graphql 1.12.18 → 1.12.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of graphql might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/lib/graphql/integer_encoding_error.rb +18 -2
- data/lib/graphql/query/validation_pipeline.rb +1 -1
- data/lib/graphql/schema/member/has_arguments.rb +7 -1
- data/lib/graphql/schema/resolver.rb +10 -0
- data/lib/graphql/schema/validator/allow_blank_validator.rb +29 -0
- data/lib/graphql/schema/validator/allow_null_validator.rb +26 -0
- data/lib/graphql/schema/validator/exclusion_validator.rb +3 -1
- data/lib/graphql/schema/validator/format_validator.rb +2 -1
- data/lib/graphql/schema/validator/inclusion_validator.rb +3 -1
- data/lib/graphql/schema/validator/length_validator.rb +5 -3
- data/lib/graphql/schema/validator/numericality_validator.rb +7 -1
- data/lib/graphql/schema/validator.rb +36 -25
- data/lib/graphql/string_encoding_error.rb +13 -3
- data/lib/graphql/types/int.rb +1 -1
- data/lib/graphql/types/string.rb +1 -1
- data/lib/graphql/unauthorized_error.rb +1 -1
- data/lib/graphql/version.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 92aba0a1935a0022b97ea1630cde64884a727ce714fae6a2bca543666c73bde0
|
|
4
|
+
data.tar.gz: 5db896ad77a52ec4a025f526bab4f3c4b3d18206e009c2d8c3e14dd434f12ae6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2985936af9bba4d0feec8263dd4a6c60c09110e39aba1a97359e4d02900732f02900e30d798074932bb6fe2a5ed0e00441be859bb3035ab0c819ccec3c9a0f66
|
|
7
|
+
data.tar.gz: e8e961e540b54a5c54d6d78c444eef422bd55264ee8ffc9c3a231f2614c570ee75de5c2888f3b13974304c48f60072e04bb0d0444ea6e1a13f4a37652dbd2f0b
|
|
@@ -12,9 +12,25 @@ module GraphQL
|
|
|
12
12
|
# The value which couldn't be encoded
|
|
13
13
|
attr_reader :integer_value
|
|
14
14
|
|
|
15
|
-
|
|
15
|
+
# @return [GraphQL::Schema::Field] The field that returned a too-big integer
|
|
16
|
+
attr_reader :field
|
|
17
|
+
|
|
18
|
+
# @return [Array<String, Integer>] Where the field appeared in the GraphQL response
|
|
19
|
+
attr_reader :path
|
|
20
|
+
|
|
21
|
+
def initialize(value, context:)
|
|
16
22
|
@integer_value = value
|
|
17
|
-
|
|
23
|
+
@field = context[:current_field]
|
|
24
|
+
@path = context[:current_path]
|
|
25
|
+
message = "Integer out of bounds: #{value}".dup
|
|
26
|
+
if @path
|
|
27
|
+
message << " @ #{@path.join(".")}"
|
|
28
|
+
end
|
|
29
|
+
if @field
|
|
30
|
+
message << " (#{@field.path})"
|
|
31
|
+
end
|
|
32
|
+
message << ". Consider using ID or GraphQL::Types::BigInt instead."
