RetailCRM-Mirror/graphql-php
1
0
Fork 0
mirror of https://github.com/retailcrm/graphql-php.git synced 2024-11-25 14:26:08 +03:00
Code Issues Projects Releases Wiki Activity

Fix CS in Validator folder

Browse Source
This commit is contained in:
Simon Podlipsky 2018-08-07 00:35:37 +02:00
parent 49ec89b28f
commit 4c327a6c16
No known key found for this signature in database
GPG Key ID: 725C2BD962B42663
47 changed files with 2129 additions and 1710 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -1,6 +1,8 @@
# Changelog # Changelog
## dev-master ## dev-master
- Spec compliance: error extensions are displayed under `extensions` key - Spec compliance: error extensions are displayed under `extensions` key
- `AbstractValidationRule` renamed to `ValidationRule` (NS `GraphQL\Validator\Rules`)
- `AbstractQuerySecurity` renamed to `QuerySecurityRule` (NS `GraphQL\Validator\Rules`)
#### v0.12.5 #### v0.12.5
- Execution performance optimization for lists - Execution performance optimization for lists

14
docs/reference.md
View File

@ -119,7 +119,7 @@ static function getStandardTypes()
* Returns standard validation rules implementing GraphQL spec * Returns standard validation rules implementing GraphQL spec
* *
* @api * @api
* @return AbstractValidationRule[] * @return ValidationRule[]
*/ */
static function getStandardValidationRules() static function getStandardValidationRules()
``` ```
@ -1241,7 +1241,7 @@ an empty array if no errors were encountered and the document is valid.
A list of specific validation rules may be provided. If not provided, the A list of specific validation rules may be provided. If not provided, the
default list of rules defined by the GraphQL specification will be used. default list of rules defined by the GraphQL specification will be used.
Each validation rule is an instance of GraphQL\Validator\Rules\AbstractValidationRule Each validation rule is an instance of GraphQL\Validator\Rules\ValidationRule
which returns a visitor (see the [GraphQL\Language\Visitor API](reference.md#graphqllanguagevisitor)). which returns a visitor (see the [GraphQL\Language\Visitor API](reference.md#graphqllanguagevisitor)).
Visitor methods are expected to return an instance of [GraphQL\Error\Error](reference.md#graphqlerrorerror), Visitor methods are expected to return an instance of [GraphQL\Error\Error](reference.md#graphqlerrorerror),
@ -1258,7 +1258,7 @@ will be created from the provided schema.
* @api * @api
* @param Schema $schema * @param Schema $schema
* @param DocumentNode $ast * @param DocumentNode $ast
* @param AbstractValidationRule[]|null $rules * @param ValidationRule[]|null $rules
* @param TypeInfo|null $typeInfo * @param TypeInfo|null $typeInfo
* @return Error[] * @return Error[]
*/ */
@ -1275,7 +1275,7 @@ static function validate(
* Returns all global validation rules. * Returns all global validation rules.
* *
* @api * @api
* @return AbstractValidationRule[] * @return ValidationRule[]
*/ */
static function allRules() static function allRules()
``` ```
@ -1289,7 +1289,7 @@ static function allRules()
* *
* @api * @api
* @param string $name * @param string $name
* @return AbstractValidationRule * @return ValidationRule
*/ */
static function getRule($name) static function getRule($name)
``` ```
@ -1299,9 +1299,9 @@ static function getRule($name)
* Add rule to list of global validation rules * Add rule to list of global validation rules
* *
* @api * @api
* @param AbstractValidationRule $rule * @param ValidationRule $rule
*/ */
static function addRule(GraphQL\Validator\Rules\AbstractValidationRule $rule) static function addRule(GraphQL\Validator\Rules\ValidationRule $rule)
``` ```
# GraphQL\Error\Error # GraphQL\Error\Error
Describes an Error found during the parse, validate, or Describes an Error found during the parse, validate, or

4
src/Error/Error.php
View File

@ -8,9 +8,9 @@ use GraphQL\Language\AST\Node;
use GraphQL\Language\Source; use GraphQL\Language\Source;
use GraphQL\Language\SourceLocation; use GraphQL\Language\SourceLocation;
use GraphQL\Utils\Utils; use GraphQL\Utils\Utils;
use Traversable;
use function array_filter; use function array_filter;
use function array_map; use function array_map;
use function array_merge;
use function is_array; use function is_array;
use function iterator_to_array; use function iterator_to_array;
@ -82,7 +82,7 @@ class Error extends \Exception implements \JsonSerializable, ClientAware
/** /**
* @param string $message * @param string $message
* @param Node[]|null $nodes * @param Node|Node[]|Traversable|null $nodes
* @param mixed[]|null $positions * @param mixed[]|null $positions
* @param mixed[]|null $path * @param mixed[]|null $path
* @param \Throwable $previous * @param \Throwable $previous

4
src/GraphQL.php
View File

@ -13,7 +13,7 @@ use GraphQL\Executor\Promise\PromiseAdapter;
use GraphQL\Type\Definition\Directive; use GraphQL\Type\Definition\Directive;
use GraphQL\Type\Definition\Type; use GraphQL\Type\Definition\Type;
use GraphQL\Validator\DocumentValidator; use GraphQL\Validator\DocumentValidator;
use GraphQL\Validator\Rules\AbstractValidationRule; use GraphQL\Validator\Rules\ValidationRule;
use GraphQL\Validator\Rules\QueryComplexity; use GraphQL\Validator\Rules\QueryComplexity;
/** /**
@ -272,7 +272,7 @@ class GraphQL
* Returns standard validation rules implementing GraphQL spec * Returns standard validation rules implementing GraphQL spec
* *
* @api * @api
* @return AbstractValidationRule[] * @return ValidationRule[]
*/ */
public static function getStandardValidationRules() public static function getStandardValidationRules()
{ {

8
src/Language/AST/FieldNode.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Language\AST; namespace GraphQL\Language\AST;
class FieldNode extends Node implements SelectionNode class FieldNode extends Node implements SelectionNode
@ -29,4 +32,9 @@ class FieldNode extends Node implements SelectionNode
* @var SelectionSetNode|null * @var SelectionSetNode|null
*/ */
public $selectionSet; public $selectionSet;
public function getKind() : string
{
return NodeKind::FIELD;
}
} }

6
src/Language/AST/FragmentSpreadNode.php
View File

@ -1,4 +1,5 @@
<?php <?php
namespace GraphQL\Language\AST; namespace GraphQL\Language\AST;
class FragmentSpreadNode extends Node implements SelectionNode class FragmentSpreadNode extends Node implements SelectionNode
@ -14,4 +15,9 @@ class FragmentSpreadNode extends Node implements SelectionNode
* @var DirectiveNode[] * @var DirectiveNode[]
*/ */
public $directives; public $directives;
public function getKind() : string
{
return NodeKind::FRAGMENT_SPREAD;
}
} }

6
src/Language/AST/InlineFragmentNode.php
View File

@ -1,4 +1,5 @@
<?php <?php
namespace GraphQL\Language\AST; namespace GraphQL\Language\AST;
class InlineFragmentNode extends Node implements SelectionNode class InlineFragmentNode extends Node implements SelectionNode
@ -19,4 +20,9 @@ class InlineFragmentNode extends Node implements SelectionNode
* @var SelectionSetNode * @var SelectionSetNode
*/ */
public $selectionSet; public $selectionSet;
public function getKind() : string
{
return NodeKind::INLINE_FRAGMENT;
}
} }

4
src/Language/AST/SelectionNode.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Language\AST; namespace GraphQL\Language\AST;
interface SelectionNode interface SelectionNode
@ -6,4 +9,5 @@ interface SelectionNode
/** /**
* export type SelectionNode = FieldNode | FragmentSpreadNode | InlineFragmentNode * export type SelectionNode = FieldNode | FragmentSpreadNode | InlineFragmentNode
*/ */
public function getKind() : string;
} }

8
src/Server/ServerConfig.php
View File

@ -8,7 +8,7 @@ use GraphQL\Error\InvariantViolation;
use GraphQL\Executor\Promise\PromiseAdapter; use GraphQL\Executor\Promise\PromiseAdapter;
use GraphQL\Type\Schema; use GraphQL\Type\Schema;
use GraphQL\Utils\Utils; use GraphQL\Utils\Utils;
use GraphQL\Validator\Rules\AbstractValidationRule; use GraphQL\Validator\Rules\ValidationRule;
use function is_array; use function is_array;
use function is_callable; use function is_callable;
use function method_exists; use function method_exists;
@ -73,7 +73,7 @@ class ServerConfig
/** @var bool */ /** @var bool */
private $queryBatching = false; private $queryBatching = false;
/** @var AbstractValidationRule[]|callable */ /** @var ValidationRule[]|callable */
private $validationRules; private $validationRules;
/** @var callable */ /** @var callable */
@ -150,7 +150,7 @@ class ServerConfig
* Set validation rules for this server. * Set validation rules for this server.
* *
* @api * @api
* @param AbstractValidationRule[]|callable $validationRules * @param ValidationRule[]|callable $validationRules
* @return self * @return self
*/ */
public function setValidationRules($validationRules) public function setValidationRules($validationRules)
@ -281,7 +281,7 @@ class ServerConfig
} }
/** /**
* @return AbstractValidationRule[]|callable * @return ValidationRule[]|callable
*/ */
public function getValidationRules() public function getValidationRules()
{ {

2
src/Type/Schema.php
View File

@ -204,7 +204,7 @@ class Schema
* *
* @api * @api
* @param string $name * @param string $name
* @return Type * @return Type|null
*/ */
public function getType($name) public function getType($name)
{ {

2
src/Utils/AST.php
View File

@ -487,7 +487,7 @@ class AST
* @api * @api
* @param Schema $schema * @param Schema $schema
* @param NamedTypeNode|ListTypeNode|NonNullTypeNode $inputTypeNode * @param NamedTypeNode|ListTypeNode|NonNullTypeNode $inputTypeNode
* @return Type * @return Type|null
* @throws \Exception * @throws \Exception
*/ */
public static function typeFromAST(Schema $schema, $inputTypeNode) public static function typeFromAST(Schema $schema, $inputTypeNode)

4
src/Utils/TypeInfo.php
View File

@ -58,7 +58,7 @@ class TypeInfo
/** /**
* @param Schema $schema * @param Schema $schema
* @param NamedTypeNode|ListTypeNode|NonNullTypeNode $inputTypeNode * @param NamedTypeNode|ListTypeNode|NonNullTypeNode $inputTypeNode
* @return Type * @return Type|null
* @throws InvariantViolation * @throws InvariantViolation
*/ */
public static function typeFromAST(Schema $schema, $inputTypeNode) public static function typeFromAST(Schema $schema, $inputTypeNode)
@ -249,7 +249,7 @@ class TypeInfo
} }
/** /**
* @return CompositeType * @return Type
*/ */
function getParentType() function getParentType()
{ {

