Validate the subscription root
Some checks failed
Build / doc (push) Waiting to run
Build / audit (push) Successful in 24s
Build / test (push) Has been cancelled

…not to be an introspection field.
This commit is contained in:
Eugen Wissner 2024-12-01 21:47:29 +01:00
parent 2dcefff76a
commit e33d2d32ba
Signed by: belka
GPG Key ID: A27FDC1E8EE902C0
2 changed files with 24 additions and 21 deletions

View File

@ -137,25 +137,28 @@ singleFieldSubscriptionsRule :: forall m. Rule m
singleFieldSubscriptionsRule = OperationDefinitionRule $ \case
Full.OperationDefinition Full.Subscription name' _ _ rootFields location' -> do
groupedFieldSet <- evalStateT (collectFields rootFields) HashSet.empty
case HashSet.size groupedFieldSet of
1 -> lift mempty
_
| Just name <- name' -> pure $ Error
case HashSet.toList groupedFieldSet of
[rootName]
| Text.isPrefixOf "__" rootName -> makeError location' name'
"exactly one top level field, which must not be an introspection field."
| otherwise -> lift mempty
[] -> makeError location' name' "exactly one top level field."
_ -> makeError location' name' "only one top level field."
_ -> lift mempty
where
makeError location' (Just operationName) errorLine = pure $ Error
{ message = concat
[ "Subscription \""
, Text.unpack name
, "\" must select only one top level field."
, Text.unpack operationName
, "\" must select "
, errorLine
]
, locations = [location']
}
| otherwise -> pure $ Error
{ message = errorMessage
makeError location' Nothing errorLine = pure $ Error
{ message = "Anonymous Subscription must select " <> errorLine
, locations = [location']
}
_ -> lift mempty
where
errorMessage =
"Anonymous Subscription must select only one top level field."
collectFields = foldM forEach HashSet.empty
forEach accumulator = \case
Full.FieldSelection fieldSelection -> forField accumulator fieldSelection

View File

@ -18,7 +18,7 @@ import qualified Language.GraphQL.AST.DirectiveLocation as DirectiveLocation
import qualified Language.GraphQL.Type.In as In
import qualified Language.GraphQL.Type.Out as Out
import Language.GraphQL.Validate
import Test.Hspec (Spec, context, describe, it, shouldBe, shouldContain, xit)
import Test.Hspec (Spec, context, describe, it, shouldBe, shouldContain)
import Text.Megaparsec (parse, errorBundlePretty)
petSchema :: Schema IO
@ -206,14 +206,14 @@ spec =
}
in validate queryString `shouldContain` [expected]
xit "rejects an introspection field as the subscription root" $
it "rejects an introspection field as the subscription root" $
let queryString = "subscription sub {\n\
\ __typename\n\
\}"
expected = Error
{ message =
"Subscription \"sub\" must select only one top \
\level field."
"Subscription \"sub\" must select exactly one top \
\level field, which must not be an introspection field."
, locations = [AST.Location 1 1]
}
in validate queryString `shouldContain` [expected]