|
|
33
|
+
super(message)
|
|
18
34
|
end
|
|
19
35
|
end
|
|
20
36
|
end
|
|
@@ -72,7 +72,7 @@ module GraphQL
|
|
|
72
72
|
elsif @operation_name_error
|
|
73
73
|
@validation_errors << @operation_name_error
|
|
74
74
|
else
|
|
75
|
-
validation_result = @schema.static_validator.validate(@query, validate: @validate, timeout: @schema.validate_timeout)
|
|
75
|
+
validation_result = @schema.static_validator.validate(@query, validate: @validate, timeout: @schema.validate_timeout, max_errors: @schema.validate_max_errors)
|
|
76
76
|
@validation_errors.concat(validation_result[:errors])
|
|
77
77
|
@internal_representation = validation_result[:irep]
|
|
78
78
|
|
|
@@ -254,11 +254,17 @@ module GraphQL
|
|
|
254
254
|
if authed
|
|
255
255
|
application_object
|
|
256
256
|
else
|
|
257
|
-
|
|
257
|
+
err = GraphQL::UnauthorizedError.new(
|
|
258
258
|
object: application_object,
|
|
259
259
|
type: class_based_type,
|
|
260
260
|
context: context,
|
|
261
261
|
)
|
|
262
|
+
if self.respond_to?(:unauthorized_object)
|
|
263
|
+
err.set_backtrace(caller)
|
|
264
|
+
unauthorized_object(err)
|
|
265
|
+
else
|
|
266
|
+
raise err
|
|
267
|
+
end
|
|
262
268
|
end
|
|
263
269
|
end
|
|
264
270
|
else
|
|
@@ -160,6 +160,16 @@ module GraphQL
|
|
|
160
160
|
end
|
|
161
161
|
end
|
|
162
162
|
|
|
163
|
+
# Called when an object loaded by `loads:` fails the `.authorized?` check for its resolved GraphQL object type.
|
|
164
|
+
#
|
|
165
|
+
# By default, the error is re-raised and passed along to {{Schema.unauthorized_object}}.
|
|
166
|
+
#
|
|
167
|
+
# Any value returned here will be used _instead of_ of the loaded object.
|
|
168
|
+
# @param err [GraphQL::UnauthorizedError]
|
|
169
|
+
def unauthorized_object(err)
|
|
170
|
+
raise err
|
|
171
|
+
end
|
|
172
|
+
|
|
163
173
|
private
|
|
164
174
|
|
|
165
175
|
def load_arguments(args)
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module GraphQL
|
|
4
|
+
class Schema
|
|
5
|
+
class Validator
|
|
6
|
+
# Use this to specifically reject values that respond to `.blank?` and respond truthy for that method.
|
|
7
|
+
#
|
|
8
|
+
# @example Require a non-empty string for an argument
|
|
9
|
+
# argument :name, String, required: true, validate: { allow_blank: false }
|
|
10
|
+
class AllowBlankValidator < Validator
|
|
11
|
+
def initialize(allow_blank_positional, allow_blank: nil, message: "%{validated} can't be blank", **default_options)
|
|
12
|
+
@message = message
|
|
13
|
+
super(**default_options)
|
|
14
|
+
@allow_blank = allow_blank.nil? ? allow_blank_positional : allow_blank
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
def validate(_object, _context, value)
|
|
18
|
+
if value.respond_to?(:blank?) && value.blank?