108
src/Validator/DocumentValidator.php
View File

@ -1,14 +1,15 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator; namespace GraphQL\Validator;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\DocumentNode; use GraphQL\Language\AST\DocumentNode;
use GraphQL\Language\Visitor; use GraphQL\Language\Visitor;
use GraphQL\Type\Schema;
use GraphQL\Type\Definition\Type; use GraphQL\Type\Definition\Type;
use GraphQL\Type\Schema;
use GraphQL\Utils\TypeInfo; use GraphQL\Utils\TypeInfo;
use GraphQL\Validator\Rules\AbstractValidationRule;
use GraphQL\Validator\Rules\ValuesOfCorrectType;
use GraphQL\Validator\Rules\DisableIntrospection; use GraphQL\Validator\Rules\DisableIntrospection;
use GraphQL\Validator\Rules\ExecutableDefinitions; use GraphQL\Validator\Rules\ExecutableDefinitions;
use GraphQL\Validator\Rules\FieldsOnCorrectType; use GraphQL\Validator\Rules\FieldsOnCorrectType;
@ -27,6 +28,7 @@ use GraphQL\Validator\Rules\PossibleFragmentSpreads;
use GraphQL\Validator\Rules\ProvidedNonNullArguments; use GraphQL\Validator\Rules\ProvidedNonNullArguments;
use GraphQL\Validator\Rules\QueryComplexity; use GraphQL\Validator\Rules\QueryComplexity;
use GraphQL\Validator\Rules\QueryDepth; use GraphQL\Validator\Rules\QueryDepth;
use GraphQL\Validator\Rules\QuerySecurityRule;
use GraphQL\Validator\Rules\ScalarLeafs; use GraphQL\Validator\Rules\ScalarLeafs;
use GraphQL\Validator\Rules\UniqueArgumentNames; use GraphQL\Validator\Rules\UniqueArgumentNames;
use GraphQL\Validator\Rules\UniqueDirectivesPerLocation; use GraphQL\Validator\Rules\UniqueDirectivesPerLocation;
@ -34,9 +36,16 @@ use GraphQL\Validator\Rules\UniqueFragmentNames;
use GraphQL\Validator\Rules\UniqueInputFieldNames; use GraphQL\Validator\Rules\UniqueInputFieldNames;
use GraphQL\Validator\Rules\UniqueOperationNames; use GraphQL\Validator\Rules\UniqueOperationNames;
use GraphQL\Validator\Rules\UniqueVariableNames; use GraphQL\Validator\Rules\UniqueVariableNames;
use GraphQL\Validator\Rules\ValidationRule;
use GraphQL\Validator\Rules\ValuesOfCorrectType;
use GraphQL\Validator\Rules\VariablesAreInputTypes; use GraphQL\Validator\Rules\VariablesAreInputTypes;
use GraphQL\Validator\Rules\VariablesDefaultValueAllowed; use GraphQL\Validator\Rules\VariablesDefaultValueAllowed;
use GraphQL\Validator\Rules\VariablesInAllowedPosition; use GraphQL\Validator\Rules\VariablesInAllowedPosition;
use function array_filter;
use function array_merge;
use function count;
use function is_array;
use function sprintf;
/** /**
* Implements the "Validation" section of the spec. * Implements the "Validation" section of the spec.
@ -47,7 +56,7 @@ use GraphQL\Validator\Rules\VariablesInAllowedPosition;
* A list of specific validation rules may be provided. If not provided, the * A list of specific validation rules may be provided. If not provided, the
* default list of rules defined by the GraphQL specification will be used. * default list of rules defined by the GraphQL specification will be used.
* *
* Each validation rule is an instance of GraphQL\Validator\Rules\AbstractValidationRule * Each validation rule is an instance of GraphQL\Validator\Rules\ValidationRule
* which returns a visitor (see the [GraphQL\Language\Visitor API](reference.md#graphqllanguagevisitor)). * which returns a visitor (see the [GraphQL\Language\Visitor API](reference.md#graphqllanguagevisitor)).
* *
* Visitor methods are expected to return an instance of [GraphQL\Error\Error](reference.md#graphqlerrorerror), * Visitor methods are expected to return an instance of [GraphQL\Error\Error](reference.md#graphqlerrorerror),
@ -58,51 +67,50 @@ use GraphQL\Validator\Rules\VariablesInAllowedPosition;
*/ */
class DocumentValidator class DocumentValidator
{ {
/** @var ValidationRule[] */
private static $rules = []; private static $rules = [];
/** @var ValidationRule[]|null */
private static $defaultRules; private static $defaultRules;
/** @var QuerySecurityRule[]|null */
private static $securityRules; private static $securityRules;
/** @var bool */
private static $initRules = false; private static $initRules = false;
/** /**
* Primary method for query validation. See class description for details. * Primary method for query validation. See class description for details.
* *
* @api * @api
* @param Schema $schema * @param ValidationRule[]|null $rules
* @param DocumentNode $ast
* @param AbstractValidationRule[]|null $rules
* @param TypeInfo|null $typeInfo
* @return Error[] * @return Error[]
*/ */
public static function validate( public static function validate(
Schema $schema, Schema $schema,
DocumentNode $ast, DocumentNode $ast,
array $rules = null, ?array $rules = null,
TypeInfo $typeInfo = null ?TypeInfo $typeInfo = null
) ) {
{ if ($rules === null) {
if (null === $rules) {
$rules = static::allRules(); $rules = static::allRules();
} }
if (true === is_array($rules) && 0 === count($rules)) { if (is_array($rules) === true && count($rules) === 0) {
// Skip validation if there are no rules // Skip validation if there are no rules
return []; return [];
} }
$typeInfo = $typeInfo ?: new TypeInfo($schema); $typeInfo = $typeInfo ?: new TypeInfo($schema);
$errors = static::visitUsingRules($schema, $typeInfo, $ast, $rules);
return $errors;
}
return static::visitUsingRules($schema, $typeInfo, $ast, $rules);
}
/** /**
* Returns all global validation rules. * Returns all global validation rules.
* *
* @api * @api
* @return AbstractValidationRule[] * @return ValidationRule[]
*/ */
public static function allRules() public static function allRules()
{ {
@ -116,7 +124,7 @@ class DocumentValidator
public static function defaultRules() public static function defaultRules()
{ {
if (null === self::$defaultRules) { if (self::$defaultRules === null) {
self::$defaultRules = [ self::$defaultRules = [
ExecutableDefinitions::class => new ExecutableDefinitions(), ExecutableDefinitions::class => new ExecutableDefinitions(),
UniqueOperationNames::class => new UniqueOperationNames(), UniqueOperationNames::class => new UniqueOperationNames(),
@ -151,7 +159,7 @@ class DocumentValidator
} }
/** /**
* @return array * @return QuerySecurityRule[]
*/ */
public static function securityRules() public static function securityRules()
{ {
@ -159,16 +167,36 @@ class DocumentValidator
// When custom security rule is required - it should be just added via DocumentValidator::addRule(); // When custom security rule is required - it should be just added via DocumentValidator::addRule();
// TODO: deprecate this // TODO: deprecate this
if (null === self::$securityRules) { if (self::$securityRules === null) {
self::$securityRules = [ self::$securityRules = [
DisableIntrospection::class => new DisableIntrospection(DisableIntrospection::DISABLED), // DEFAULT DISABLED DisableIntrospection::class => new DisableIntrospection(DisableIntrospection::DISABLED), // DEFAULT DISABLED
QueryDepth::class => new QueryDepth(QueryDepth::DISABLED), // default disabled QueryDepth::class => new QueryDepth(QueryDepth::DISABLED), // default disabled
QueryComplexity::class => new QueryComplexity(QueryComplexity::DISABLED), // default disabled QueryComplexity::class => new QueryComplexity(QueryComplexity::DISABLED), // default disabled
]; ];
} }
return self::$securityRules; return self::$securityRules;
} }
/**
* This uses a specialized visitor which runs multiple visitors in parallel,
* while maintaining the visitor skip and break API.
*
* @param ValidationRule[] $rules
* @return Error[]
*/
public static function visitUsingRules(Schema $schema, TypeInfo $typeInfo, DocumentNode $documentNode, array $rules)
{
$context = new ValidationContext($schema, $documentNode, $typeInfo);
$visitors = [];
foreach ($rules as $rule) {
$visitors[] = $rule->getVisitor($context);
}
Visitor::visit($documentNode, Visitor::visitWithTypeInfo($typeInfo, Visitor::visitInParallel($visitors)));
return $context->getErrors();
}
/** /**
* Returns global validation rule by name. Standard rules are named by class name, so * Returns global validation rule by name. Standard rules are named by class name, so
* example usage for such rules: * example usage for such rules:
@ -177,7 +205,7 @@ class DocumentValidator
* *
* @api * @api
* @param string $name * @param string $name
* @return AbstractValidationRule * @return ValidationRule
*/ */
public static function getRule($name) public static function getRule($name)
{ {
@ -187,17 +215,17 @@ class DocumentValidator
return $rules[$name]; return $rules[$name];
} }
$name = "GraphQL\\Validator\\Rules\\$name"; $name = sprintf('GraphQL\\Validator\\Rules\\%s', $name);
return isset($rules[$name]) ? $rules[$name] : null ;
return $rules[$name] ?? null;
} }
/** /**
* Add rule to list of global validation rules * Add rule to list of global validation rules
* *
* @api * @api
* @param AbstractValidationRule $rule
*/ */
public static function addRule(AbstractValidationRule $rule) public static function addRule(ValidationRule $rule)
{ {
self::$rules[$rule->getName()] = $rule; self::$rules[$rule->getName()] = $rule;
} }
@ -205,7 +233,12 @@ class DocumentValidator
public static function isError($value) public static function isError($value)
{ {
return is_array($value) return is_array($value)
? count(array_filter($value, function($item) { return $item instanceof \Exception || $item instanceof \Throwable;})) === count($value) ? count(array_filter(
$value,
function ($item) {
return $item instanceof \Exception || $item instanceof \Throwable;
}
)) === count($value)
: ($value instanceof \Exception || $value instanceof \Throwable); : ($value instanceof \Exception || $value instanceof \Throwable);
} }
@ -216,6 +249,7 @@ class DocumentValidator
} else { } else {
$arr[] = $items; $arr[] = $items;
} }
return $arr; return $arr;
} }
@ -236,27 +270,7 @@ class DocumentValidator
$validator = new ValuesOfCorrectType(); $validator = new ValuesOfCorrectType();
$visitor = $validator->getVisitor($context); $visitor = $validator->getVisitor($context);
Visitor::visit($valueNode, Visitor::visitWithTypeInfo($typeInfo, $visitor)); Visitor::visit($valueNode, Visitor::visitWithTypeInfo($typeInfo, $visitor));
return $context->getErrors();
}
/**
* This uses a specialized visitor which runs multiple visitors in parallel,
* while maintaining the visitor skip and break API.
*
* @param Schema $schema
* @param TypeInfo $typeInfo
* @param DocumentNode $documentNode
* @param AbstractValidationRule[] $rules
* @return array
*/
public static function visitUsingRules(Schema $schema, TypeInfo $typeInfo, DocumentNode $documentNode, array $rules)
{
$context = new ValidationContext($schema, $documentNode, $typeInfo);
$visitors = [];
foreach ($rules as $rule) {
$visitors[] = $rule->getVisitor($context);
}
Visitor::visit($documentNode, Visitor::visitWithTypeInfo($typeInfo, Visitor::visitInParallel($visitors)));
return $context->getErrors(); return $context->getErrors();
} }
} }

8
src/Validator/Rules/CustomValidationRule.php
View File

@ -1,11 +1,15 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
class CustomValidationRule extends AbstractValidationRule class CustomValidationRule extends ValidationRule
{ {
/** @var callable */
private $visitorFn; private $visitorFn;
public function __construct($name, callable $visitorFn) public function __construct($name, callable $visitorFn)
@ -15,12 +19,12 @@ class CustomValidationRule extends AbstractValidationRule
} }
/** /**
* @param ValidationContext $context
* @return Error[] * @return Error[]
*/ */
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
$fn = $this->visitorFn; $fn = $this->visitorFn;
return $fn($context); return $fn($context);
} }
} }

47
src/Validator/Rules/DisableIntrospection.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -6,9 +9,11 @@ use GraphQL\Language\AST\FieldNode;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
class DisableIntrospection extends AbstractQuerySecurity class DisableIntrospection extends QuerySecurityRule
{ {
const ENABLED = 1; public const ENABLED = 1;
/** @var bool */
private $isEnabled; private $isEnabled;
public function __construct($enabled = self::ENABLED) public function __construct($enabled = self::ENABLED)
@ -21,7 +26,26 @@ class DisableIntrospection extends AbstractQuerySecurity
$this->isEnabled = $enabled; $this->isEnabled = $enabled;
} }
static function introspectionDisabledMessage() public function getVisitor(ValidationContext $context)
{
return $this->invokeIfNeeded(
$context,
[
NodeKind::FIELD => function (FieldNode $node) use ($context) {
if ($node->name->value !== '__type' && $node->name->value !== '__schema') {
return;
}
$context->reportError(new Error(
static::introspectionDisabledMessage(),
[$node]
));
},
]
);
}
public static function introspectionDisabledMessage()
{ {
return 'GraphQL introspection is not allowed, but the query contained __schema or __type'; return 'GraphQL introspection is not allowed, but the query contained __schema or __type';
} }
@ -30,21 +54,4 @@ class DisableIntrospection extends AbstractQuerySecurity
{ {
return $this->isEnabled !== static::DISABLED; return $this->isEnabled !== static::DISABLED;
} }
public function getVisitor(ValidationContext $context)
{
return $this->invokeIfNeeded(
$context,
[
NodeKind::FIELD => function (FieldNode $node) use ($context) {
if ($node->name->value === '__type' || $node->name->value === '__schema') {
$context->reportError(new Error(
static::introspectionDisabledMessage(),
[$node]
));
}
}
]
);
}
} }

27
src/Validator/Rules/ExecutableDefinitions.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -9,6 +12,7 @@ use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\AST\OperationDefinitionNode; use GraphQL\Language\AST\OperationDefinitionNode;
use GraphQL\Language\Visitor; use GraphQL\Language\Visitor;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
/** /**
* Executable definitions * Executable definitions
@ -16,32 +20,33 @@ use GraphQL\Validator\ValidationContext;
* A GraphQL document is only valid for execution if all definitions are either * A GraphQL document is only valid for execution if all definitions are either
* operation or fragment definitions. * operation or fragment definitions.
*/ */
class ExecutableDefinitions extends AbstractValidationRule class ExecutableDefinitions extends ValidationRule
{ {
static function nonExecutableDefinitionMessage($defName)
{
return "The \"$defName\" definition is not executable.";
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
NodeKind::DOCUMENT => function (DocumentNode $node) use ($context) { NodeKind::DOCUMENT => function (DocumentNode $node) use ($context) {
/** @var Node $definition */ /** @var Node $definition */
foreach ($node->definitions as $definition) { foreach ($node->definitions as $definition) {
if ( if ($definition instanceof OperationDefinitionNode ||
!$definition instanceof OperationDefinitionNode && $definition instanceof FragmentDefinitionNode
!$definition instanceof FragmentDefinitionNode
) { ) {
continue;
}
$context->reportError(new Error( $context->reportError(new Error(
self::nonExecutableDefinitionMessage($definition->name->value), self::nonExecutableDefinitionMessage($definition->name->value),
[$definition->name] [$definition->name]
)); ));
} }
}
return Visitor::skipNode(); return Visitor::skipNode();
} },
]; ];
} }
public static function nonExecutableDefinitionMessage($defName)
{
return sprintf('The "%s" definition is not executable.', $defName);
}
} }

75
src/Validator/Rules/FieldsOnCorrectType.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -10,31 +13,27 @@ use GraphQL\Type\Definition\Type;
use GraphQL\Type\Schema; use GraphQL\Type\Schema;
use GraphQL\Utils\Utils; use GraphQL\Utils\Utils;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function array_keys;
use function array_merge;
use function arsort;
use function sprintf;
class FieldsOnCorrectType extends AbstractValidationRule class FieldsOnCorrectType extends ValidationRule
{ {
static function undefinedFieldMessage($fieldName, $type, array $suggestedTypeNames, array $suggestedFieldNames)
{
$message = 'Cannot query field "' . $fieldName . '" on type "' . $type.'".';
if ($suggestedTypeNames) {
$suggestions = Utils::quotedOrList($suggestedTypeNames);
$message .= " Did you mean to use an inline fragment on $suggestions?";
} else if ($suggestedFieldNames) {
$suggestions = Utils::quotedOrList($suggestedFieldNames);
$message .= " Did you mean {$suggestions}?";
}
return $message;
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
NodeKind::FIELD => function (FieldNode $node) use ($context) { NodeKind::FIELD => function (FieldNode $node) use ($context) {
$type = $context->getParentType(); $type = $context->getParentType();
if ($type) { if (! $type) {
return;
}
$fieldDef = $context->getFieldDef(); $fieldDef = $context->getFieldDef();
if (!$fieldDef) { if ($fieldDef) {
return;
}
// This isn't valid. Let's find suggestions, if any. // This isn't valid. Let's find suggestions, if any.
$schema = $context->getSchema(); $schema = $context->getSchema();
$fieldName = $node->name->value; $fieldName = $node->name->value;
@ -63,9 +62,7 @@ class FieldsOnCorrectType extends AbstractValidationRule
), ),
[$node] [$node]
)); ));
} },
}
}
]; ];
} }
@ -75,10 +72,9 @@ class FieldsOnCorrectType extends AbstractValidationRule
* suggest them, sorted by how often the type is referenced, starting * suggest them, sorted by how often the type is referenced, starting
* with Interfaces. * with Interfaces.
* *
* @param Schema $schema * @param ObjectType|InterfaceType $type
* @param $type
* @param string $fieldName * @param string $fieldName
* @return array * @return string[]
*/ */
private function getSuggestedTypeNames(Schema $schema, $type, $fieldName) private function getSuggestedTypeNames(Schema $schema, $type, $fieldName)
{ {
@ -122,8 +118,7 @@ class FieldsOnCorrectType extends AbstractValidationRule
* For the field name provided, determine if there are any similar field names * For the field name provided, determine if there are any similar field names
* that may be the result of a typo. * that may be the result of a typo.
* *
* @param Schema $schema * @param ObjectType|InterfaceType $type
* @param $type
* @param string $fieldName * @param string $fieldName
* @return array|string[] * @return array|string[]
*/ */
@ -131,9 +126,39 @@ class FieldsOnCorrectType extends AbstractValidationRule
{ {
if ($type instanceof ObjectType || $type instanceof InterfaceType) { if ($type instanceof ObjectType || $type instanceof InterfaceType) {
$possibleFieldNames = array_keys($type->getFields()); $possibleFieldNames = array_keys($type->getFields());
return Utils::suggestionList($fieldName, $possibleFieldNames); return Utils::suggestionList($fieldName, $possibleFieldNames);
} }
// Otherwise, must be a Union type, which does not define fields. // Otherwise, must be a Union type, which does not define fields.
return []; return [];
} }
/**
* @param string $fieldName
* @param string $type
* @param string[] $suggestedTypeNames
* @param string[] $suggestedFieldNames
* @return string
*/
public static function undefinedFieldMessage(
$fieldName,
$type,
array $suggestedTypeNames,
array $suggestedFieldNames
) {
$message = sprintf('Cannot query field "%s" on type "%s".', $fieldName, $type);
if ($suggestedTypeNames) {
$suggestions = Utils::quotedOrList($suggestedTypeNames);
$message .= sprintf(' Did you mean to use an inline fragment on %s?', $suggestions);
} elseif (! empty($suggestedFieldNames)) {
$suggestions = Utils::quotedOrList($suggestedFieldNames);
$message .= sprintf(' Did you mean %s?', $suggestions);
}
return $message;
}
} }

51
src/Validator/Rules/FragmentsOnCompositeTypes.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -9,43 +12,53 @@ use GraphQL\Language\Printer;
use GraphQL\Type\Definition\Type; use GraphQL\Type\Definition\Type;
use GraphQL\Utils\TypeInfo; use GraphQL\Utils\TypeInfo;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class FragmentsOnCompositeTypes extends AbstractValidationRule class FragmentsOnCompositeTypes extends ValidationRule
{ {
static function inlineFragmentOnNonCompositeErrorMessage($type)
{
return "Fragment cannot condition on non composite type \"$type\".";
}
static function fragmentOnNonCompositeErrorMessage($fragName, $type)
{
return "Fragment \"$fragName\" cannot condition on non composite type \"$type\".";
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
NodeKind::INLINE_FRAGMENT => function (InlineFragmentNode $node) use ($context) { NodeKind::INLINE_FRAGMENT => function (InlineFragmentNode $node) use ($context) {
if ($node->typeCondition) { if (! $node->typeCondition) {
return;
}
$type = TypeInfo::typeFromAST($context->getSchema(), $node->typeCondition); $type = TypeInfo::typeFromAST($context->getSchema(), $node->typeCondition);
if ($type && !Type::isCompositeType($type)) { if (! $type || Type::isCompositeType($type)) {
return;
}
$context->reportError(new Error( $context->reportError(new Error(
static::inlineFragmentOnNonCompositeErrorMessage($type), static::inlineFragmentOnNonCompositeErrorMessage($type),
[$node->typeCondition] [$node->typeCondition]
)); ));
}
}
}, },
NodeKind::FRAGMENT_DEFINITION => function (FragmentDefinitionNode $node) use ($context) { NodeKind::FRAGMENT_DEFINITION => function (FragmentDefinitionNode $node) use ($context) {
$type = TypeInfo::typeFromAST($context->getSchema(), $node->typeCondition); $type = TypeInfo::typeFromAST($context->getSchema(), $node->typeCondition);
if ($type && !Type::isCompositeType($type)) { if (! $type || Type::isCompositeType($type)) {
return;
}
$context->reportError(new Error( $context->reportError(new Error(
static::fragmentOnNonCompositeErrorMessage($node->name->value, Printer::doPrint($node->typeCondition)), static::fragmentOnNonCompositeErrorMessage(
$node->name->value,
Printer::doPrint($node->typeCondition)
),
[$node->typeCondition] [$node->typeCondition]
)); ));
} },
}
]; ];
} }
public static function inlineFragmentOnNonCompositeErrorMessage($type)
{
return sprintf('Fragment cannot condition on non composite type "%s".', $type);
}
public static function fragmentOnNonCompositeErrorMessage($fragName, $type)
{
return sprintf('Fragment "%s" cannot condition on non composite type "%s".', $fragName, $type);
}
} }

