mirror of
https://github.com/retailcrm/graphql-php.git
synced 2024-11-26 14:56:03 +03:00
d22385cc93
specification. The framework currently coerces query variables similar to the way it treats output values, which means it attempts to coerce the value into the field's corresponding data type regardless of the received value. According to items 3f and 3g in section 6.1.2 (http://facebook.github.io/graphql/#sec-Validating-Requests) of Facebook's GraphQL specification query variables should be coerced according to their type's input coercion rules laid out in section 3.1.1 (http://facebook.github.io/graphql/#sec-Scalars). If the value can not be coerced into the correct type according the the input coercion rules for the type a query error should be thrown. This ensures that client provided query variables were of the correct format and will be a valid format and type by the time they are passed into an implementing resolver. This patch fixes the above issue by updating the way query variables are sanitized during the process of parsing the query. It directly follows the rules for scalar input coercion laid out by the specification and throws query errors when a value that cannot be coerced to the correct type is given. Tests for isValidPHPValue will also be updated to ensure that it is doing the correct type checks on Values::isValidPHPValue for the given type and value provided. A new test case will also be added to test Values::getVariableValues and make sure it is also enforcing the scalar input coercion rules and throwing errors for invalid values. |
||
---|---|---|
.. | ||
AstFromValueTest.php | ||
BuildSchemaTest.php | ||
ExtractTypesTest.php | ||
IsValidPHPValueTest.php | ||
MixedStoreTest.php | ||
SchemaPrinterTest.php | ||
ValueFromAstTest.php |