|
|
19
|
+
if (value.nil? && @allow_null) || @allow_blank
|
|
20
|
+
# pass
|
|
21
|
+
else
|
|
22
|
+
@message
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module GraphQL
|
|
4
|
+
class Schema
|
|
5
|
+
class Validator
|
|
6
|
+
# Use this to specifically reject or permit `nil` values (given as `null` from GraphQL).
|
|
7
|
+
#
|
|
8
|
+
# @example require a non-null value for an argument if it is provided
|
|
9
|
+
# argument :name, String, required: false, validates: { allow_null: false }
|
|
10
|
+
class AllowNullValidator < Validator
|
|
11
|
+
MESSAGE = "%{validated} can't be null"
|
|
12
|
+
def initialize(allow_null_positional, allow_null: nil, message: MESSAGE, **default_options)
|
|
13
|
+
@message = message
|
|
14
|
+
super(**default_options)
|
|
15
|
+
@allow_null = allow_null.nil? ? allow_null_positional : allow_null
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def validate(_object, _context, value)
|
|
19
|
+
if value.nil? && !@allow_null
|
|
20
|
+
@message
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
|
@@ -38,7 +38,8 @@ module GraphQL
|
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
def validate(_object, _context, value)
|
|
41
|
-
if
|
|
41
|
+
if value.nil? ||
|
|
42
|
+
(@with_pattern && !value.match?(@with_pattern)) ||
|
|
42
43
|
(@without_pattern && value.match?(@without_pattern))
|
|
43
44
|
@message
|
|
44
45
|
end
|
|
@@ -43,11 +43,13 @@ module GraphQL
|
|
|
43
43
|
end
|
|
44
44
|
|
|
45
45
|
def validate(_object, _context, value)
|
|
46
|
-
if
|
|
46
|
+
return if permitted_empty_value?(value) # pass in this case
|
|
47
|
+
length = value.nil? ? 0 : value.length
|
|
48
|
+
if @maximum && length > @maximum
|
|
47
49
|
partial_format(@too_long, { count: @maximum })
|
|
48
|
-
elsif @minimum &&
|
|
50
|
+
elsif @minimum && length < @minimum
|
|
49
51
|
partial_format(@too_short, { count: @minimum })
|
|
50
|
-
elsif @is &&
|
|
52
|
+
elsif @is && length != @is
|
|
51
53
|
partial_format(@wrong_length, { count: @is })
|
|
52
54
|
end
|
|
53
55
|
end
|
|
@@ -32,6 +32,7 @@ module GraphQL
|
|
|
32
32
|
equal_to: nil, other_than: nil,
|
|
33
33
|
odd: nil, even: nil, within: nil,
|
|
34
34
|
message: "%{validated} must be %{comparison} %{target}",
|
|
35
|
+
null_message: Validator::AllowNullValidator::MESSAGE,
|
|
35
36
|
**default_options
|
|
36
37
|
)
|
|
37
38
|
|
|
@@ -45,11 +46,16 @@ module GraphQL
|
|
|
45
46
|
@even = even
|
|
46
47
|
@within = within
|
|
47
48
|
@message = message
|
|
49
|
+
@null_message = null_message
|
|
48
50
|
super(**default_options)
|
|
49
51
|
end
|
|
50
52
|
|
|
51
53
|
def validate(object, context, value)
|
|
52
|
-
if
|
|
54
|
+
if permitted_empty_value?(value)
|
|
55
|
+
# pass in this case
|
|
56
|
+
elsif value.nil? # @allow_null is handled in the parent class
|
|
57
|
+
@null_message
|
|
58
|
+
elsif @greater_than && value <= @greater_than
|
|
53
59
|
partial_format(@message, { comparison: "greater than", target: @greater_than })
|
|
54
60
|
elsif @greater_than_or_equal_to && value < @greater_than_or_equal_to
|
|
55
61
|
partial_format(@message, { comparison: "greater than or equal to", target: @greater_than_or_equal_to })
|
|
@@ -7,7 +7,6 @@ module GraphQL
|
|
|
7
7
|
# @return [GraphQL::Schema::Argument, GraphQL::Schema::Field, GraphQL::Schema::Resolver, Class<GraphQL::Schema::InputObject>]
|
|
8
8
|
attr_reader :validated
|
|
9
9
|
|
|
10
|
-
# TODO should this implement `if:` and `unless:` ?
|
|
11
10
|
# @param validated [GraphQL::Schema::Argument, GraphQL::Schema::Field, GraphQL::Schema::Resolver, Class<GraphQL::Schema::InputObject>] The argument or argument owner this validator is attached to
|
|
12
11
|
# @param allow_blank [Boolean] if `true`, then objects that respond to `.blank?` and return true for `.blank?` will skip this validation
|
|
13
12
|
# @param allow_null [Boolean] if `true`, then incoming `null`s will skip this validation
|
|
@@ -25,26 +24,6 @@ module GraphQL
|
|
|
25
24
|
raise GraphQL::RequiredImplementationMissingError, "Validator classes should implement #validate"
|
|
26
25
|
end
|
|
27
26
|
|
|
28
|
-
# This is called by the validation system and eventually calls {#validate}.
|
|
29
|
-
# @api private
|
|
30
|
-
def apply(object, context, value)
|
|
31
|
-
if value.nil?