74
src/Validator/Rules/KnownArgumentNames.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -6,6 +9,9 @@ use GraphQL\Language\AST\ArgumentNode;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Utils\Utils; use GraphQL\Utils\Utils;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function array_map;
use function count;
use function sprintf;
/** /**
* Known argument names * Known argument names
@ -13,32 +19,17 @@ use GraphQL\Validator\ValidationContext;
* A GraphQL field is only valid if all supplied arguments are defined by * A GraphQL field is only valid if all supplied arguments are defined by
* that field. * that field.
*/ */
class KnownArgumentNames extends AbstractValidationRule class KnownArgumentNames extends ValidationRule
{ {
public static function unknownArgMessage($argName, $fieldName, $typeName, array $suggestedArgs)
{
$message = "Unknown argument \"$argName\" on field \"$fieldName\" of type \"$typeName\".";
if ($suggestedArgs) {
$message .= ' Did you mean ' . Utils::quotedOrList($suggestedArgs) . '?';
}
return $message;
}
public static function unknownDirectiveArgMessage($argName, $directiveName, array $suggestedArgs)
{
$message = "Unknown argument \"$argName\" on directive \"@$directiveName\".";
if ($suggestedArgs) {
$message .= ' Did you mean ' . Utils::quotedOrList($suggestedArgs) . '?';
}
return $message;
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
NodeKind::ARGUMENT => function (ArgumentNode $node, $key, $parent, $path, $ancestors) use ($context) { NodeKind::ARGUMENT => function (ArgumentNode $node, $key, $parent, $path, $ancestors) use ($context) {
$argDef = $context->getArgument(); $argDef = $context->getArgument();
if (!$argDef) { if ($argDef !== null) {
return;
}
$argumentOf = $ancestors[count($ancestors) - 1]; $argumentOf = $ancestors[count($ancestors) - 1];
if ($argumentOf->kind === NodeKind::FIELD) { if ($argumentOf->kind === NodeKind::FIELD) {
$fieldDef = $context->getFieldDef(); $fieldDef = $context->getFieldDef();
@ -51,7 +42,12 @@ class KnownArgumentNames extends AbstractValidationRule
$parentType->name, $parentType->name,
Utils::suggestionList( Utils::suggestionList(
$node->name->value, $node->name->value,
array_map(function ($arg) { return $arg->name; }, $fieldDef->args) array_map(
function ($arg) {
return $arg->name;
},
$fieldDef->args
)
) )
), ),
[$node] [$node]
@ -66,15 +62,45 @@ class KnownArgumentNames extends AbstractValidationRule
$directive->name, $directive->name,
Utils::suggestionList( Utils::suggestionList(
$node->name->value, $node->name->value,
array_map(function ($arg) { return $arg->name; }, $directive->args) array_map(
function ($arg) {
return $arg->name;
},
$directive->args
)
) )
), ),
[$node] [$node]
)); ));
} }
} }
} },
}
]; ];
} }
/**
* @param string[] $suggestedArgs
*/
public static function unknownArgMessage($argName, $fieldName, $typeName, array $suggestedArgs)
{
$message = sprintf('Unknown argument "%s" on field "%s" of type "%s".', $argName, $fieldName, $typeName);
if (! empty($suggestedArgs)) {
$message .= sprintf(' Did you mean %s?', Utils::quotedOrList($suggestedArgs));
}
return $message;
}
/**
* @param string[] $suggestedArgs
*/
public static function unknownDirectiveArgMessage($argName, $directiveName, array $suggestedArgs)
{
$message = sprintf('Unknown argument "%s" on directive "@%s".', $argName, $directiveName);
if (! empty($suggestedArgs)) {
$message .= sprintf(' Did you mean %s?', Utils::quotedOrList($suggestedArgs));
}
return $message;
}
} }

44
src/Validator/Rules/KnownDirectives.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -7,19 +10,12 @@ use GraphQL\Language\AST\InputObjectTypeDefinitionNode;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\DirectiveLocation; use GraphQL\Language\DirectiveLocation;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function count;
use function in_array;
use function sprintf;
class KnownDirectives extends AbstractValidationRule class KnownDirectives extends ValidationRule
{ {
static function unknownDirectiveMessage($directiveName)
{
return "Unknown directive \"$directiveName\".";
}
static function misplacedDirectiveMessage($directiveName, $location)
{
return "Directive \"$directiveName\" may not be used on \"$location\".";
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
@ -37,6 +33,7 @@ class KnownDirectives extends AbstractValidationRule
self::unknownDirectiveMessage($node->name->value), self::unknownDirectiveMessage($node->name->value),
[$node] [$node]
)); ));
return; return;
} }
$candidateLocation = $this->getDirectiveLocationForASTPath($ancestors); $candidateLocation = $this->getDirectiveLocationForASTPath($ancestors);
@ -52,19 +49,30 @@ class KnownDirectives extends AbstractValidationRule
[$node] [$node]
)); ));
} }
} },
]; ];
} }
public static function unknownDirectiveMessage($directiveName)
{
return sprintf('Unknown directive "%s".', $directiveName);
}
/**
* @param (Node|NodeList)[] $ancestors
*/
private function getDirectiveLocationForASTPath(array $ancestors) private function getDirectiveLocationForASTPath(array $ancestors)
{ {
$appliedTo = $ancestors[count($ancestors) - 1]; $appliedTo = $ancestors[count($ancestors) - 1];
switch ($appliedTo->kind) { switch ($appliedTo->kind) {
case NodeKind::OPERATION_DEFINITION: case NodeKind::OPERATION_DEFINITION:
switch ($appliedTo->operation) { switch ($appliedTo->operation) {
case 'query': return DirectiveLocation::QUERY; case 'query':
case 'mutation': return DirectiveLocation::MUTATION; return DirectiveLocation::QUERY;
case 'subscription': return DirectiveLocation::SUBSCRIPTION; case 'mutation':
return DirectiveLocation::MUTATION;
case 'subscription':
return DirectiveLocation::SUBSCRIPTION;
} }
break; break;
case NodeKind::FIELD: case NodeKind::FIELD:
@ -101,9 +109,15 @@ class KnownDirectives extends AbstractValidationRule
return DirectiveLocation::INPUT_OBJECT; return DirectiveLocation::INPUT_OBJECT;
case NodeKind::INPUT_VALUE_DEFINITION: case NodeKind::INPUT_VALUE_DEFINITION:
$parentNode = $ancestors[count($ancestors) - 3]; $parentNode = $ancestors[count($ancestors) - 3];
return $parentNode instanceof InputObjectTypeDefinitionNode return $parentNode instanceof InputObjectTypeDefinitionNode
? DirectiveLocation::INPUT_FIELD_DEFINITION ? DirectiveLocation::INPUT_FIELD_DEFINITION
: DirectiveLocation::ARGUMENT_DEFINITION; : DirectiveLocation::ARGUMENT_DEFINITION;
} }
} }
public static function misplacedDirectiveMessage($directiveName, $location)
{
return sprintf('Directive "%s" may not be used on "%s".', $directiveName, $location);
}
} }

27
src/Validator/Rules/KnownFragmentNames.php
View File

@ -1,31 +1,40 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\FragmentSpreadNode; use GraphQL\Language\AST\FragmentSpreadNode;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class KnownFragmentNames extends AbstractValidationRule class KnownFragmentNames extends ValidationRule
{ {
static function unknownFragmentMessage($fragName)
{
return "Unknown fragment \"$fragName\".";
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
NodeKind::FRAGMENT_SPREAD => function (FragmentSpreadNode $node) use ($context) { NodeKind::FRAGMENT_SPREAD => function (FragmentSpreadNode $node) use ($context) {
$fragmentName = $node->name->value; $fragmentName = $node->name->value;
$fragment = $context->getFragment($fragmentName); $fragment = $context->getFragment($fragmentName);
if (!$fragment) { if ($fragment) {
return;
}
$context->reportError(new Error( $context->reportError(new Error(
self::unknownFragmentMessage($fragmentName), self::unknownFragmentMessage($fragmentName),
[$node->name] [$node->name]
)); ));
} },
}
]; ];
} }
/**
* @param string $fragName
*/
public static function unknownFragmentMessage($fragName)
{
return sprintf('Unknown fragment "%s".', $fragName);
}
} }

50
src/Validator/Rules/KnownTypeNames.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -7,6 +10,8 @@ use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\Visitor; use GraphQL\Language\Visitor;
use GraphQL\Utils\Utils; use GraphQL\Utils\Utils;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function array_keys;
use function sprintf;
/** /**
* Known type names * Known type names
@ -14,21 +19,13 @@ use GraphQL\Validator\ValidationContext;
* A GraphQL document is only valid if referenced types (specifically * A GraphQL document is only valid if referenced types (specifically
* variable definitions and fragment conditions) are defined by the type schema. * variable definitions and fragment conditions) are defined by the type schema.
*/ */
class KnownTypeNames extends AbstractValidationRule class KnownTypeNames extends ValidationRule
{ {
static function unknownTypeMessage($type, array $suggestedTypes)
{
$message = "Unknown type \"$type\".";
if ($suggestedTypes) {
$suggestions = Utils::quotedOrList($suggestedTypes);
$message .= " Did you mean $suggestions?";
}
return $message;
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
$skip = function() { return Visitor::skipNode(); }; $skip = function () {
return Visitor::skipNode();
};
return [ return [
// TODO: when validating IDL, re-enable these. Experimental version does not // TODO: when validating IDL, re-enable these. Experimental version does not
@ -42,15 +39,34 @@ class KnownTypeNames extends AbstractValidationRule
$schema = $context->getSchema(); $schema = $context->getSchema();
$typeName = $node->name->value; $typeName = $node->name->value;
$type = $schema->getType($typeName); $type = $schema->getType($typeName);
if (!$type) { if ($type !== null) {
return;
}
$context->reportError(new Error( $context->reportError(new Error(
self::unknownTypeMessage( self::unknownTypeMessage(
$typeName, $typeName,
Utils::suggestionList($typeName, array_keys($schema->getTypeMap())) Utils::suggestionList($typeName, array_keys($schema->getTypeMap()))
), [$node]) ),
); [$node]
} ));
} },
]; ];
} }
/**
* @param string $type
* @param string[] $suggestedTypes
*/
public static function unknownTypeMessage($type, array $suggestedTypes)
{
$message = sprintf('Unknown type "%s".', $type);
if (! empty($suggestedTypes)) {
$suggestions = Utils::quotedOrList($suggestedTypes);
$message .= sprintf(' Did you mean %s?', $suggestions);
}
return $message;
}
} }

31
src/Validator/Rules/LoneAnonymousOperation.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -7,6 +10,7 @@ use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\AST\OperationDefinitionNode; use GraphQL\Language\AST\OperationDefinitionNode;
use GraphQL\Utils\Utils; use GraphQL\Utils\Utils;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function count;
/** /**
* Lone anonymous operation * Lone anonymous operation
@ -14,16 +18,12 @@ use GraphQL\Validator\ValidationContext;
* A GraphQL document is only valid if when it contains an anonymous operation * A GraphQL document is only valid if when it contains an anonymous operation
* (the query short-hand) that it contains only that one operation definition. * (the query short-hand) that it contains only that one operation definition.
*/ */
class LoneAnonymousOperation extends AbstractValidationRule class LoneAnonymousOperation extends ValidationRule
{ {
static function anonOperationNotAloneMessage()
{
return 'This anonymous operation must be the only defined operation.';
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
$operationCount = 0; $operationCount = 0;
return [ return [
NodeKind::DOCUMENT => function (DocumentNode $node) use (&$operationCount) { NodeKind::DOCUMENT => function (DocumentNode $node) use (&$operationCount) {
$tmp = Utils::filter( $tmp = Utils::filter(
@ -32,15 +32,26 @@ class LoneAnonymousOperation extends AbstractValidationRule
return $definition->kind === NodeKind::OPERATION_DEFINITION; return $definition->kind === NodeKind::OPERATION_DEFINITION;
} }
); );
$operationCount = count($tmp); $operationCount = count($tmp);
}, },
NodeKind::OPERATION_DEFINITION => function(OperationDefinitionNode $node) use (&$operationCount, $context) { NodeKind::OPERATION_DEFINITION => function (OperationDefinitionNode $node) use (
if (!$node->name && $operationCount > 1) { &$operationCount,
$context
) {
if ($node->name || $operationCount <= 1) {
return;
}
$context->reportError( $context->reportError(
new Error(self::anonOperationNotAloneMessage(), [$node]) new Error(self::anonOperationNotAloneMessage(), [$node])
); );
} },
}
]; ];
} }
public static function anonOperationNotAloneMessage()
{
return 'This anonymous operation must be the only defined operation.';
}
} }

46
src/Validator/Rules/NoFragmentCycles.php
View File

@ -1,25 +1,33 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\FragmentDefinitionNode; use GraphQL\Language\AST\FragmentDefinitionNode;
use GraphQL\Language\AST\FragmentSpreadNode;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\Visitor; use GraphQL\Language\Visitor;
use GraphQL\Utils\Utils; use GraphQL\Utils\Utils;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function array_merge;
use function array_pop;
use function array_slice;
use function count;
use function implode;
use function is_array;
use function sprintf;
class NoFragmentCycles extends AbstractValidationRule class NoFragmentCycles extends ValidationRule
{ {
static function cycleErrorMessage($fragName, array $spreadNames = []) /** @var bool[] */
{
$via = !empty($spreadNames) ? ' via ' . implode(', ', $spreadNames) : '';
return "Cannot spread fragment \"$fragName\" within itself$via.";
}
public $visitedFrags; public $visitedFrags;
/** @var FragmentSpreadNode[] */
public $spreadPath; public $spreadPath;
/** @var (int|null)[] */
public $spreadPathIndexByName; public $spreadPathIndexByName;
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
@ -42,8 +50,9 @@ class NoFragmentCycles extends AbstractValidationRule
if (! isset($this->visitedFrags[$node->name->value])) { if (! isset($this->visitedFrags[$node->name->value])) {
$this->detectCycleRecursive($node, $context); $this->detectCycleRecursive($node, $context);
} }
return Visitor::skipNode(); return Visitor::skipNode();
} },
]; ];
} }
@ -63,7 +72,7 @@ class NoFragmentCycles extends AbstractValidationRule
for ($i = 0; $i < count($spreadNodes); $i++) { for ($i = 0; $i < count($spreadNodes); $i++) {
$spreadNode = $spreadNodes[$i]; $spreadNode = $spreadNodes[$i];
$spreadName = $spreadNode->name->value; $spreadName = $spreadNode->name->value;
$cycleIndex = isset($this->spreadPathIndexByName[$spreadName]) ? $this->spreadPathIndexByName[$spreadName] : null; $cycleIndex = $this->spreadPathIndexByName[$spreadName] ?? null;
if ($cycleIndex === null) { if ($cycleIndex === null) {
$this->spreadPath[] = $spreadNode; $this->spreadPath[] = $spreadNode;
@ -87,9 +96,12 @@ class NoFragmentCycles extends AbstractValidationRule
$context->reportError(new Error( $context->reportError(new Error(
self::cycleErrorMessage( self::cycleErrorMessage(
$spreadName, $spreadName,
Utils::map($cyclePath, function ($s) { Utils::map(
$cyclePath,
function ($s) {
return $s->name->value; return $s->name->value;
}) }
)
), ),
$nodes $nodes
)); ));
@ -98,4 +110,16 @@ class NoFragmentCycles extends AbstractValidationRule
$this->spreadPathIndexByName[$fragmentName] = null; $this->spreadPathIndexByName[$fragmentName] = null;
} }
/**
* @param string[] $spreadNames
*/
public static function cycleErrorMessage($fragName, array $spreadNames = [])
{
return sprintf(
'Cannot spread fragment "%s" within itself%s.',
$fragName,
! empty($spreadNames) ? ' via ' . implode(', ', $spreadNames) : ''
);
}
} }

