[RFC]SDL validation

[IvanGoncharov]

Discussed in #1389

[IvanGoncharov]

@mjmahone This is a proposed solution for a situation where library/tools want to add its directives to user-provided SDL.
Alternatively, you can just prefix user-provided SDL but it will screw line offsets in errors.
Another alternative is to use concatAST but there no method to convert GraphQLDirective to AST.

This is a pretty big change but in addition to injecting directives it also allows to implement buildASTSchema as follows:

function buildASTSchema(ast, options) {
  return extendSchema(new GraphQLSchema({}), ast, options);
}

To make review easier tomorrow I will extract this change into separate PR.

[mjmahone]

That looks pretty cool! I think we might need to provide a method to convert GraphQLDirective to AST.

[IvanGoncharov]

@mjmahone This is working code but it needs more tests and I also want to split out a two PRs: all refactorings and allows to define a schema using extendSchema.
I will try to finish it tomorrow.

[mjmahone]

This is very exciting! It is a huge improvement over #1435. My two concerns: making sure the assumeValid API is correct, and trying to avoid using a GraphQLSchema at all inside our SDL validation.

[mjmahone]

I think this should just piggyback on the GraphQLSchemaValidationOptions's assumeValid key.

If I set assumeValid and then get an error thrown when building the AST schema, that would be surprising. Especially as buildASTSchema's sole job is to build a schema.

[IvanGoncharov]

@mjmahone Good catch 🔎 🐞
Fixed.

[mjmahone]

Wow this looks like it will not work, until you read the visitInParallel documentation:

Each visitor will be visited for each node before moving on.

So this only works because we are guaranteed to visit every single Document prior to visiting any definition. That is very clever.

[IvanGoncharov]

@mjmahone It's unnecessary complication since you context has getDocument function. So I just removed Document and move this code on the top level.

[mjmahone]

I like this a lot, and would in fact be a fan of moving all existing schema validation rules into validateSDL. Not sure if we want to do that prior to 14.0, but it might be nice to add them as optional rules for 14.1, and then have those be the specified rules for 15.0 (6 months down the line? Not sure what our release cadence is supposed to be).

I am very tempted to fix buildASTSchema(ast, {assumeValid: true}) to not throw on errors that would normally be considered SDL-type errors (i.e. errors that do not prevent us from building a schema, it just would likely fail once built).

[mjmahone]

hmmm, I'm not 100% certain whether or not we should allow people to pass in a TypeInfo here. I know internally we have a special TypeInfo (centered around dealing with pre-open-source GraphQL oddities) that we always pass into validate, but I don't believe it's required for the SDL at all.

[IvanGoncharov]

@mjmahone Are you referring to the rules field?
To be more explicit I created SDLValidationRule and used it here so now this line looks like:

rules?: $ReadOnlyArray<SDLValidationRule> = specifiedSDLRules,

[mjmahone]

Oh I'm OK with the rules field. For validate there is an extra optional argument, typeInfo?: TypeInfo which I do not believe is required.

[mjmahone]

I like this split, as there's so many rules that don't need a schema at all.

However, I am beginning to think there are three pieces:

• a pure "ErrorReporter". Has no AST knowledge.
• an AST-only context. This is SDLValidationContext as it stands. Everything that is a pure visitor can use this context. It may need two documents, Schema and Executable ASTs.
• a Schema-aware context. Much like visitor can take in a visitWithTypeInfo, this would hold a ASTValidationContext, and delegate to that one for the ast functionality.

[IvanGoncharov]

Addressed in #1446

[mjmahone]

I don't think we should even allow access to a GraphQLSchema here: instead, if you pass in an existing schema, we can convert that schema to AST nodes (a very rough way to do this would be to parse(printSchema(schema))).

Ideally, the current GraphQLSchema would only be a runtime thing: you need it to validate queries you're trying to persist, but you don't need it to validate or transform itself.

I like the idea that there's a split between "validation that needs a schema" and "validation that does not", and "validation that does not need a schema" is a superset of "SDL validation".

[IvanGoncharov]

@mjmahone Problem is that conversion from SDL to GraphQLSchema is lossless, but not vice versa. For example, you lose all directives which prevent from enforcing the rule that forbids directive duplication in extends.

Also after parse(printSchema(schema))) you loose ability to print errors with original locations and formating of nodes.

And there are others many potential scenarious where we loose something by such converion especially if schema that we trying to extend was build from GraphQL*Types not from SDL. For example, developer can create custom class derived GraphQLObjectType with some additional data and require this additional data inside his custom SDL rules.

And it's not a technical problem, since GraphQLSchema is intended to be most complete represenation of schema.

and "validation that does not need a schema" is a superset of "SDL validation".

"validation that does not need a schema" => ASTValidationContext
And this context suffisient for all rules that scoped to particular defintion.