|
|
32
|
-
if @allow_null
|
|
33
|
-
nil # skip this
|
|
34
|
-
else
|
|
35
|
-
"%{validated} can't be null"
|
|
36
|
-
end
|
|
37
|
-
elsif value.respond_to?(:blank?) && value.blank?
|
|
38
|
-
if @allow_blank
|
|
39
|
-
nil # skip this
|
|
40
|
-
else
|
|
41
|
-
"%{validated} can't be blank"
|
|
42
|
-
end
|
|
43
|
-
else
|
|
44
|
-
validate(object, context, value)
|
|
45
|
-
end
|
|
46
|
-
end
|
|
47
|
-
|
|
48
27
|
# This is like `String#%`, but it supports the case that only some of `string`'s
|
|
49
28
|
# values are present in `substitutions`
|
|
50
29
|
def partial_format(string, substitutions)
|
|
@@ -55,6 +34,12 @@ module GraphQL
|
|
|
55
34
|
string
|
|
56
35
|
end
|
|
57
36
|
|
|
37
|
+
# @return [Boolean] `true` if `value` is `nil` and this validator has `allow_null: true` or if value is `.blank?` and this validator has `allow_blank: true`
|
|
38
|
+
def permitted_empty_value?(value)
|
|
39
|
+
(value.nil? && @allow_null) ||
|
|
40
|
+
(@allow_blank && value.respond_to?(:blank?) && value.blank?)
|
|
41
|
+
end
|
|
42
|
+
|
|
58
43
|
# @param schema_member [GraphQL::Schema::Field, GraphQL::Schema::Argument, Class<GraphQL::Schema::InputObject>]
|
|
59
44
|
# @param validates_hash [Hash{Symbol => Hash}, Hash{Class => Hash} nil] A configuration passed as `validates:`
|
|
60
45
|
# @return [Array<Validator>]
|
|
@@ -62,6 +47,24 @@ module GraphQL
|
|
|
62
47
|
if validates_hash.nil? || validates_hash.empty?
|
|
63
48
|
EMPTY_ARRAY
|
|
64
49
|
else
|
|
50
|
+
validates_hash = validates_hash.dup
|
|
51
|
+
allow_null = validates_hash.delete(:allow_null)
|
|
52
|
+
allow_blank = validates_hash.delete(:allow_blank)
|
|
53
|
+
|
|
54
|
+
# This could be {...}.compact on Ruby 2.4+
|
|
55
|
+
default_options = {}
|
|
56
|
+
if !allow_null.nil?
|
|
57
|
+
default_options[:allow_null] = allow_null
|
|
58
|
+
end
|
|
59
|
+
if !allow_blank.nil?
|
|
60
|
+
default_options[:allow_blank] = allow_blank
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
# allow_nil or allow_blank are the _only_ validations:
|
|
64
|
+
if validates_hash.empty?
|
|
65
|
+
validates_hash = default_options
|
|
66
|
+
end
|
|
67
|
+
|
|
65
68
|
validates_hash.map do |validator_name, options|
|
|
66
69
|
validator_class = case validator_name
|
|
67
70
|
when Class
|
|
@@ -69,7 +72,11 @@ module GraphQL
|
|
|
69
72
|
else
|
|
70
73
|
all_validators[validator_name] || raise(ArgumentError, "unknown validation: #{validator_name.inspect}")
|
|
71
74
|
end
|
|
72
|
-
|
|
75
|
+
if options.is_a?(Hash)
|
|
76
|
+
validator_class.new(validated: schema_member, **(default_options.merge(options)))
|
|
77
|
+
else
|
|
78
|
+
validator_class.new(options, validated: schema_member, **default_options)
|
|
79
|
+
end
|
|
73
80
|
end
|
|
74
81
|
end
|
|
75
82
|
end
|
|
@@ -122,10 +129,10 @@ module GraphQL
|
|
|
122
129
|
|
|
123
130
|
validators.each do |validator|
|
|
124
131
|
validated = as || validator.validated
|
|
125
|
-
errors = validator.