32
src/Validator/Rules/NoUndefinedVariables.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -6,24 +9,16 @@ use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\AST\OperationDefinitionNode; use GraphQL\Language\AST\OperationDefinitionNode;
use GraphQL\Language\AST\VariableDefinitionNode; use GraphQL\Language\AST\VariableDefinitionNode;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
/** /**
* Class NoUndefinedVariables * Class NoUndefinedVariables
* *
* A GraphQL operation is only valid if all variables encountered, both directly * A GraphQL operation is only valid if all variables encountered, both directly
* and via fragment spreads, are defined by that operation. * and via fragment spreads, are defined by that operation.
*
* @package GraphQL\Validator\Rules
*/ */
class NoUndefinedVariables extends AbstractValidationRule class NoUndefinedVariables extends ValidationRule
{ {
static function undefinedVarMessage($varName, $opName = null)
{
return $opName
? "Variable \"$$varName\" is not defined by operation \"$opName\"."
: "Variable \"$$varName\" is not defined.";
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
$variableNameDefined = []; $variableNameDefined = [];
@ -40,7 +35,10 @@ class NoUndefinedVariables extends AbstractValidationRule
$node = $usage['node']; $node = $usage['node'];
$varName = $node->name->value; $varName = $node->name->value;
if (empty($variableNameDefined[$varName])) { if (! empty($variableNameDefined[$varName])) {
continue;
}
$context->reportError(new Error( $context->reportError(new Error(
self::undefinedVarMessage( self::undefinedVarMessage(
$varName, $varName,
@ -49,12 +47,18 @@ class NoUndefinedVariables extends AbstractValidationRule
[$node, $operation] [$node, $operation]
)); ));
} }
} },
}
], ],
NodeKind::VARIABLE_DEFINITION => function (VariableDefinitionNode $def) use (&$variableNameDefined) { NodeKind::VARIABLE_DEFINITION => function (VariableDefinitionNode $def) use (&$variableNameDefined) {
$variableNameDefined[$def->variable->name->value] = true; $variableNameDefined[$def->variable->name->value] = true;
} },
]; ];
} }
public static function undefinedVarMessage($varName, $opName = null)
{
return $opName
? sprintf('Variable "$%s" is not defined by operation "%s".', $varName, $opName)
: sprintf('Variable "$%s" is not defined.', $varName);
}
} }

31
src/Validator/Rules/NoUnusedFragments.php
View File

@ -1,21 +1,23 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\FragmentDefinitionNode; use GraphQL\Language\AST\FragmentDefinitionNode;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\AST\OperationDefinitionNode;
use GraphQL\Language\Visitor; use GraphQL\Language\Visitor;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class NoUnusedFragments extends AbstractValidationRule class NoUnusedFragments extends ValidationRule
{ {
static function unusedFragMessage($fragName) /** @var OperationDefinitionNode[] */
{
return "Fragment \"$fragName\" is never used.";
}
public $operationDefs; public $operationDefs;
/** @var FragmentDefinitionNode[] */
public $fragmentDefs; public $fragmentDefs;
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
@ -26,10 +28,12 @@ class NoUnusedFragments extends AbstractValidationRule
return [ return [
NodeKind::OPERATION_DEFINITION => function ($node) { NodeKind::OPERATION_DEFINITION => function ($node) {
$this->operationDefs[] = $node; $this->operationDefs[] = $node;
return Visitor::skipNode(); return Visitor::skipNode();
}, },
NodeKind::FRAGMENT_DEFINITION => function (FragmentDefinitionNode $def) { NodeKind::FRAGMENT_DEFINITION => function (FragmentDefinitionNode $def) {
$this->fragmentDefs[] = $def; $this->fragmentDefs[] = $def;
return Visitor::skipNode(); return Visitor::skipNode();
}, },
NodeKind::DOCUMENT => [ NodeKind::DOCUMENT => [
@ -44,15 +48,22 @@ class NoUnusedFragments extends AbstractValidationRule
foreach ($this->fragmentDefs as $fragmentDef) { foreach ($this->fragmentDefs as $fragmentDef) {
$fragName = $fragmentDef->name->value; $fragName = $fragmentDef->name->value;
if (empty($fragmentNameUsed[$fragName])) { if (! empty($fragmentNameUsed[$fragName])) {
continue;
}
$context->reportError(new Error( $context->reportError(new Error(
self::unusedFragMessage($fragName), self::unusedFragMessage($fragName),
[$fragmentDef] [$fragmentDef]
)); ));
} }
} },
} ],
]
]; ];
} }
public static function unusedFragMessage($fragName)
{
return sprintf('Fragment "%s" is never used.', $fragName);
}
} }

32
src/Validator/Rules/NoUnusedVariables.php
View File

@ -1,20 +1,19 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\AST\OperationDefinitionNode; use GraphQL\Language\AST\OperationDefinitionNode;
use GraphQL\Language\AST\VariableDefinitionNode;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class NoUnusedVariables extends AbstractValidationRule class NoUnusedVariables extends ValidationRule
{ {
static function unusedVariableMessage($varName, $opName = null) /** @var VariableDefinitionNode[] */
{
return $opName
? "Variable \"$$varName\" is never used in operation \"$opName\"."
: "Variable \"$$varName\" is never used.";
}
public $variableDefs; public $variableDefs;
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
@ -39,18 +38,27 @@ class NoUnusedVariables extends AbstractValidationRule
foreach ($this->variableDefs as $variableDef) { foreach ($this->variableDefs as $variableDef) {
$variableName = $variableDef->variable->name->value; $variableName = $variableDef->variable->name->value;
if (empty($variableNameUsed[$variableName])) { if (! empty($variableNameUsed[$variableName])) {
continue;
}
$context->reportError(new Error( $context->reportError(new Error(
self::unusedVariableMessage($variableName, $opName), self::unusedVariableMessage($variableName, $opName),
[$variableDef] [$variableDef]
)); ));
} }
} },
}
], ],
NodeKind::VARIABLE_DEFINITION => function ($def) { NodeKind::VARIABLE_DEFINITION => function ($def) {
$this->variableDefs[] = $def; $this->variableDefs[] = $def;
} },
]; ];
} }
public static function unusedVariableMessage($varName, $opName = null)
{
return $opName
? sprintf('Variable "$%s" is never used in operation "%s".', $varName, $opName)
: sprintf('Variable "$%s" is never used.', $varName);
}
} }

1082
src/Validator/Rules/OverlappingFieldsCanBeMerged.php
View File

File diff suppressed because it is too large Load Diff

85
src/Validator/Rules/PossibleFragmentSpreads.php
View File

@ -1,31 +1,25 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\FragmentSpreadNode; use GraphQL\Language\AST\FragmentSpreadNode;
use GraphQL\Language\AST\InlineFragmentNode; use GraphQL\Language\AST\InlineFragmentNode;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Type\Schema;
use GraphQL\Type\Definition\AbstractType; use GraphQL\Type\Definition\AbstractType;
use GraphQL\Type\Definition\CompositeType; use GraphQL\Type\Definition\CompositeType;
use GraphQL\Type\Definition\InterfaceType; use GraphQL\Type\Definition\InterfaceType;
use GraphQL\Type\Definition\ObjectType; use GraphQL\Type\Definition\ObjectType;
use GraphQL\Type\Definition\UnionType; use GraphQL\Type\Definition\UnionType;
use GraphQL\Validator\ValidationContext; use GraphQL\Type\Schema;
use GraphQL\Utils\TypeInfo; use GraphQL\Utils\TypeInfo;
use GraphQL\Validator\ValidationContext;
use function sprintf;
class PossibleFragmentSpreads extends AbstractValidationRule class PossibleFragmentSpreads extends ValidationRule
{ {
static function typeIncompatibleSpreadMessage($fragName, $parentType, $fragType)
{
return "Fragment \"$fragName\" cannot be spread here as objects of type \"$parentType\" can never be of type \"$fragType\".";
}
static function typeIncompatibleAnonSpreadMessage($parentType, $fragType)
{
return "Fragment cannot be spread here as objects of type \"$parentType\" can never be of type \"$fragType\".";
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
@ -33,42 +27,37 @@ class PossibleFragmentSpreads extends AbstractValidationRule
$fragType = $context->getType(); $fragType = $context->getType();
$parentType = $context->getParentType(); $parentType = $context->getParentType();
if ($fragType instanceof CompositeType && if (! ($fragType instanceof CompositeType) ||
$parentType instanceof CompositeType && ! ($parentType instanceof CompositeType) ||
!$this->doTypesOverlap($context->getSchema(), $fragType, $parentType)) { $this->doTypesOverlap($context->getSchema(), $fragType, $parentType)) {
return;
}
$context->reportError(new Error( $context->reportError(new Error(
self::typeIncompatibleAnonSpreadMessage($parentType, $fragType), self::typeIncompatibleAnonSpreadMessage($parentType, $fragType),
[$node] [$node]
)); ));
}
}, },
NodeKind::FRAGMENT_SPREAD => function (FragmentSpreadNode $node) use ($context) { NodeKind::FRAGMENT_SPREAD => function (FragmentSpreadNode $node) use ($context) {
$fragName = $node->name->value; $fragName = $node->name->value;
$fragType = $this->getFragmentType($context, $fragName); $fragType = $this->getFragmentType($context, $fragName);
$parentType = $context->getParentType(); $parentType = $context->getParentType();
if ($fragType && $parentType && !$this->doTypesOverlap($context->getSchema(), $fragType, $parentType)) { if (! $fragType ||
! $parentType ||
$this->doTypesOverlap($context->getSchema(), $fragType, $parentType)
) {
return;
}
$context->reportError(new Error( $context->reportError(new Error(
self::typeIncompatibleSpreadMessage($fragName, $parentType, $fragType), self::typeIncompatibleSpreadMessage($fragName, $parentType, $fragType),
[$node] [$node]
)); ));
} },
}
]; ];
} }
private function getFragmentType(ValidationContext $context, $name)
{
$frag = $context->getFragment($name);
if ($frag) {
$type = TypeInfo::typeFromAST($context->getSchema(), $frag->typeCondition);
if ($type instanceof CompositeType) {
return $type;
}
}
return null;
}
private function doTypesOverlap(Schema $schema, CompositeType $fragType, CompositeType $parentType) private function doTypesOverlap(Schema $schema, CompositeType $fragType, CompositeType $parentType)
{ {
// Checking in the order of the most frequently used scenarios: // Checking in the order of the most frequently used scenarios:
@ -136,4 +125,36 @@ class PossibleFragmentSpreads extends AbstractValidationRule
return false; return false;
} }
public static function typeIncompatibleAnonSpreadMessage($parentType, $fragType)
{
return sprintf(
'Fragment cannot be spread here as objects of type "%s" can never be of type "%s".',
$parentType,
$fragType
);
}
private function getFragmentType(ValidationContext $context, $name)
{
$frag = $context->getFragment($name);
if ($frag) {
$type = TypeInfo::typeFromAST($context->getSchema(), $frag->typeCondition);
if ($type instanceof CompositeType) {
return $type;
}
}
return null;
}
public static function typeIncompatibleSpreadMessage($fragName, $parentType, $fragType)
{
return sprintf(
'Fragment "%s" cannot be spread here as objects of type "%s" can never be of type "%s".',
$fragName,
$parentType,
$fragType
);
}
} }

64
src/Validator/Rules/ProvidedNonNullArguments.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -8,19 +11,10 @@ use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\Visitor; use GraphQL\Language\Visitor;
use GraphQL\Type\Definition\NonNull; use GraphQL\Type\Definition\NonNull;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class ProvidedNonNullArguments extends AbstractValidationRule class ProvidedNonNullArguments extends ValidationRule
{ {
static function missingFieldArgMessage($fieldName, $argName, $type)
{
return "Field \"$fieldName\" argument \"$argName\" of type \"$type\" is required but not provided.";
}
static function missingDirectiveArgMessage($directiveName, $argName, $type)
{
return "Directive \"@$directiveName\" argument \"$argName\" of type \"$type\" is required but not provided.";
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
@ -38,15 +32,17 @@ class ProvidedNonNullArguments extends AbstractValidationRule
$argNodeMap[$argNode->name->value] = $argNodes; $argNodeMap[$argNode->name->value] = $argNodes;
} }
foreach ($fieldDef->args as $argDef) { foreach ($fieldDef->args as $argDef) {
$argNode = isset($argNodeMap[$argDef->name]) ? $argNodeMap[$argDef->name] : null; $argNode = $argNodeMap[$argDef->name] ?? null;
if (!$argNode && $argDef->getType() instanceof NonNull) { if ($argNode || ! ($argDef->getType() instanceof NonNull)) {
continue;
}
$context->reportError(new Error( $context->reportError(new Error(
self::missingFieldArgMessage($fieldNode->name->value, $argDef->name, $argDef->getType()), self::missingFieldArgMessage($fieldNode->name->value, $argDef->name, $argDef->getType()),
[$fieldNode] [$fieldNode]
)); ));
} }
} },
}
], ],
NodeKind::DIRECTIVE => [ NodeKind::DIRECTIVE => [
'leave' => function (DirectiveNode $directiveNode) use ($context) { 'leave' => function (DirectiveNode $directiveNode) use ($context) {
@ -61,16 +57,42 @@ class ProvidedNonNullArguments extends AbstractValidationRule
} }
foreach ($directiveDef->args as $argDef) { foreach ($directiveDef->args as $argDef) {
$argNode = isset($argNodeMap[$argDef->name]) ? $argNodeMap[$argDef->name] : null; $argNode = $argNodeMap[$argDef->name] ?? null;
if (!$argNode && $argDef->getType() instanceof NonNull) { if ($argNode || ! ($argDef->getType() instanceof NonNull)) {
continue;
}
$context->reportError(new Error( $context->reportError(new Error(
self::missingDirectiveArgMessage($directiveNode->name->value, $argDef->name, $argDef->getType()), self::missingDirectiveArgMessage(
$directiveNode->name->value,
$argDef->name,
$argDef->getType()
),
[$directiveNode] [$directiveNode]
)); ));
} }
} },
} ],
]
]; ];
} }
public static function missingFieldArgMessage($fieldName, $argName, $type)
{
return sprintf(
'Field "%s" argument "%s" of type "%s" is required but not provided.',
$fieldName,
$argName,
$type
);
}
public static function missingDirectiveArgMessage($directiveName, $argName, $type)
{
return sprintf(
'Directive "@%s" argument "%s" of type "%s" is required but not provided.',
$directiveName,
$argName,
$type
);
}
} }

