return [Array<Module>] Possible types for `type`, if it's given.
@@ -573,9 +599,8 @@ module GraphQL
         end
       end
 
-      def type_from_ast(ast_node, context: nil)
-        type_owner = context ? context.warden : self
-        GraphQL::Schema::TypeExpression.build_type(type_owner, ast_node)
+      def type_from_ast(ast_node, context: self.query_class.new(self, "{ __typename }").context)
+        GraphQL::Schema::TypeExpression.build_type(context.query.types, ast_node)
       end
 
       def get_field(type_or_name, field_name, context = GraphQL::Query::NullContext.instance)
@@ -1053,6 +1078,10 @@ module GraphQL
         Member::HasDirectives.get_directives(self, @own_schema_directives, :schema_directives)
       end
 
+      # Called when a type is needed by name at runtime
+      def load_type(type_name, ctx)
+        get_type(type_name, ctx)
+      end
       # This hook is called when an object fails an `authorized?` check.
       # You might report to your bug tracker here, so you can correct
       # the field resolvers not to return unauthorized objects.