|
|
132
|
+
errors = validator.validate(object, context, value)
|
|
126
133
|
if errors &&
|
|
127
|
-
|
|
128
|
-
|
|
134
|
+
(errors.is_a?(Array) && errors != EMPTY_ARRAY) ||
|
|
135
|
+
(errors.is_a?(String))
|
|
129
136
|
if all_errors.frozen? # It's empty
|
|
130
137
|
all_errors = []
|
|
131
138
|
end
|
|
@@ -161,3 +168,7 @@ require "graphql/schema/validator/exclusion_validator"
|
|
|
161
168
|
GraphQL::Schema::Validator.install(:exclusion, GraphQL::Schema::Validator::ExclusionValidator)
|
|
162
169
|
require "graphql/schema/validator/required_validator"
|
|
163
170
|
GraphQL::Schema::Validator.install(:required, GraphQL::Schema::Validator::RequiredValidator)
|
|
171
|
+
require "graphql/schema/validator/allow_null_validator"
|
|
172
|
+
GraphQL::Schema::Validator.install(:allow_null, GraphQL::Schema::Validator::AllowNullValidator)
|
|
173
|
+
require "graphql/schema/validator/allow_blank_validator"
|
|
174
|
+
GraphQL::Schema::Validator.install(:allow_blank, GraphQL::Schema::Validator::AllowBlankValidator)
|
|
@@ -1,10 +1,20 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
module GraphQL
|
|
3
3
|
class StringEncodingError < GraphQL::RuntimeTypeError
|
|
4
|
-
attr_reader :string
|
|
5
|
-
def initialize(str)
|
|
4
|
+
attr_reader :string, :field, :path
|
|
5
|
+
def initialize(str, context:)
|
|
6
6
|
@string = str
|
|
7
|
-
|
|
7
|
+
@field = context[:current_field]
|
|
8
|
+
@path = context[:current_path]
|
|
9
|
+
message = "String #{str.inspect} was encoded as #{str.encoding}".dup
|
|
10
|
+
if @path
|
|
11
|
+
message << " @ #{@path.join(".")}"
|
|
12
|
+
end
|
|
13
|
+
if @field
|
|
14
|
+
message << " (#{@field.path})"
|
|
15
|
+
end
|
|
16
|
+
message << ". GraphQL requires an encoding compatible with UTF-8."
|
|
17
|
+
super(message)
|
|
8
18
|
end
|
|
9
19
|
end
|
|
10
20
|
end
|
data/lib/graphql/types/int.rb
CHANGED
data/lib/graphql/types/string.rb
CHANGED
|
@@ -12,7 +12,7 @@ module GraphQL
|
|
|
12
12
|
attr_reader :type
|
|
13
13
|
|
|
14
14
|
# @return [GraphQL::Query::Context] the context for the current query
|
|
15
|
-
|
|
15
|
+
attr_accessor :context
|
|
16
16
|
|
|
17
17
|
def initialize(message = nil, object: nil, type: nil, context: nil)
|
|
18
18
|
if message.nil? && object.nil? && type.nil?
|
data/lib/graphql/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: graphql
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.12.
|
|
4
|
+
version: 1.12.19
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Robert Mosolgo
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-11-
|
|
11
|
+
date: 2021-11-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: benchmark-ips
|
|
@@ -544,6 +544,8 @@ files:
|
|
|
544
544
|
- lib/graphql/schema/unique_within_type.rb
|
|
545
545
|
- lib/graphql/schema/validation.rb
|
|
546
546
|
- lib/graphql/schema/validator.rb
|
|
547
|
+
- lib/graphql/schema/validator/allow_blank_validator.rb
|
|
548
|
+
- lib/graphql/schema/validator/allow_null_validator.rb
|
|
547
549
|
- lib/graphql/schema/validator/exclusion_validator.rb
|
|
548
550
|
- lib/graphql/schema/validator/format_validator.rb
|
|
549
551
|
- lib/graphql/schema/validator/inclusion_validator.rb
|