182
src/Validator/Rules/QueryComplexity.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -14,20 +17,27 @@ use GraphQL\Language\Visitor;
use GraphQL\Type\Definition\Directive; use GraphQL\Type\Definition\Directive;
use GraphQL\Type\Definition\FieldDefinition; use GraphQL\Type\Definition\FieldDefinition;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function array_map;
use function call_user_func_array;
use function implode;
use function method_exists;
use function sprintf;
class QueryComplexity extends AbstractQuerySecurity class QueryComplexity extends QuerySecurityRule
{ {
/** @var int */
private $maxQueryComplexity; private $maxQueryComplexity;
/** @var mixed[]|null */
private $rawVariableValues = []; private $rawVariableValues = [];
/** @var \ArrayObject */
private $variableDefs; private $variableDefs;
/** @var \ArrayObject */
private $fieldNodeAndDefs; private $fieldNodeAndDefs;
/** /** @var ValidationContext */
* @var ValidationContext
*/
private $context; private $context;
public function __construct($maxQueryComplexity) public function __construct($maxQueryComplexity)
@ -35,38 +45,6 @@ class QueryComplexity extends AbstractQuerySecurity
$this->setMaxQueryComplexity($maxQueryComplexity); $this->setMaxQueryComplexity($maxQueryComplexity);
} }
public static function maxQueryComplexityErrorMessage($max, $count)
{
return sprintf('Max query complexity should be %d but got %d.', $max, $count);
}
/**
* Set max query complexity. If equal to 0 no check is done. Must be greater or equal to 0.
*
* @param $maxQueryComplexity
*/
public function setMaxQueryComplexity($maxQueryComplexity)
{
$this->checkIfGreaterOrEqualToZero('maxQueryComplexity', $maxQueryComplexity);
$this->maxQueryComplexity = (int) $maxQueryComplexity;
}
public function getMaxQueryComplexity()
{
return $this->maxQueryComplexity;
}
public function setRawVariableValues(array $rawVariableValues = null)
{
$this->rawVariableValues = $rawVariableValues ?: [];
}
public function getRawVariableValues()
{
return $this->rawVariableValues;
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
$this->context = $context; $this->context = $context;
@ -89,21 +67,29 @@ class QueryComplexity extends AbstractQuerySecurity
}, },
NodeKind::VARIABLE_DEFINITION => function ($def) { NodeKind::VARIABLE_DEFINITION => function ($def) {
$this->variableDefs[] = $def; $this->variableDefs[] = $def;
return Visitor::skipNode(); return Visitor::skipNode();
}, },
NodeKind::OPERATION_DEFINITION => [ NodeKind::OPERATION_DEFINITION => [
'leave' => function (OperationDefinitionNode $operationDefinition) use ($context, &$complexity) { 'leave' => function (OperationDefinitionNode $operationDefinition) use ($context, &$complexity) {
$errors = $context->getErrors(); $errors = $context->getErrors();
if (empty($errors)) { if (! empty($errors)) {
return;
}
$complexity = $this->fieldComplexity($operationDefinition, $complexity); $complexity = $this->fieldComplexity($operationDefinition, $complexity);
if ($complexity > $this->getMaxQueryComplexity()) { if ($complexity <= $this->getMaxQueryComplexity()) {
return;
}
$context->reportError( $context->reportError(
new Error($this->maxQueryComplexityErrorMessage($this->getMaxQueryComplexity(), $complexity)) new Error($this->maxQueryComplexityErrorMessage(
$this->getMaxQueryComplexity(),
$complexity
))
); );
}
}
}, },
], ],
] ]
@ -125,7 +111,7 @@ class QueryComplexity extends AbstractQuerySecurity
{ {
switch ($node->kind) { switch ($node->kind) {
case NodeKind::FIELD: case NodeKind::FIELD:
/* @var FieldNode $node */ /** @var FieldNode $node */
// default values // default values
$args = []; $args = [];
$complexityFn = FieldDefinition::DEFAULT_COMPLEXITY_FN; $complexityFn = FieldDefinition::DEFAULT_COMPLEXITY_FN;
@ -157,7 +143,7 @@ class QueryComplexity extends AbstractQuerySecurity
break; break;
case NodeKind::INLINE_FRAGMENT: case NodeKind::INLINE_FRAGMENT:
/* @var InlineFragmentNode $node */ /** @var InlineFragmentNode $node */
// node has children? // node has children?
if (isset($node->selectionSet)) { if (isset($node->selectionSet)) {
$complexity = $this->fieldComplexity($node, $complexity); $complexity = $this->fieldComplexity($node, $complexity);
@ -165,10 +151,10 @@ class QueryComplexity extends AbstractQuerySecurity
break; break;
case NodeKind::FRAGMENT_SPREAD: case NodeKind::FRAGMENT_SPREAD:
/* @var FragmentSpreadNode $node */ /** @var FragmentSpreadNode $node */
$fragment = $this->getFragment($node); $fragment = $this->getFragment($node);
if (null !== $fragment) { if ($fragment !== null) {
$complexity = $this->fieldComplexity($fragment, $complexity); $complexity = $this->fieldComplexity($fragment, $complexity);
} }
break; break;
@ -183,7 +169,7 @@ class QueryComplexity extends AbstractQuerySecurity
$astFieldInfo = [null, null]; $astFieldInfo = [null, null];
if (isset($this->fieldNodeAndDefs[$fieldName])) { if (isset($this->fieldNodeAndDefs[$fieldName])) {
foreach ($this->fieldNodeAndDefs[$fieldName] as $astAndDef) { foreach ($this->fieldNodeAndDefs[$fieldName] as $astAndDef) {
if ($astAndDef[0] == $field) { if ($astAndDef[0] === $field) {
$astFieldInfo = $astAndDef; $astFieldInfo = $astAndDef;
break; break;
} }
@ -193,6 +179,59 @@ class QueryComplexity extends AbstractQuerySecurity
return $astFieldInfo; return $astFieldInfo;
} }
private function directiveExcludesField(FieldNode $node)
{
foreach ($node->directives as $directiveNode) {
if ($directiveNode->name->value === 'deprecated') {
return false;
}
$variableValuesResult = Values::getVariableValues(
$this->context->getSchema(),
$this->variableDefs,
$this->getRawVariableValues()
);
if ($variableValuesResult['errors']) {
throw new Error(implode(
"\n\n",
array_map(
function ($error) {
return $error->getMessage();
},
$variableValuesResult['errors']
)
));
}
$variableValues = $variableValuesResult['coerced'];
if ($directiveNode->name->value === 'include') {
$directive = Directive::includeDirective();
$directiveArgs = Values::getArgumentValues($directive, $directiveNode, $variableValues);
return ! $directiveArgs['if'];
}
$directive = Directive::skipDirective();
$directiveArgs = Values::getArgumentValues($directive, $directiveNode, $variableValues);
return $directiveArgs['if'];
}
}
public function getRawVariableValues()
{
return $this->rawVariableValues;
}
/**
* @param mixed[]|null $rawVariableValues
*/
public function setRawVariableValues(?array $rawVariableValues = null)
{
$this->rawVariableValues = $rawVariableValues ?: [];
}
private function buildFieldArguments(FieldNode $node) private function buildFieldArguments(FieldNode $node)
{ {
$rawVariableValues = $this->getRawVariableValues(); $rawVariableValues = $this->getRawVariableValues();
@ -209,11 +248,15 @@ class QueryComplexity extends AbstractQuerySecurity
); );
if ($variableValuesResult['errors']) { if ($variableValuesResult['errors']) {
throw new Error(implode("\n\n", array_map( throw new Error(implode(
"\n\n",
array_map(
function ($error) { function ($error) {
return $error->getMessage(); return $error->getMessage();
} },
, $variableValuesResult['errors']))); $variableValuesResult['errors']
)
));
} }
$variableValues = $variableValuesResult['coerced']; $variableValues = $variableValuesResult['coerced'];
@ -223,39 +266,24 @@ class QueryComplexity extends AbstractQuerySecurity
return $args; return $args;
} }
private function directiveExcludesField(FieldNode $node) { public function getMaxQueryComplexity()
foreach ($node->directives as $directiveNode) { {
if ($directiveNode->name->value === 'deprecated') { return $this->maxQueryComplexity;
return false;
} }
$variableValuesResult = Values::getVariableValues( /**
$this->context->getSchema(), * Set max query complexity. If equal to 0 no check is done. Must be greater or equal to 0.
$this->variableDefs, */
$this->getRawVariableValues() public function setMaxQueryComplexity($maxQueryComplexity)
); {
$this->checkIfGreaterOrEqualToZero('maxQueryComplexity', $maxQueryComplexity);
if ($variableValuesResult['errors']) { $this->maxQueryComplexity = (int) $maxQueryComplexity;
throw new Error(implode("\n\n", array_map(
function ($error) {
return $error->getMessage();
} }
, $variableValuesResult['errors'])));
}
$variableValues = $variableValuesResult['coerced'];
if ($directiveNode->name->value === 'include') { public static function maxQueryComplexityErrorMessage($max, $count)
$directive = Directive::includeDirective(); {
$directiveArgs = Values::getArgumentValues($directive, $directiveNode, $variableValues); return sprintf('Max query complexity should be %d but got %d.', $max, $count);
return !$directiveArgs['if'];
} else {
$directive = Directive::skipDirective();
$directiveArgs = Values::getArgumentValues($directive, $directiveNode, $variableValues);
return $directiveArgs['if'];
}
}
} }
protected function isEnabled() protected function isEnabled()

85
src/Validator/Rules/QueryDepth.php
View File

@ -1,21 +1,20 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\FieldNode;
use GraphQL\Language\AST\FragmentSpreadNode;
use GraphQL\Language\AST\InlineFragmentNode;
use GraphQL\Language\AST\Node; use GraphQL\Language\AST\Node;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\AST\OperationDefinitionNode; use GraphQL\Language\AST\OperationDefinitionNode;
use GraphQL\Language\AST\SelectionSetNode; use GraphQL\Language\AST\SelectionSetNode;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class QueryDepth extends AbstractQuerySecurity class QueryDepth extends QuerySecurityRule
{ {
/** /** @var int */
* @var int
*/
private $maxQueryDepth; private $maxQueryDepth;
public function __construct($maxQueryDepth) public function __construct($maxQueryDepth)
@ -23,28 +22,6 @@ class QueryDepth extends AbstractQuerySecurity
$this->setMaxQueryDepth($maxQueryDepth); $this->setMaxQueryDepth($maxQueryDepth);
} }
/**
* Set max query depth. If equal to 0 no check is done. Must be greater or equal to 0.
*
* @param $maxQueryDepth
*/
public function setMaxQueryDepth($maxQueryDepth)
{
$this->checkIfGreaterOrEqualToZero('maxQueryDepth', $maxQueryDepth);
$this->maxQueryDepth = (int) $maxQueryDepth;
}
public function getMaxQueryDepth()
{
return $this->maxQueryDepth;
}
public static function maxQueryDepthErrorMessage($max, $count)
{
return sprintf('Max query depth should be %d but got %d.', $max, $count);
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return $this->invokeIfNeeded( return $this->invokeIfNeeded(
@ -54,22 +31,19 @@ class QueryDepth extends AbstractQuerySecurity
'leave' => function (OperationDefinitionNode $operationDefinition) use ($context) { 'leave' => function (OperationDefinitionNode $operationDefinition) use ($context) {
$maxDepth = $this->fieldDepth($operationDefinition); $maxDepth = $this->fieldDepth($operationDefinition);
if ($maxDepth > $this->getMaxQueryDepth()) { if ($maxDepth <= $this->getMaxQueryDepth()) {
return;
}
$context->reportError( $context->reportError(
new Error($this->maxQueryDepthErrorMessage($this->getMaxQueryDepth(), $maxDepth)) new Error($this->maxQueryDepthErrorMessage($this->getMaxQueryDepth(), $maxDepth))
); );
}
}, },
], ],
] ]
); );
} }
protected function isEnabled()
{
return $this->getMaxQueryDepth() !== static::DISABLED;
}
private function fieldDepth($node, $depth = 0, $maxDepth = 0) private function fieldDepth($node, $depth = 0, $maxDepth = 0)
{ {
if (isset($node->selectionSet) && $node->selectionSet instanceof SelectionSetNode) { if (isset($node->selectionSet) && $node->selectionSet instanceof SelectionSetNode) {
@ -85,9 +59,9 @@ class QueryDepth extends AbstractQuerySecurity
{ {
switch ($node->kind) { switch ($node->kind) {
case NodeKind::FIELD: case NodeKind::FIELD:
/* @var FieldNode $node */ /** @var FieldNode $node */
// node has children? // node has children?
if (null !== $node->selectionSet) { if ($node->selectionSet !== null) {
// update maxDepth if needed // update maxDepth if needed
if ($depth > $maxDepth) { if ($depth > $maxDepth) {
$maxDepth = $depth; $maxDepth = $depth;
@ -97,18 +71,18 @@ class QueryDepth extends AbstractQuerySecurity
break; break;
case NodeKind::INLINE_FRAGMENT: case NodeKind::INLINE_FRAGMENT:
/* @var InlineFragmentNode $node */ /** @var InlineFragmentNode $node */
// node has children? // node has children?
if (null !== $node->selectionSet) { if ($node->selectionSet !== null) {
$maxDepth = $this->fieldDepth($node, $depth, $maxDepth); $maxDepth = $this->fieldDepth($node, $depth, $maxDepth);
} }
break; break;
case NodeKind::FRAGMENT_SPREAD: case NodeKind::FRAGMENT_SPREAD:
/* @var FragmentSpreadNode $node */ /** @var FragmentSpreadNode $node */
$fragment = $this->getFragment($node); $fragment = $this->getFragment($node);
if (null !== $fragment) { if ($fragment !== null) {
$maxDepth = $this->fieldDepth($fragment, $depth, $maxDepth); $maxDepth = $this->fieldDepth($fragment, $depth, $maxDepth);
} }
break; break;
@ -116,4 +90,31 @@ class QueryDepth extends AbstractQuerySecurity
return $maxDepth; return $maxDepth;
} }
public function getMaxQueryDepth()
{
return $this->maxQueryDepth;
}
/**
* Set max query depth. If equal to 0 no check is done. Must be greater or equal to 0.
*
* @param int $maxQueryDepth
*/
public function setMaxQueryDepth($maxQueryDepth)
{
$this->checkIfGreaterOrEqualToZero('maxQueryDepth', $maxQueryDepth);
$this->maxQueryDepth = (int) $maxQueryDepth;
}
public static function maxQueryDepthErrorMessage($max, $count)
{
return sprintf('Max query depth should be %d but got %d.', $max, $count);
}
protected function isEnabled()
{
return $this->getMaxQueryDepth() !== static::DISABLED;
}
} }

97
src/Validator/Rules/AbstractQuerySecurity.php → src/Validator/Rules/QuerySecurityRule.php
View File

