graphql 1.13.15 → 1.13.16

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cc7b2a76a8b1650e6669a7f266ff580a3cb78f214307f26527197944441516c9
-  data.tar.gz: 9d12f456ee5699eaccc7956ee942ca8165fcca61437b5f9f841abd70b245c52b
+  metadata.gz: c562e63d8324130b431892094e4a85a45f62187ae41a08fa095f854283950c28
+  data.tar.gz: c38c9220f5878fe45738d0e0d9c23062c1d7c9a1b744c58d7b5b169819adabed
 SHA512:
-  metadata.gz: 00b5e6d26cdb8f62002e66aef32e8b905091f6fdb9f8066cc4537a4747478764bc919b172dd0085e9ab076c7e796158c24de0d2d2483b22dc494d7b96e4f309c
-  data.tar.gz: 1dd5c023bccaa8b9f6de3ca6cf9a7153c937ca74fb47c31fd29da9d5dce9942fd779bdd38d5526ef7f107c5bd91eabdaa2c8b74df75c1b57836f3068a085526e
+  metadata.gz: 2597fa87c4b752878e60b6d4c809385a67e3d4192fac54fc23a97e92ba1b580531364270409f3aefb048f26fd79a764cf4c54278f85f85cb5b76b363072926f1
+  data.tar.gz: f40d8e5aefbdc97884e0e104bbb52bb599e3aa9f690e540b0d99f00d4dc70ed07b56b08c6a1a4ed06e0b275c1b1589242413b131f80185e908d9bddd94b3106c

data/lib/graphql/query/input_validation_result.rb

@@ -4,6 +4,12 @@ module GraphQL
     class InputValidationResult
       attr_accessor :problems
 
+      def self.from_problem(explanation, path = nil, extensions: nil, message: nil)
+        result = self.new
+        result.add_problem(explanation, path, extensions: extensions, message: message)
+        result
+      end
+
       def initialize(valid: true, problems: nil)
         @valid = valid
         @problems = problems
@@ -38,6 +44,9 @@ module GraphQL
         # It could have been explicitly set on inner_result (if it had no problems)
         @valid = false
       end
+
+      VALID = self.new
+      VALID.freeze
     end
   end
 end

data/lib/graphql/query/variable_validation_error.rb

@@ -4,11 +4,11 @@ module GraphQL
     class VariableValidationError < GraphQL::ExecutionError
       attr_accessor :value, :validation_result
 
-      def initialize(variable_ast, type, value, validation_result)
+      def initialize(variable_ast, type, value, validation_result, msg: nil)
         @value = value
         @validation_result = validation_result
 
-        msg = "Variable $#{variable_ast.name} of type #{type.to_type_signature} was provided invalid value"
+        msg ||= "Variable $#{variable_ast.name} of type #{type.to_type_signature} was provided invalid value"
 
         if problem_fields.any?
           msg += " for #{problem_fields.join(", ")}"

data/lib/graphql/query/variables.rb

@@ -17,6 +17,10 @@ module GraphQL
         @provided_variables = GraphQL::Argument.deep_stringify(provided_variables)
         @errors = []
         @storage = ast_variables.each_with_object({}) do |ast_variable, memo|
+          if schema.validate_max_errors && schema.validate_max_errors <= @errors.count
+            add_max_errors_reached_message
+            break
+          end
           # Find the right value for this variable:
           # - First, use the value provided at runtime
           # - Then, fall back to the default value from the query string
@@ -29,8 +33,9 @@ module GraphQL
             default_value = ast_variable.default_value
             provided_value = @provided_variables[variable_name]
             value_was_provided =  @provided_variables.key?(variable_name)
+            max_errors = schema.validate_max_errors - @errors.count if schema.validate_max_errors
             begin
-              validation_result = variable_type.validate_input(provided_value, ctx)
+              validation_result = variable_type.validate_input(provided_value, ctx, max_errors: max_errors)
               if validation_result.valid?
                 if value_was_provided
                   # Add the variable if a value was provided
@@ -61,8 +66,7 @@ module GraphQL
               # like InputValidationResults generated by validate_non_null_input but unfortunately we don't
               # have this information available in the coerce_input call chain. Note this path is the path
               # that appears under errors.extensions.problems.path and NOT the result path under errors.path.
-              validation_result = GraphQL::Query::InputValidationResult.new
-              validation_result.add_problem(ex.message)
+              validation_result = GraphQL::Query::InputValidationResult.from_problem(ex.message)
             end
 