If rule should check conflicts/dependencies beetween definitions it should handle case when you extending existing schema and use SDLValidationContext.

[mjmahone]

We should fix it so it's lossless, but that would be a different PR, and we could probably target 14.1 for that.

Also after parse(printSchema(schema))) you loose ability to print errors with original locations and formating of nodes.

I think there's a way around this, where we'd do buildSchemaDocuments(schema): Array<DocumentNode>, where each DocumentNode would contain all definitions from a specific source. That's obviously more complex of a change than what we want to do here, but I think would be worth having. For GraphQL*Types we'd have to have some form of "default" or "non-Source" document. But for truly custom classes, you're right we can't make lossless conversions.

If rule should check conflicts/dependencies beetween definitions it should handle case when you extending existing schema and use SDLValidationContext.

Makes sense, so let's push this forward as-is. But I'd like to switch our mental model to being AST-validation first, and then only using the schema when it's truly necessary. You've mostly accomplished this, but I envision a bunch of people creating validation rules that silently fail if no schema is present (because they assume they always have a schema present). That would be an unfortunate future.

[IvanGoncharov]

@mjmahone
Update: rebased on top of current master.

[IvanGoncharov]

@mjmahone We need separate assumeValidSDL check so developers are able to change set of validation rules(add or delete).

const errors = validateSDL(ast, null, customSetOfRules);
if (errors.length !== 0) {
  // ...
}
const schema = buildASTSchema(ast, { assumeValidSDL: true });

[mjmahone]

Ok this makes sense. A little bit annoying to add in that second key, but not the end of the world.

[mjmahone]

Wait: are you thinking assumeValid is a superset of assumeValidSDL or disjoint? I would still ideally have it be a superset. We could add assumeValidExecutableAST or something that is disjoint with assumeValidSDL.

[IvanGoncharov]

@mjmahone My proposal:
{} => validateSDL + validateSchema
{ assumeValidSDL: true } => validateSchema
{assumeValid: true } => no checks

[IvanGoncharov]

@mjmahone I updated this PR and answered all review comments.
Can you please take a look one more time?

This PR doesn't contain all necessary rules and tests, e.g. it rule that check duplications in extends:

type Query @test;

extend type Query @test;

If this PR is ok I will try to finish all other rules tomorrow as a separate PR.

[mjmahone]

Just want to make sure it makes sense to make assertValidSDL and assertValidSDLExtension functions public with this release. If you really think it's important to, I'm OK with it, but I'd prefer waiting for a future release to play it safe. We also aren't even using them in our test harness, so I don't think it's required just yet.

[mjmahone]

It feels weird to check the astNode here, but I guess it's needed in case your original schema definition is invalid (for instance, if it has no query): we still would want to report this error upon re-defining, too. So this does make sense.

[mjmahone]

It might be nice to point back to the originally defined schema if provided. But I could be wrong here and that would just be noise.

Also a very small nit provided you're only going to use this node in the error, not sure it's worth changing:

new GraphQLError(canNotDefineSchemaWithinExtension(), node),

[IvanGoncharov]

@mjmahone I was thinking that in some systems (e.g. GraphQL is very popular for CMS) clients can provide their own extension SDL. So I was concern that we can leak some internal data in printed errors.

Thinking more about this I think I'm too paranoid since validateSchema already leaking this info so if someone decides he doesn't want origin node to be printed he needs to sanitize GraphQLErrors anyway. Plus such complex systems almost certainly using GraphQL*Type classes anyway.

[mjmahone]

Should we make this API public yet? We don't have a corresponding assertValidAST yet, nor assertValid (for both SDL and AST). Internally, we do the exact same thing you're doing here internally, but we should probably offer all the functionality (maybe with a single assertValid function for now). I'm also not 100% sure the assertValid functions belongs here vs. a utility file, and I am not sure we should offer them without offering the ability to pass in your own set of rules.

[mjmahone]

@IvanGoncharov once we clear up the assertValid functions, I'm ready to get this merged. Everything else looks great!

[IvanGoncharov]

Just want to make sure it makes sense to make assertValidSDL and assertValidSDLExtension functions public with this release. If you really think it's important to, I'm OK with it, but I'd prefer waiting for a future release to play it safe. We also aren't even using them in our test harness, so I don't think it's required just yet.

@mjmahone graphql-js officially supports only two kinds of imports:

1. e.g. import { /* ... */ } from 'graphql';
2. e.g. import { /* ... */ } from 'graphql/language';

See here: https://github.com/graphql/graphql-js/blob/master/src/README.md
Importing from individual files are illegal and all such imports treated as part of private API, e.g. this disscussion: #1221

But I agree it could be confusing so I marked all added exports as @internal.

[mjmahone]

Great! Thanks for going through all this work, @IvanGoncharov! This looks like it's in really good shape now.