@ -1,40 +1,35 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use Closure;
use GraphQL\Language\AST\FieldNode; use GraphQL\Language\AST\FieldNode;
use GraphQL\Language\AST\FragmentDefinitionNode; use GraphQL\Language\AST\FragmentDefinitionNode;
use GraphQL\Language\AST\FragmentSpreadNode; use GraphQL\Language\AST\FragmentSpreadNode;
use GraphQL\Language\AST\InlineFragmentNode;
use GraphQL\Language\AST\Node;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\AST\SelectionSetNode; use GraphQL\Language\AST\SelectionSetNode;
use GraphQL\Type\Definition\Type; use GraphQL\Type\Definition\Type;
use GraphQL\Type\Introspection; use GraphQL\Type\Introspection;
use GraphQL\Utils\TypeInfo; use GraphQL\Utils\TypeInfo;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function class_alias;
use function method_exists;
use function sprintf;
abstract class AbstractQuerySecurity extends AbstractValidationRule abstract class QuerySecurityRule extends ValidationRule
{ {
const DISABLED = 0; public const DISABLED = 0;
/** /** @var FragmentDefinitionNode[] */
* @var FragmentDefinitionNode[]
*/
private $fragments = []; private $fragments = [];
/**
* @return \GraphQL\Language\AST\FragmentDefinitionNode[]
*/
protected function getFragments()
{
return $this->fragments;
}
/** /**
* check if equal to 0 no check is done. Must be greater or equal to 0. * check if equal to 0 no check is done. Must be greater or equal to 0.
* *
* @param $value * @param string $name
* @param int $value
*/ */
protected function checkIfGreaterOrEqualToZero($name, $value) protected function checkIfGreaterOrEqualToZero($name, $value)
{ {
@ -43,26 +38,26 @@ abstract class AbstractQuerySecurity extends AbstractValidationRule
} }
} }
protected function gatherFragmentDefinition(ValidationContext $context)
{
// Gather all the fragment definition.
// Importantly this does not include inline fragments.
$definitions = $context->getDocument()->definitions;
foreach ($definitions as $node) {
if ($node instanceof FragmentDefinitionNode) {
$this->fragments[$node->name->value] = $node;
}
}
}
protected function getFragment(FragmentSpreadNode $fragmentSpread) protected function getFragment(FragmentSpreadNode $fragmentSpread)
{ {
$spreadName = $fragmentSpread->name->value; $spreadName = $fragmentSpread->name->value;
$fragments = $this->getFragments(); $fragments = $this->getFragments();
return isset($fragments[$spreadName]) ? $fragments[$spreadName] : null; return $fragments[$spreadName] ?? null;
} }
/**
* @return FragmentDefinitionNode[]
*/
protected function getFragments()
{
return $this->fragments;
}
/**
* @param Closure[] $validators
* @return Closure[]
*/
protected function invokeIfNeeded(ValidationContext $context, array $validators) protected function invokeIfNeeded(ValidationContext $context, array $validators)
{ {
// is disabled? // is disabled?
@ -75,6 +70,22 @@ abstract class AbstractQuerySecurity extends AbstractValidationRule
return $validators; return $validators;
} }
abstract protected function isEnabled();
protected function gatherFragmentDefinition(ValidationContext $context)
{
// Gather all the fragment definition.
// Importantly this does not include inline fragments.
$definitions = $context->getDocument()->definitions;
foreach ($definitions as $node) {
if (! ($node instanceof FragmentDefinitionNode)) {
continue;
}
$this->fragments[$node->name->value] = $node;
}
}
/** /**
* Given a selectionSet, adds all of the fields in that selection to * Given a selectionSet, adds all of the fields in that selection to
* the passed in map of fields, and returns it at the end. * the passed in map of fields, and returns it at the end.
@ -85,23 +96,24 @@ abstract class AbstractQuerySecurity extends AbstractValidationRule
* *
* @see \GraphQL\Validator\Rules\OverlappingFieldsCanBeMerged * @see \GraphQL\Validator\Rules\OverlappingFieldsCanBeMerged
* *
* @param ValidationContext $context
* @param Type|null $parentType * @param Type|null $parentType
* @param SelectionSetNode $selectionSet
* @param \ArrayObject $visitedFragmentNames
* @param \ArrayObject $astAndDefs
* *
* @return \ArrayObject * @return \ArrayObject
*/ */
protected function collectFieldASTsAndDefs(ValidationContext $context, $parentType, SelectionSetNode $selectionSet, \ArrayObject $visitedFragmentNames = null, \ArrayObject $astAndDefs = null) protected function collectFieldASTsAndDefs(
{ ValidationContext $context,
$parentType,
SelectionSetNode $selectionSet,
?\ArrayObject $visitedFragmentNames = null,
?\ArrayObject $astAndDefs = null
) {
$_visitedFragmentNames = $visitedFragmentNames ?: new \ArrayObject(); $_visitedFragmentNames = $visitedFragmentNames ?: new \ArrayObject();
$_astAndDefs = $astAndDefs ?: new \ArrayObject(); $_astAndDefs = $astAndDefs ?: new \ArrayObject();
foreach ($selectionSet->selections as $selection) { foreach ($selectionSet->selections as $selection) {
switch ($selection->kind) { switch ($selection->getKind()) {
case NodeKind::FIELD: case NodeKind::FIELD:
/* @var FieldNode $selection */ /** @var FieldNode $selection */
$fieldName = $selection->name->value; $fieldName = $selection->name->value;
$fieldDef = null; $fieldDef = null;
if ($parentType && method_exists($parentType, 'getFields')) { if ($parentType && method_exists($parentType, 'getFields')) {
@ -128,7 +140,7 @@ abstract class AbstractQuerySecurity extends AbstractValidationRule
$_astAndDefs[$responseName][] = [$selection, $fieldDef]; $_astAndDefs[$responseName][] = [$selection, $fieldDef];
break; break;
case NodeKind::INLINE_FRAGMENT: case NodeKind::INLINE_FRAGMENT:
/* @var InlineFragmentNode $selection */ /** @var InlineFragmentNode $selection */
$_astAndDefs = $this->collectFieldASTsAndDefs( $_astAndDefs = $this->collectFieldASTsAndDefs(
$context, $context,
TypeInfo::typeFromAST($context->getSchema(), $selection->typeCondition), TypeInfo::typeFromAST($context->getSchema(), $selection->typeCondition),
@ -138,7 +150,7 @@ abstract class AbstractQuerySecurity extends AbstractValidationRule
); );
break; break;
case NodeKind::FRAGMENT_SPREAD: case NodeKind::FRAGMENT_SPREAD:
/* @var FragmentSpreadNode $selection */ /** @var FragmentSpreadNode $selection */
$fragName = $selection->name->value; $fragName = $selection->name->value;
if (empty($_visitedFragmentNames[$fragName])) { if (empty($_visitedFragmentNames[$fragName])) {
@ -165,10 +177,9 @@ abstract class AbstractQuerySecurity extends AbstractValidationRule
protected function getFieldName(FieldNode $node) protected function getFieldName(FieldNode $node)
{ {
$fieldName = $node->name->value; $fieldName = $node->name->value;
$responseName = $node->alias ? $node->alias->value : $fieldName;
return $responseName; return $node->alias ? $node->alias->value : $fieldName;
}
} }
abstract protected function isEnabled(); class_alias(QuerySecurityRule::class, 'GraphQL\Validator\Rules\AbstractQuerySecurity');
}

34
src/Validator/Rules/ScalarLeafs.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -6,25 +9,19 @@ use GraphQL\Language\AST\FieldNode;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Type\Definition\Type; use GraphQL\Type\Definition\Type;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class ScalarLeafs extends AbstractValidationRule class ScalarLeafs extends ValidationRule
{ {
static function noSubselectionAllowedMessage($field, $type)
{
return "Field \"$field\" of type \"$type\" must not have a sub selection.";
}
static function requiredSubselectionMessage($field, $type)
{
return "Field \"$field\" of type \"$type\" must have a sub selection.";
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
NodeKind::FIELD => function (FieldNode $node) use ($context) { NodeKind::FIELD => function (FieldNode $node) use ($context) {
$type = $context->getType(); $type = $context->getType();
if ($type) { if (! $type) {
return;
}
if (Type::isLeafType(Type::getNamedType($type))) { if (Type::isLeafType(Type::getNamedType($type))) {
if ($node->selectionSet) { if ($node->selectionSet) {
$context->reportError(new Error( $context->reportError(new Error(
@ -38,8 +35,17 @@ class ScalarLeafs extends AbstractValidationRule
[$node] [$node]
)); ));
} }
} },
}
]; ];
} }
public static function noSubselectionAllowedMessage($field, $type)
{
return sprintf('Field "%s" of type "%s" must not have a sub selection.', $field, $type);
}
public static function requiredSubselectionMessage($field, $type)
{
return sprintf('Field "%s" of type "%s" must have a sub selection.', $field, $type);
}
} }

24
src/Validator/Rules/UniqueArgumentNames.php
View File

@ -1,20 +1,20 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\ArgumentNode; use GraphQL\Language\AST\ArgumentNode;
use GraphQL\Language\AST\Node; use GraphQL\Language\AST\NameNode;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\Visitor; use GraphQL\Language\Visitor;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class UniqueArgumentNames extends AbstractValidationRule class UniqueArgumentNames extends ValidationRule
{ {
static function duplicateArgMessage($argName) /** @var NameNode[] */
{
return "There can be only one argument named \"$argName\".";
}
public $knownArgNames; public $knownArgNames;
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
@ -23,7 +23,7 @@ class UniqueArgumentNames extends AbstractValidationRule
return [ return [
NodeKind::FIELD => function () { NodeKind::FIELD => function () {
$this->knownArgNames = [];; $this->knownArgNames = [];
}, },
NodeKind::DIRECTIVE => function () { NodeKind::DIRECTIVE => function () {
$this->knownArgNames = []; $this->knownArgNames = [];
@ -38,8 +38,14 @@ class UniqueArgumentNames extends AbstractValidationRule
} else { } else {
$this->knownArgNames[$argName] = $node->name; $this->knownArgNames[$argName] = $node->name;
} }
return Visitor::skipNode(); return Visitor::skipNode();
} },
]; ];
} }
public static function duplicateArgMessage($argName)
{
return sprintf('There can be only one argument named "%s".', $argName);
}
} }

24
src/Validator/Rules/UniqueDirectivesPerLocation.php
View File

@ -1,23 +1,25 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\DirectiveNode; use GraphQL\Language\AST\DirectiveNode;
use GraphQL\Language\AST\Node; use GraphQL\Language\AST\Node;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class UniqueDirectivesPerLocation extends AbstractValidationRule class UniqueDirectivesPerLocation extends ValidationRule
{ {
static function duplicateDirectiveMessage($directiveName)
{
return 'The directive "'.$directiveName.'" can only be used once at this location.';
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
'enter' => function (Node $node) use ($context) { 'enter' => function (Node $node) use ($context) {
if (isset($node->directives)) { if (! isset($node->directives)) {
return;
}
$knownDirectives = []; $knownDirectives = [];
foreach ($node->directives as $directive) { foreach ($node->directives as $directive) {
/** @var DirectiveNode $directive */ /** @var DirectiveNode $directive */
@ -31,8 +33,12 @@ class UniqueDirectivesPerLocation extends AbstractValidationRule
$knownDirectives[$directiveName] = $directive; $knownDirectives[$directiveName] = $directive;
} }
} }
} },
}
]; ];
} }
public static function duplicateDirectiveMessage($directiveName)
{
return sprintf('The directive "%s" can only be used once at this location.', $directiveName);
}
} }

27
src/Validator/Rules/UniqueFragmentNames.php
View File

@ -1,19 +1,20 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\FragmentDefinitionNode; use GraphQL\Language\AST\FragmentDefinitionNode;
use GraphQL\Language\AST\NameNode;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\Visitor; use GraphQL\Language\Visitor;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class UniqueFragmentNames extends AbstractValidationRule class UniqueFragmentNames extends ValidationRule
{ {
static function duplicateFragmentNameMessage($fragName) /** @var NameNode[] */
{
return "There can be only one fragment named \"$fragName\".";
}
public $knownFragmentNames; public $knownFragmentNames;
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
@ -26,16 +27,22 @@ class UniqueFragmentNames extends AbstractValidationRule
}, },
NodeKind::FRAGMENT_DEFINITION => function (FragmentDefinitionNode $node) use ($context) { NodeKind::FRAGMENT_DEFINITION => function (FragmentDefinitionNode $node) use ($context) {
$fragmentName = $node->name->value; $fragmentName = $node->name->value;
if (!empty($this->knownFragmentNames[$fragmentName])) { if (empty($this->knownFragmentNames[$fragmentName])) {
$this->knownFragmentNames[$fragmentName] = $node->name;
} else {
$context->reportError(new Error( $context->reportError(new Error(
self::duplicateFragmentNameMessage($fragmentName), self::duplicateFragmentNameMessage($fragmentName),
[$this->knownFragmentNames[$fragmentName], $node->name] [$this->knownFragmentNames[$fragmentName], $node->name]
)); ));
} else {
$this->knownFragmentNames[$fragmentName] = $node->name;
} }
return Visitor::skipNode(); return Visitor::skipNode();
} },
]; ];
} }
public static function duplicateFragmentNameMessage($fragName)
{
return sprintf('There can be only one fragment named "%s".', $fragName);
}
} }

25
src/Validator/Rules/UniqueInputFieldNames.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -6,15 +9,15 @@ use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\AST\ObjectFieldNode; use GraphQL\Language\AST\ObjectFieldNode;
use GraphQL\Language\Visitor; use GraphQL\Language\Visitor;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function array_pop;
use function sprintf;
class UniqueInputFieldNames extends AbstractValidationRule class UniqueInputFieldNames extends ValidationRule
{ {
static function duplicateInputFieldMessage($fieldName) /** @var string[] */
{
return "There can be only one input field named \"$fieldName\".";
}
public $knownNames; public $knownNames;
/** @var string[][] */
public $knownNameStack; public $knownNameStack;
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
@ -30,7 +33,7 @@ class UniqueInputFieldNames extends AbstractValidationRule
}, },
'leave' => function () { 'leave' => function () {
$this->knownNames = array_pop($this->knownNameStack); $this->knownNames = array_pop($this->knownNameStack);
} },
], ],
NodeKind::OBJECT_FIELD => function (ObjectFieldNode $node) use ($context) { NodeKind::OBJECT_FIELD => function (ObjectFieldNode $node) use ($context) {
$fieldName = $node->name->value; $fieldName = $node->name->value;
@ -43,8 +46,14 @@ class UniqueInputFieldNames extends AbstractValidationRule
} else { } else {
$this->knownNames[$fieldName] = $node->name; $this->knownNames[$fieldName] = $node->name;
} }
return Visitor::skipNode(); return Visitor::skipNode();
} },
]; ];
} }
public static function duplicateInputFieldMessage($fieldName)
{
return sprintf('There can be only one input field named "%s".', $fieldName);
}
} }

27
src/Validator/Rules/UniqueOperationNames.php
View File

@ -1,19 +1,20 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\NameNode;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\AST\OperationDefinitionNode; use GraphQL\Language\AST\OperationDefinitionNode;
use GraphQL\Language\Visitor; use GraphQL\Language\Visitor;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class UniqueOperationNames extends AbstractValidationRule class UniqueOperationNames extends ValidationRule
{ {
static function duplicateOperationNameMessage($operationName) /** @var NameNode[] */
{
return "There can be only one operation named \"$operationName\".";
}
public $knownOperationNames; public $knownOperationNames;
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
@ -25,20 +26,26 @@ class UniqueOperationNames extends AbstractValidationRule
$operationName = $node->name; $operationName = $node->name;
if ($operationName) { if ($operationName) {
if (!empty($this->knownOperationNames[$operationName->value])) { if (empty($this->knownOperationNames[$operationName->value])) {
$this->knownOperationNames[$operationName->value] = $operationName;
} else {
$context->reportError(new Error( $context->reportError(new Error(
self::duplicateOperationNameMessage($operationName->value), self::duplicateOperationNameMessage($operationName->value),
[$this->knownOperationNames[$operationName->value], $operationName] [$this->knownOperationNames[$operationName->value], $operationName]
)); ));
} else {
$this->knownOperationNames[$operationName->value] = $operationName;
} }
} }
return Visitor::skipNode(); return Visitor::skipNode();
}, },
NodeKind::FRAGMENT_DEFINITION => function () { NodeKind::FRAGMENT_DEFINITION => function () {
return Visitor::skipNode(); return Visitor::skipNode();
} },
]; ];
} }
public static function duplicateOperationNameMessage($operationName)
{
return sprintf('There can be only one operation named "%s".', $operationName);
}
} }

26
src/Validator/Rules/UniqueVariableNames.php
View File

@ -1,18 +1,19 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\NameNode;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\AST\VariableDefinitionNode; use GraphQL\Language\AST\VariableDefinitionNode;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class UniqueVariableNames extends AbstractValidationRule class UniqueVariableNames extends ValidationRule
{ {
static function duplicateVariableMessage($variableName) /** @var NameNode[] */
{
return "There can be only one variable named \"$variableName\".";
}
public $knownVariableNames; public $knownVariableNames;
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
@ -25,15 +26,20 @@ class UniqueVariableNames extends AbstractValidationRule
}, },
NodeKind::VARIABLE_DEFINITION => function (VariableDefinitionNode $node) use ($context) { NodeKind::VARIABLE_DEFINITION => function (VariableDefinitionNode $node) use ($context) {
$variableName = $node->variable->name->value; $variableName = $node->variable->name->value;
if (!empty($this->knownVariableNames[$variableName])) { if (empty($this->knownVariableNames[$variableName])) {
$this->knownVariableNames[$variableName] = $node->variable->name;
} else {
$context->reportError(new Error( $context->reportError(new Error(
self::duplicateVariableMessage($variableName), self::duplicateVariableMessage($variableName),
[$this->knownVariableNames[$variableName], $node->variable->name] [$this->knownVariableNames[$variableName], $node->variable->name]
)); ));
} else {
$this->knownVariableNames[$variableName] = $node->variable->name;
}
} }
},
]; ];
} }
public static function duplicateVariableMessage($variableName)
{
return sprintf('There can be only one variable named "%s".', $variableName);
}
} }