             if !validation_result.valid?
@@ -73,6 +77,29 @@ module GraphQL
       end
 
       def_delegators :@storage, :length, :key?, :[], :fetch, :to_h
+
+      private
+
+      def deep_stringify(val)
+        case val
+        when Array
+          val.map { |v| deep_stringify(v) }
+        when Hash
+          new_val = {}
+          val.each do |k, v|
+            new_val[k.to_s] = deep_stringify(v)
+          end
+          new_val
+        else
+          val
+        end
+      end
+
+      def add_max_errors_reached_message
+        message = "Too many errors processing variables, max validation error limit reached. Execution aborted"
+        validation_result = GraphQL::Query::InputValidationResult.from_problem(message)
+        errors << GraphQL::Query::VariableValidationError.new(nil, nil, nil, validation_result, msg: message)
+      end
     end
   end
 end

data/lib/graphql/schema/enum.rb

@@ -139,9 +139,8 @@ module GraphQL
           GraphQL::TypeKinds::ENUM
         end
 
-        def validate_non_null_input(value_name, ctx)
+        def validate_non_null_input(value_name, ctx, max_errors: nil)
           result = GraphQL::Query::InputValidationResult.new
-
           allowed_values = ctx.warden.enum_values(self)
           matching_value = allowed_values.find { |v| v.graphql_name == value_name }
 

data/lib/graphql/schema/input_object.rb

@@ -173,9 +173,8 @@ module GraphQL
         # @api private
         INVALID_OBJECT_MESSAGE = "Expected %{object} to be a key-value object responding to `to_h` or `to_unsafe_h`."
 
-        def validate_non_null_input(input, ctx)
+        def validate_non_null_input(input, ctx, max_errors: nil)
           result = GraphQL::Query::InputValidationResult.new
-
           warden = ctx.warden
 
           if input.is_a?(Array)

data/lib/graphql/schema/list.rb

@@ -51,15 +51,24 @@ module GraphQL
         end
       end
 
-      def validate_non_null_input(value, ctx)
+      def validate_non_null_input(value, ctx, max_errors: nil)
         result = GraphQL::Query::InputValidationResult.new
         ensure_array(value).each_with_index do |item, index|
           item_result = of_type.validate_input(item, ctx)
-          if !item_result.valid?
+          unless item_result.valid?
+            if max_errors
+              if max_errors == 0
+                add_max_errros_reached_message(result)
+                break
+              end
+
+              max_errors -= 1
+            end
+
             result.merge_result!(index, item_result)
           end
         end
-        result
+        result.valid? ? nil : result
       end
 
       private
@@ -72,6 +81,12 @@ module GraphQL
           [value]
         end
       end
+
+      def add_max_errros_reached_message(result)
+        message = "Too many errors processing list variable, max validation error limit reached. Execution aborted"
+        item_result = GraphQL::Query::InputValidationResult.from_problem(message)
+        result.merge_result!(nil, item_result)
+      end
     end
   end
 end

data/lib/graphql/schema/member/validates_input.rb

@@ -8,11 +8,11 @@ module GraphQL
           validate_input(val, ctx).valid?
         end
 
-        def validate_input(val, ctx)
+        def validate_input(val, ctx, max_errors: nil)
           if val.nil?
             GraphQL::Query::InputValidationResult.new
           else
-            validate_non_null_input(val, ctx)
+            validate_non_null_input(val, ctx, max_errors: max_errors) || Query::InputValidationResult::VALID
           end
         end
 

data/lib/graphql/schema/non_null.rb

@@ -37,13 +37,13 @@ module GraphQL
         "#<#{self.class.name} @of_type=#{@of_type.inspect}>"
       end
 
-      def validate_input(value, ctx)
+      def validate_input(value, ctx, max_errors: nil)
         if value.nil?
           result = GraphQL::Query::InputValidationResult.new
           result.add_problem("Expected value to not be null")
           result
         else
-          of_type.validate_input(value, ctx)
+          of_type.validate_input(value, ctx, max_errors: max_errors)
         end
       end
 

data/lib/graphql/schema/scalar.rb

@@ -55,7 +55,7 @@ module GraphQL
           @default_scalar ||= false
         end
 
-        def validate_non_null_input(value, ctx)
+        def validate_non_null_input(value, ctx, max_errors: nil)
           result = Query::InputValidationResult.new
           coerced_result = begin
             ctx.query.with_error_handling do

data/lib/graphql/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module GraphQL
-  VERSION = "1.13.15"
+  VERSION = "1.13.16"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: graphql
 version: !ruby/object:Gem::Version
-  version: 1.13.15
+  version: 1.13.16
 platform: ruby
 authors:
 - Robert Mosolgo
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-06-30 00:00:00.000000000 Z
+date: 2022-08-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: benchmark-ips