-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Input Value Validation #3813
Input Value Validation #3813
Conversation
✅ Deploy Preview for compassionate-pike-271cb3 ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Hi @yaacovCR, I'm @github-actions bot happy to help you with this PR 👋 Supported commandsPlease post this commands in separate comments and only one per comment:
|
1d1b883
to
c10741a
Compare
c7f677b
to
2f37daa
Compare
@leebyron @erikkessler1 @benjie et al I hit a wrinkle rebasing this on main considering the addition of The spec proposal for
This validation logic was implemented in #3513 within the This /**
* Validate that the provided input literal is allowed for this type, collecting
* all errors via a callback function.
*
* If variable values are not provided, the literal is validated statically
* (not assuming that those variables are missing runtime values).
*/
export function validateInputLiteral(
valueNode: ValueNode,
type: GraphQLInputType,
variables: Maybe<VariableValues>,
onError: (error: GraphQLError, path: ReadonlyArray<string | number>) => void,
path?: Path,
): void To implement the additional validation for OneOf Input Types mentioned above , we need to pass the operation's variable definitions to It might seem that this is very doable, as because of #3811, further up in this PR stack, Validation for We have some options!
All input (pun-intended) welcome! |
Current: export interface VariableValues {
readonly sources: ReadOnlyObjMap<VariableValueSource>;
readonly coerced: ReadOnlyObjMap<unknown>;
}
interface VariableValueSource {
readonly variable: VariableDefinitionNode;
readonly type: GraphQLInputType;
readonly value: unknown;
} Proposal: export interface VariableValues {
readonly definitions: ReadOnlyObjMap<VariableDefinitionNode>;
readonly values?: ReadOnlyObjMap<VariableValueValues> | undefined;
}
export interface VariableValueValues {
readonly sources: ReadOnlyObjMap<VariableValueSource>;
readonly coerced: ReadOnlyObjMap<unknown>;
}
interface VariableValueSource {
readonly type: GraphQLInputType;
readonly value: unknown;
} |
Correction: this is definitely not the case, there is a wholly separate validation rule specifying that variables should be of the correct type. My current suggestion actually is to pull the variable validation from one-of altogether, and let whether we allow nullable variables in non-nullable positions re: oneOf be decided by the general rule. See: https://github.com/graphql/graphql-spec/pull/825/files#r1538875839 |
2f37daa
to
da558c0
Compare
b9d35d4
to
2300b66
Compare
2300b66
to
e4860de
Compare
e4860de
to
afd9fa1
Compare
This PR relies on #4194 to perform Hopefully, #4194 will be discussed at an upcoming GraphQL WG meeting as it moves closer to Stage 3. If #4194 is not accepted as part of this process, this PR will require greater refiguring. |
2000615
to
0d2fb86
Compare
Hi @yaacovCR; are a lot of the comments above dealt with now via:
If so, are there remaining complexities? |
I don't think so! Just need some approvals :) |
0d2fb86
to
44cce56
Compare
Factors out input validation to reusable functions: * Introduces `validateInputLiteral` by extracting this behavior from `ValuesOfCorrectTypeRule`. * Introduces `validateInputValue` by extracting this behavior from `coerceInputValue` * Simplifies `coerceInputValue` to return early on validation error * Unifies error reporting between `validateInputValue` and `validateInputLiteral`, causing some error message strings to change, but error data (eg locations) are preserved. These two parallel functions will be used to validate default values in graphql#3049 Potentially breaking if you rely on the existing behavior of `coerceInputValue` to call a callback function, as the call signature has changed, or to throw with the default callback function. Grossly similar behavior is available with `validateInputValue()`, but with a separate function. GraphQL behavior should not change, though error messages are now slightly different.
6c2cde6
to
7ee722c
Compare
[#3049 rebased on main](#3049). This is the last rebased PR from the original PR stack concluding with #3049. * Rebased: #3809 [Original: #3092] * Rebased: #3810 [Original: #3074] * Rebased: #3811 [Original: #3077] * Rebased: #3812 [Original: #3065] * Rebased: #3813 [Original: #3086] * Rebased: #3814 (this PR) [Original: #3049] Update: #3044 and #3145 have been separated from this stack. Changes from original PR: 1. `astFromValue()` is deprecated instead of being removed. @leebyron comments from #3049, the original PR: > Implements [graphql/graphql-spec#793](graphql/graphql-spec#793) > > * BREAKING: Changes default values from being represented as an assumed-coerced "internal input value" to a pre-coerced "external input value" (See chart below). > This allows programmatically provided default values to be represented in the same domain as values sent to the service via variable values, and allows it to have well defined methods for both transforming into a printed GraphQL literal string for introspection / schema printing (via `valueToLiteral()`) or coercing into an "internal input value" for use at runtime (via `coerceInputValue()`) > To support this change in value type, this PR adds two related behavioral changes: > > * Adds coercion of default values from external to internal at runtime (within `coerceInputValue()`) > * Removes `astFromValue()`, replacing it with `valueToLiteral()` for use in introspection and schema printing. `astFromValue()` performed unsafe "uncoercion" to convert an "Internal input value" directly to a "GraphQL Literal AST", where `valueToLiteral()` performs a well defined transform from "External input value" to "GraphQL Literal AST". > * Adds validation of default values during schema validation. > Since assumed-coerced "internal" values may not pass "external" validation (for example, Enum values), an additional validation error has been included which attempts to detect this case and report a strategy for resolution. > > Here's a broad overview of the intended end state: > > ![GraphQL Value Flow](https://user-images.githubusercontent.com/50130/118379946-51ac5300-b593-11eb-839f-c483ecfbc875.png) --------- Co-authored-by: Lee Byron <[email protected]>
#3086 rebased on main.
Depends on #3812
@leebyron comments from original PR:
Note: also breaking if you rely on the default callback function to throw. Grossly similar behavior is available with
validateInputValue()
.