13
src/Validator/Rules/AbstractValidationRule.php → src/Validator/Rules/ValidationRule.php
View File

@ -1,10 +1,16 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function class_alias;
use function get_class;
abstract class AbstractValidationRule abstract class ValidationRule
{ {
/** @var string */
protected $name; protected $name;
public function getName() public function getName()
@ -21,8 +27,9 @@ abstract class AbstractValidationRule
* Returns structure suitable for GraphQL\Language\Visitor * Returns structure suitable for GraphQL\Language\Visitor
* *
* @see \GraphQL\Language\Visitor * @see \GraphQL\Language\Visitor
* @param ValidationContext $context * @return mixed[]
* @return array
*/ */
abstract public function getVisitor(ValidationContext $context); abstract public function getVisitor(ValidationContext $context);
} }
class_alias(ValidationRule::class, 'GraphQL\Validator\Rules\AbstractValidationRule');

101
src/Validator/Rules/ValuesOfCorrectType.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -24,6 +27,12 @@ use GraphQL\Type\Definition\ScalarType;
use GraphQL\Type\Definition\Type; use GraphQL\Type\Definition\Type;
use GraphQL\Utils\Utils; use GraphQL\Utils\Utils;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function array_combine;
use function array_keys;
use function array_map;
use function array_values;
use function iterator_to_array;
use function sprintf;
/** /**
* Value literals of correct type * Value literals of correct type
@ -31,41 +40,23 @@ use GraphQL\Validator\ValidationContext;
* A GraphQL document is only valid if all value literals are of the type * A GraphQL document is only valid if all value literals are of the type
* expected at their position. * expected at their position.
*/ */
class ValuesOfCorrectType extends AbstractValidationRule class ValuesOfCorrectType extends ValidationRule
{ {
static function badValueMessage($typeName, $valueName, $message = null)
{
return "Expected type {$typeName}, found {$valueName}" .
($message ? "; ${message}" : '.');
}
static function requiredFieldMessage($typeName, $fieldName, $fieldTypeName)
{
return "Field {$typeName}.{$fieldName} of required type " .
"{$fieldTypeName} was not provided.";
}
static function unknownFieldMessage($typeName, $fieldName, $message = null)
{
return (
"Field \"{$fieldName}\" is not defined by type {$typeName}" .
($message ? "; {$message}" : '.')
);
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
NodeKind::NULL => function (NullValueNode $node) use ($context) { NodeKind::NULL => function (NullValueNode $node) use ($context) {
$type = $context->getInputType(); $type = $context->getInputType();
if ($type instanceof NonNull) { if (! ($type instanceof NonNull)) {
return;
}
$context->reportError( $context->reportError(
new Error( new Error(
self::badValueMessage((string) $type, Printer::doPrint($node)), self::badValueMessage((string) $type, Printer::doPrint($node)),
$node $node
) )
); );
}
}, },
NodeKind::LST => function (ListValueNode $node) use ($context) { NodeKind::LST => function (ListValueNode $node) use ($context) {
// Note: TypeInfo will traverse into a list's item type, so look to the // Note: TypeInfo will traverse into a list's item type, so look to the
@ -73,6 +64,7 @@ class ValuesOfCorrectType extends AbstractValidationRule
$type = Type::getNullableType($context->getParentInputType()); $type = Type::getNullableType($context->getParentInputType());
if (! $type instanceof ListOfType) { if (! $type instanceof ListOfType) {
$this->isValidScalar($context, $node); $this->isValidScalar($context, $node);
return Visitor::skipNode(); return Visitor::skipNode();
} }
}, },
@ -82,18 +74,27 @@ class ValuesOfCorrectType extends AbstractValidationRule
$type = Type::getNamedType($context->getInputType()); $type = Type::getNamedType($context->getInputType());
if (! $type instanceof InputObjectType) { if (! $type instanceof InputObjectType) {
$this->isValidScalar($context, $node); $this->isValidScalar($context, $node);
return Visitor::skipNode(); return Visitor::skipNode();
} }
// Ensure every required field exists. // Ensure every required field exists.
$inputFields = $type->getFields(); $inputFields = $type->getFields();
$nodeFields = iterator_to_array($node->fields); $nodeFields = iterator_to_array($node->fields);
$fieldNodeMap = array_combine( $fieldNodeMap = array_combine(
array_map(function ($field) { return $field->name->value; }, $nodeFields), array_map(
function ($field) {
return $field->name->value;
},
$nodeFields
),
array_values($nodeFields) array_values($nodeFields)
); );
foreach ($inputFields as $fieldName => $fieldDef) { foreach ($inputFields as $fieldName => $fieldDef) {
$fieldType = $fieldDef->getType(); $fieldType = $fieldDef->getType();
if (!isset($fieldNodeMap[$fieldName]) && $fieldType instanceof NonNull) { if (isset($fieldNodeMap[$fieldName]) || ! ($fieldType instanceof NonNull)) {
continue;
}
$context->reportError( $context->reportError(
new Error( new Error(
self::requiredFieldMessage($type->name, $fieldName, (string) $fieldType), self::requiredFieldMessage($type->name, $fieldName, (string) $fieldType),
@ -101,18 +102,20 @@ class ValuesOfCorrectType extends AbstractValidationRule
) )
); );
} }
}
}, },
NodeKind::OBJECT_FIELD => function (ObjectFieldNode $node) use ($context) { NodeKind::OBJECT_FIELD => function (ObjectFieldNode $node) use ($context) {
$parentType = Type::getNamedType($context->getParentInputType()); $parentType = Type::getNamedType($context->getParentInputType());
$fieldType = $context->getInputType(); $fieldType = $context->getInputType();
if (!$fieldType && $parentType instanceof InputObjectType) { if ($fieldType || ! ($parentType instanceof InputObjectType)) {
return;
}
$suggestions = Utils::suggestionList( $suggestions = Utils::suggestionList(
$node->name->value, $node->name->value,
array_keys($parentType->getFields()) array_keys($parentType->getFields())
); );
$didYouMean = $suggestions $didYouMean = $suggestions
? "Did you mean " . Utils::orList($suggestions) . "?" ? 'Did you mean ' . Utils::orList($suggestions) . '?'
: null; : null;
$context->reportError( $context->reportError(
@ -121,7 +124,6 @@ class ValuesOfCorrectType extends AbstractValidationRule
$node $node
) )
); );
}
}, },
NodeKind::ENUM => function (EnumValueNode $node) use ($context) { NodeKind::ENUM => function (EnumValueNode $node) use ($context) {
$type = Type::getNamedType($context->getInputType()); $type = Type::getNamedType($context->getInputType());
@ -140,13 +142,27 @@ class ValuesOfCorrectType extends AbstractValidationRule
); );
} }
}, },
NodeKind::INT => function (IntValueNode $node) use ($context) { $this->isValidScalar($context, $node); }, NodeKind::INT => function (IntValueNode $node) use ($context) {
NodeKind::FLOAT => function (FloatValueNode $node) use ($context) { $this->isValidScalar($context, $node); }, $this->isValidScalar($context, $node);
NodeKind::STRING => function (StringValueNode $node) use ($context) { $this->isValidScalar($context, $node); }, },
NodeKind::BOOLEAN => function (BooleanValueNode $node) use ($context) { $this->isValidScalar($context, $node); }, NodeKind::FLOAT => function (FloatValueNode $node) use ($context) {
$this->isValidScalar($context, $node);
},
NodeKind::STRING => function (StringValueNode $node) use ($context) {
$this->isValidScalar($context, $node);
},
NodeKind::BOOLEAN => function (BooleanValueNode $node) use ($context) {
$this->isValidScalar($context, $node);
},
]; ];
} }
public static function badValueMessage($typeName, $valueName, $message = null)
{
return sprintf('Expected type %s, found %s', $typeName, $valueName) .
($message ? "; ${message}" : '.');
}
private function isValidScalar(ValidationContext $context, ValueNode $node) private function isValidScalar(ValidationContext $context, ValueNode $node)
{ {
// Report any error at the full type expected by the location. // Report any error at the full type expected by the location.
@ -169,6 +185,7 @@ class ValuesOfCorrectType extends AbstractValidationRule
$node $node
) )
); );
return; return;
} }
@ -216,12 +233,26 @@ class ValuesOfCorrectType extends AbstractValidationRule
if ($type instanceof EnumType) { if ($type instanceof EnumType) {
$suggestions = Utils::suggestionList( $suggestions = Utils::suggestionList(
Printer::doPrint($node), Printer::doPrint($node),
array_map(function (EnumValueDefinition $value) { array_map(
function (EnumValueDefinition $value) {
return $value->name; return $value->name;
}, $type->getValues()) },
$type->getValues()
)
); );
return $suggestions ? 'Did you mean the enum value ' . Utils::orList($suggestions) . '?' : null; return $suggestions ? 'Did you mean the enum value ' . Utils::orList($suggestions) . '?' : null;
} }
} }
public static function requiredFieldMessage($typeName, $fieldName, $fieldTypeName)
{
return sprintf('Field %s.%s of required type %s was not provided.', $typeName, $fieldName, $fieldTypeName);
}
public static function unknownFieldMessage($typeName, $fieldName, $message = null)
{
return sprintf('Field "%s" is not defined by type %s', $fieldName, $typeName) .
($message ? sprintf('; %s', $message) : '.');
}
} }

27
src/Validator/Rules/VariablesAreInputTypes.php
View File

@ -1,24 +1,20 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
use GraphQL\Language\AST\Node;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\AST\VariableDefinitionNode; use GraphQL\Language\AST\VariableDefinitionNode;
use GraphQL\Language\Printer; use GraphQL\Language\Printer;
use GraphQL\Type\Definition\InputType;
use GraphQL\Type\Definition\Type; use GraphQL\Type\Definition\Type;
use GraphQL\Utils\TypeInfo; use GraphQL\Utils\TypeInfo;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class VariablesAreInputTypes extends AbstractValidationRule class VariablesAreInputTypes extends ValidationRule
{ {
static function nonInputTypeOnVarMessage($variableName, $typeName)
{
return "Variable \"\$$variableName\" cannot be non-input type \"$typeName\".";
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
@ -26,14 +22,21 @@ class VariablesAreInputTypes extends AbstractValidationRule
$type = TypeInfo::typeFromAST($context->getSchema(), $node->type); $type = TypeInfo::typeFromAST($context->getSchema(), $node->type);
// If the variable type is not an input type, return an error. // If the variable type is not an input type, return an error.
if ($type && !Type::isInputType($type)) { if (! $type || Type::isInputType($type)) {
return;
}
$variableName = $node->variable->name->value; $variableName = $node->variable->name->value;
$context->reportError(new Error( $context->reportError(new Error(
self::nonInputTypeOnVarMessage($variableName, Printer::doPrint($node->type)), self::nonInputTypeOnVarMessage($variableName, Printer::doPrint($node->type)),
[$node->type] [$node->type]
)); ));
} },
}
]; ];
} }
public static function nonInputTypeOnVarMessage($variableName, $typeName)
{
return sprintf('Variable "$%s" cannot be non-input type "%s".', $variableName, $typeName);
}
} }

25
src/Validator/Rules/VariablesDefaultValueAllowed.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -9,6 +12,7 @@ use GraphQL\Language\AST\VariableDefinitionNode;
use GraphQL\Language\Visitor; use GraphQL\Language\Visitor;
use GraphQL\Type\Definition\NonNull; use GraphQL\Type\Definition\NonNull;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
/** /**
* Variable's default value is allowed * Variable's default value is allowed
@ -16,17 +20,8 @@ use GraphQL\Validator\ValidationContext;
* A GraphQL document is only valid if all variable default values are allowed * A GraphQL document is only valid if all variable default values are allowed
* due to a variable not being required. * due to a variable not being required.
*/ */
class VariablesDefaultValueAllowed extends AbstractValidationRule class VariablesDefaultValueAllowed extends ValidationRule
{ {
static function defaultForRequiredVarMessage($varName, $type, $guessType)
{
return (
"Variable \"\${$varName}\" of type \"{$type}\" is required and " .
'will not use the default value. ' .
"Perhaps you meant to use type \"{$guessType}\"."
);
}
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
{ {
return [ return [
@ -57,4 +52,14 @@ class VariablesDefaultValueAllowed extends AbstractValidationRule
}, },
]; ];
} }
public static function defaultForRequiredVarMessage($varName, $type, $guessType)
{
return sprintf(
'Variable "$%s" of type "%s" is required and will not use the default value. Perhaps you meant to use type "%s".',
$varName,
$type,
$guessType
);
}
} }

70
src/Validator/Rules/VariablesInAllowedPosition.php
View File

@ -1,4 +1,7 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator\Rules; namespace GraphQL\Validator\Rules;
use GraphQL\Error\Error; use GraphQL\Error\Error;
@ -10,15 +13,11 @@ use GraphQL\Type\Definition\NonNull;
use GraphQL\Utils\TypeComparators; use GraphQL\Utils\TypeComparators;
use GraphQL\Utils\TypeInfo; use GraphQL\Utils\TypeInfo;
use GraphQL\Validator\ValidationContext; use GraphQL\Validator\ValidationContext;
use function sprintf;
class VariablesInAllowedPosition extends AbstractValidationRule class VariablesInAllowedPosition extends ValidationRule
{ {
static function badVarPosMessage($varName, $varType, $expectedType) /** @var */
{
return "Variable \"\$$varName\" of type \"$varType\" used in position expecting ".
"type \"$expectedType\".";
}
public $varDefMap; public $varDefMap;
public function getVisitor(ValidationContext $context) public function getVisitor(ValidationContext $context)
@ -35,9 +34,12 @@ class VariablesInAllowedPosition extends AbstractValidationRule
$node = $usage['node']; $node = $usage['node'];
$type = $usage['type']; $type = $usage['type'];
$varName = $node->name->value; $varName = $node->name->value;
$varDef = isset($this->varDefMap[$varName]) ? $this->varDefMap[$varName] : null; $varDef = $this->varDefMap[$varName] ?? null;
if (! $varDef || ! $type) {
continue;
}
if ($varDef && $type) {
// A var type is allowed if it is the same or more strict (e.g. is // A var type is allowed if it is the same or more strict (e.g. is
// a subtype of) than the expected type. It can be more strict if // a subtype of) than the expected type. It can be more strict if
// the variable type is non-null when the expected type is nullable. // the variable type is non-null when the expected type is nullable.
@ -46,32 +48,56 @@ class VariablesInAllowedPosition extends AbstractValidationRule
$schema = $context->getSchema(); $schema = $context->getSchema();
$varType = TypeInfo::typeFromAST($schema, $varDef->type); $varType = TypeInfo::typeFromAST($schema, $varDef->type);
if ($varType && !TypeComparators::isTypeSubTypeOf($schema, $this->effectiveType($varType, $varDef), $type)) { if (! $varType || TypeComparators::isTypeSubTypeOf(
$schema,
$this->effectiveType($varType, $varDef),
$type
)) {
continue;
}
$context->reportError(new Error( $context->reportError(new Error(
self::badVarPosMessage($varName, $varType, $type), self::badVarPosMessage($varName, $varType, $type),
[$varDef, $node] [$varDef, $node]
)); ));
} }
} },
}
}
], ],
NodeKind::VARIABLE_DEFINITION => function (VariableDefinitionNode $varDefNode) { NodeKind::VARIABLE_DEFINITION => function (VariableDefinitionNode $varDefNode) {
$this->varDefMap[$varDefNode->variable->name->value] = $varDefNode; $this->varDefMap[$varDefNode->variable->name->value] = $varDefNode;
} },
]; ];
} }
// A var type is allowed if it is the same or more strict than the expected private function effectiveType($varType, $varDef)
// type. It can be more strict if the variable type is non-null when the {
// expected type is nullable. If both are list types, the variable item type can return (! $varDef->defaultValue || $varType instanceof NonNull) ? $varType : new NonNull($varType);
// be more strict than the expected item type. }
/**
* A var type is allowed if it is the same or more strict than the expected
* type. It can be more strict if the variable type is non-null when the
* expected type is nullable. If both are list types, the variable item type can
* be more strict than the expected item type.
*/
public static function badVarPosMessage($varName, $varType, $expectedType)
{
return sprintf(
'Variable "$%s" of type "%s" used in position expecting type "%s".',
$varName,
$varType,
$expectedType
);
}
/** If a variable definition has a default value, it's effectively non-null. */
private function varTypeAllowedForType($varType, $expectedType) private function varTypeAllowedForType($varType, $expectedType)
{ {
if ($expectedType instanceof NonNull) { if ($expectedType instanceof NonNull) {
if ($varType instanceof NonNull) { if ($varType instanceof NonNull) {
return $this->varTypeAllowedForType($varType->getWrappedType(), $expectedType->getWrappedType()); return $this->varTypeAllowedForType($varType->getWrappedType(), $expectedType->getWrappedType());
} }
return false; return false;
} }
if ($varType instanceof NonNull) { if ($varType instanceof NonNull) {
@ -80,13 +106,7 @@ class VariablesInAllowedPosition extends AbstractValidationRule
if ($varType instanceof ListOfType && $expectedType instanceof ListOfType) { if ($varType instanceof ListOfType && $expectedType instanceof ListOfType) {
return $this->varTypeAllowedForType($varType->getWrappedType(), $expectedType->getWrappedType()); return $this->varTypeAllowedForType($varType->getWrappedType(), $expectedType->getWrappedType());
} }
return $varType === $expectedType; return $varType === $expectedType;
} }
// If a variable definition has a default value, it's effectively non-null.
private function effectiveType($varType, $varDef)
{
return (!$varDef->defaultValue || $varType instanceof NonNull) ? $varType : new NonNull($varType);
}
} }

263
src/Validator/ValidationContext.php
View File

@ -1,22 +1,27 @@
<?php <?php
declare(strict_types=1);
namespace GraphQL\Validator; namespace GraphQL\Validator;
use GraphQL\Error\Error;
use GraphQL\Language\AST\DocumentNode;
use GraphQL\Language\AST\FragmentDefinitionNode;
use GraphQL\Language\AST\FragmentSpreadNode; use GraphQL\Language\AST\FragmentSpreadNode;
use GraphQL\Language\AST\HasSelectionSet; use GraphQL\Language\AST\HasSelectionSet;
use GraphQL\Language\AST\NodeKind; use GraphQL\Language\AST\NodeKind;
use GraphQL\Language\AST\OperationDefinitionNode; use GraphQL\Language\AST\OperationDefinitionNode;
use GraphQL\Language\AST\VariableNode; use GraphQL\Language\AST\VariableNode;
use GraphQL\Language\Visitor; use GraphQL\Language\Visitor;
use \SplObjectStorage;
use GraphQL\Error\Error;
use GraphQL\Type\Schema;
use GraphQL\Language\AST\DocumentNode;
use GraphQL\Language\AST\FragmentDefinitionNode;
use GraphQL\Type\Definition\CompositeType;
use GraphQL\Type\Definition\FieldDefinition; use GraphQL\Type\Definition\FieldDefinition;
use GraphQL\Type\Definition\InputType; use GraphQL\Type\Definition\InputType;
use GraphQL\Type\Definition\Type; use GraphQL\Type\Definition\Type;
use GraphQL\Type\Schema;
use GraphQL\Utils\TypeInfo; use GraphQL\Utils\TypeInfo;
use SplObjectStorage;
use function array_pop;
use function call_user_func_array;
use function count;
/** /**
* An instance of this class is passed as the "this" context to all validators, * An instance of this class is passed as the "this" context to all validators,
@ -25,59 +30,34 @@ use GraphQL\Utils\TypeInfo;
*/ */
class ValidationContext class ValidationContext
{ {
/** /** @var Schema */
* @var Schema
*/
private $schema; private $schema;
/** /** @var DocumentNode */
* @var DocumentNode
*/
private $ast; private $ast;
/** /** @var TypeInfo */
* @var TypeInfo
*/
private $typeInfo; private $typeInfo;
/** /** @var Error[] */
* @var Error[]
*/
private $errors; private $errors;
/** /** @var FragmentDefinitionNode[] */
* @var FragmentDefinitionNode[]
*/
private $fragments; private $fragments;
/** /** @var SplObjectStorage */
* @var SplObjectStorage
*/
private $fragmentSpreads; private $fragmentSpreads;
/** /** @var SplObjectStorage */
* @var SplObjectStorage
*/
private $recursivelyReferencedFragments; private $recursivelyReferencedFragments;
/** /** @var SplObjectStorage */
* @var SplObjectStorage
*/
private $variableUsages; private $variableUsages;
/** /** @var SplObjectStorage */
* @var SplObjectStorage
*/
private $recursiveVariableUsages; private $recursiveVariableUsages;
/** public function __construct(Schema $schema, DocumentNode $ast, TypeInfo $typeInfo)
* ValidationContext constructor.
*
* @param Schema $schema
* @param DocumentNode $ast
* @param TypeInfo $typeInfo
*/
function __construct(Schema $schema, DocumentNode $ast, TypeInfo $typeInfo)
{ {
$this->schema = $schema; $this->schema = $schema;
$this->ast = $ast; $this->ast = $ast;
@ -89,10 +69,7 @@ class ValidationContext
$this->recursiveVariableUsages = new SplObjectStorage(); $this->recursiveVariableUsages = new SplObjectStorage();
} }
/** public function reportError(Error $error)
* @param Error $error
*/
function reportError(Error $error)
{ {
$this->errors[] = $error; $this->errors[] = $error;
} }
@ -100,7 +77,7 @@ class ValidationContext
/** /**
* @return Error[] * @return Error[]
*/ */
function getErrors() public function getErrors()
{ {
return $this->errors; return $this->errors;
} }
@ -108,45 +85,110 @@ class ValidationContext
/** /**
* @return Schema * @return Schema
*/ */
function getSchema() public function getSchema()
{ {
return $this->schema; return $this->schema;
} }
/** /**
* @return DocumentNode * @return mixed[][] List of ['node' => VariableNode, 'type' => ?InputObjectType]
*/ */
function getDocument() public function getRecursiveVariableUsages(OperationDefinitionNode $operation)
{ {
return $this->ast; $usages = $this->recursiveVariableUsages[$operation] ?? null;
if (! $usages) {
$usages = $this->getVariableUsages($operation);
$fragments = $this->getRecursivelyReferencedFragments($operation);
$tmp = [$usages];
for ($i = 0; $i < count($fragments); $i++) {
$tmp[] = $this->getVariableUsages($fragments[$i]);
}
$usages = call_user_func_array('array_merge', $tmp);
$this->recursiveVariableUsages[$operation] = $usages;
}
return $usages;
} }
/** /**
* @param string $name * @return mixed[][] List of ['node' => VariableNode, 'type' => ?InputObjectType]
* @return FragmentDefinitionNode|null
*/ */
function getFragment($name) private function getVariableUsages(HasSelectionSet $node)
{ {
$fragments = $this->fragments; $usages = $this->variableUsages[$node] ?? null;
if (! $usages) {
$newUsages = [];
$typeInfo = new TypeInfo($this->schema);
Visitor::visit(
$node,
Visitor::visitWithTypeInfo(
$typeInfo,
[
NodeKind::VARIABLE_DEFINITION => function () {
return false;
},
NodeKind::VARIABLE => function (VariableNode $variable) use (
&$newUsages,
$typeInfo
) {
$newUsages[] = ['node' => $variable, 'type' => $typeInfo->getInputType()];
},
]
)
);
$usages = $newUsages;
$this->variableUsages[$node] = $usages;
}
return $usages;
}
/**
* @return FragmentDefinitionNode[]
*/
public function getRecursivelyReferencedFragments(OperationDefinitionNode $operation)
{
$fragments = $this->recursivelyReferencedFragments[$operation] ?? null;
if (! $fragments) { if (! $fragments) {
$fragments = []; $fragments = [];
foreach ($this->getDocument()->definitions as $statement) { $collectedNames = [];
if ($statement->kind === NodeKind::FRAGMENT_DEFINITION) { $nodesToVisit = [$operation];
$fragments[$statement->name->value] = $statement; while (! empty($nodesToVisit)) {
$node = array_pop($nodesToVisit);
$spreads = $this->getFragmentSpreads($node);
for ($i = 0; $i < count($spreads); $i++) {
$fragName = $spreads[$i]->name->value;
if (! empty($collectedNames[$fragName])) {
continue;
}
$collectedNames[$fragName] = true;
$fragment = $this->getFragment($fragName);
if (! $fragment) {
continue;
}
$fragments[] = $fragment;
$nodesToVisit[] = $fragment;
} }
} }
$this->fragments = $fragments; $this->recursivelyReferencedFragments[$operation] = $fragments;
} }
return isset($fragments[$name]) ? $fragments[$name] : null;
return $fragments;
} }
/** /**
* @param HasSelectionSet $node
* @return FragmentSpreadNode[] * @return FragmentSpreadNode[]
*/ */
function getFragmentSpreads(HasSelectionSet $node) public function getFragmentSpreads(HasSelectionSet $node)
{ {
$spreads = isset($this->fragmentSpreads[$node]) ? $this->fragmentSpreads[$node] : null; $spreads = $this->fragmentSpreads[$node] ?? null;
if (! $spreads) { if (! $spreads) {
$spreads = []; $spreads = [];
$setsToVisit = [$node->selectionSet]; $setsToVisit = [$node->selectionSet];
@ -164,87 +206,38 @@ class ValidationContext
} }
$this->fragmentSpreads[$node] = $spreads; $this->fragmentSpreads[$node] = $spreads;
} }
return $spreads; return $spreads;
} }
/** /**
* @param OperationDefinitionNode $operation * @param string $name
* @return FragmentDefinitionNode[] * @return FragmentDefinitionNode|null
*/ */
function getRecursivelyReferencedFragments(OperationDefinitionNode $operation) public function getFragment($name)
{ {
$fragments = isset($this->recursivelyReferencedFragments[$operation]) ? $this->recursivelyReferencedFragments[$operation] : null; $fragments = $this->fragments;
if (! $fragments) { if (! $fragments) {
$fragments = []; $fragments = [];
$collectedNames = []; foreach ($this->getDocument()->definitions as $statement) {
$nodesToVisit = [$operation]; if ($statement->kind !== NodeKind::FRAGMENT_DEFINITION) {
while (!empty($nodesToVisit)) { continue;
$node = array_pop($nodesToVisit); }
$spreads = $this->getFragmentSpreads($node);
for ($i = 0; $i < count($spreads); $i++) {
$fragName = $spreads[$i]->name->value;
if (empty($collectedNames[$fragName])) { $fragments[$statement->name->value] = $statement;
$collectedNames[$fragName] = true;
$fragment = $this->getFragment($fragName);
if ($fragment) {
$fragments[] = $fragment;
$nodesToVisit[] = $fragment;
} }
$this->fragments = $fragments;
} }
}
} return $fragments[$name] ?? null;
$this->recursivelyReferencedFragments[$operation] = $fragments;
}
return $fragments;
} }
/** /**
* @param HasSelectionSet $node * @return DocumentNode
* @return array List of ['node' => VariableNode, 'type' => ?InputObjectType]
*/ */
function getVariableUsages(HasSelectionSet $node) public function getDocument()
{ {
$usages = isset($this->variableUsages[$node]) ? $this->variableUsages[$node] : null; return $this->ast;
if (!$usages) {
$newUsages = [];
$typeInfo = new TypeInfo($this->schema);
Visitor::visit($node, Visitor::visitWithTypeInfo($typeInfo, [
NodeKind::VARIABLE_DEFINITION => function () {
return false;
},
NodeKind::VARIABLE => function (VariableNode $variable) use (&$newUsages, $typeInfo) {
$newUsages[] = ['node' => $variable, 'type' => $typeInfo->getInputType()];
}
]));
$usages = $newUsages;
$this->variableUsages[$node] = $usages;
}
return $usages;
}
/**
* @param OperationDefinitionNode $operation
* @return array List of ['node' => VariableNode, 'type' => ?InputObjectType]
*/
function getRecursiveVariableUsages(OperationDefinitionNode $operation)
{
$usages = isset($this->recursiveVariableUsages[$operation]) ? $this->recursiveVariableUsages[$operation] : null;
if (!$usages) {
$usages = $this->getVariableUsages($operation);
$fragments = $this->getRecursivelyReferencedFragments($operation);
$tmp = [$usages];
for ($i = 0; $i < count($fragments); $i++) {
$tmp[] = $this->getVariableUsages($fragments[$i]);
}
$usages = call_user_func_array('array_merge', $tmp);
$this->recursiveVariableUsages[$operation] = $usages;
}
return $usages;
} }
/** /**
@ -252,15 +245,15 @@ class ValidationContext
* *
* @return Type * @return Type
*/ */
function getType() public function getType()
{ {
return $this->typeInfo->getType(); return $this->typeInfo->getType();
} }
/** /**
* @return CompositeType * @return Type
*/ */
function getParentType() public function getParentType()
{ {
return $this->typeInfo->getParentType(); return $this->typeInfo->getParentType();
} }
@ -268,7 +261,7 @@ class ValidationContext
/** /**
* @return InputType * @return InputType
*/ */
function getInputType() public function getInputType()
{ {
return $this->typeInfo->getInputType(); return $this->typeInfo->getInputType();
} }
@ -276,7 +269,7 @@ class ValidationContext
/** /**
* @return InputType * @return InputType
*/ */
function getParentInputType() public function getParentInputType()
{ {
return $this->typeInfo->getParentInputType(); return $this->typeInfo->getParentInputType();
} }
@ -284,17 +277,17 @@ class ValidationContext
/** /**
* @return FieldDefinition * @return FieldDefinition
*/ */
function getFieldDef() public function getFieldDef()
{ {
return $this->typeInfo->getFieldDef(); return $this->typeInfo->getFieldDef();
} }
function getDirective() public function getDirective()
{ {
return $this->typeInfo->getDirective(); return $this->typeInfo->getDirective();
} }
function getArgument() public function getArgument()
{ {
return $this->typeInfo->getArgument(); return $this->typeInfo->getArgument();
} }

9
tests/Validator/QuerySecurityTestCase.php
View File

@ -5,7 +5,7 @@ use GraphQL\Error\FormattedError;
use GraphQL\Language\Parser; use GraphQL\Language\Parser;
use GraphQL\Type\Introspection; use GraphQL\Type\Introspection;
use GraphQL\Validator\DocumentValidator; use GraphQL\Validator\DocumentValidator;
use GraphQL\Validator\Rules\AbstractQuerySecurity; use GraphQL\Validator\Rules\QuerySecurityRule;
use PHPUnit\Framework\TestCase; use PHPUnit\Framework\TestCase;
abstract class QuerySecurityTestCase extends TestCase abstract class QuerySecurityTestCase extends TestCase
@ -13,7 +13,7 @@ abstract class QuerySecurityTestCase extends TestCase
/** /**
* @param $max * @param $max
* *
* @return AbstractQuerySecurity * @return QuerySecurityRule
*/ */
abstract protected function getRule($max); abstract protected function getRule($max);
@ -89,8 +89,9 @@ abstract class QuerySecurityTestCase extends TestCase
{ {
$this->assertDocumentValidator($query, $maxExpected); $this->assertDocumentValidator($query, $maxExpected);
$newMax = $maxExpected - 1; $newMax = $maxExpected - 1;
if ($newMax !== AbstractQuerySecurity::DISABLED) { if ($newMax === QuerySecurityRule::DISABLED) {
return;
}
$this->assertDocumentValidator($query, $newMax, [$this->createFormattedError($newMax, $maxExpected)]); $this->assertDocumentValidator($query, $newMax, [$this->createFormattedError($newMax, $maxExpected)]);
} }
} }
}