Commit e86a2e7e authored by Brett Walker's avatar Brett Walker

Increase GraphQL complexity

An IntrospectionQuery required more
complexity points.
parent 425377f3
# frozen_string_literal: true # frozen_string_literal: true
class GitlabSchema < GraphQL::Schema class GitlabSchema < GraphQL::Schema
# Took our current most complicated query in use, issues.graphql, # Currently an IntrospectionQuery has a complexity of 179.
# with a complexity of 19, and added a 20 point buffer to it.
# These values will evolve over time. # These values will evolve over time.
DEFAULT_MAX_COMPLEXITY = 40 DEFAULT_MAX_COMPLEXITY = 200
AUTHENTICATED_COMPLEXITY = 50 AUTHENTICATED_COMPLEXITY = 250
ADMIN_COMPLEXITY = 60 ADMIN_COMPLEXITY = 300
use BatchLoader::GraphQL use BatchLoader::GraphQL
use Gitlab::Graphql::Authorize use Gitlab::Graphql::Authorize
......
# pulled from GraphiQL query
query IntrospectionQuery {
__schema {
queryType { name }
mutationType { name }
subscriptionType { name }
types {
...FullType
}
directives {
name
description
locations
args {
...InputValue
}
}
}
}
fragment FullType on __Type {
kind
name
description
fields(includeDeprecated: true) {
name
description
args {
...InputValue
}
type {
...TypeRef
}
isDeprecated
deprecationReason
}
inputFields {
...InputValue
}
interfaces {
...TypeRef
}
enumValues(includeDeprecated: true) {
name
description
isDeprecated
deprecationReason
}
possibleTypes {
...TypeRef
}
}
fragment InputValue on __InputValue {
name
description
type { ...TypeRef }
defaultValue
}
fragment TypeRef on __Type {
kind
name
ofType {
kind
name
ofType {
kind
name
ofType {
kind
name
ofType {
kind
name
ofType {
kind
name
ofType {
kind
name
ofType {
kind
name
}
}
}
}
}
}
}
}
...@@ -3,14 +3,24 @@ require 'spec_helper' ...@@ -3,14 +3,24 @@ require 'spec_helper'
describe 'GitlabSchema configurations' do describe 'GitlabSchema configurations' do
include GraphqlHelpers include GraphqlHelpers
let(:project) { create(:project, :repository) } it 'shows an error if complexity is too high' do
let!(:query) { graphql_query_for('project', 'fullPath' => project.full_path) } project = create(:project, :repository)
query = graphql_query_for('project', { 'fullPath' => project.full_path }, "id\nname\ndescription")
it 'shows an error if complexity it too high' do
allow(GitlabSchema).to receive(:max_query_complexity).and_return 1 allow(GitlabSchema).to receive(:max_query_complexity).and_return 1
post_graphql(query, current_user: nil) post_graphql(query, current_user: nil)
expect(graphql_errors.first['message']).to include('which exceeds max complexity of 1') expect(graphql_errors.first['message']).to include('which exceeds max complexity of 1')
end end
context 'when IntrospectionQuery' do
it 'is not too complex' do
query = File.read(Rails.root.join('spec/fixtures/api/graphql/introspection.graphql'))
post_graphql(query, current_user: nil)
expect(graphql_errors).to be_nil
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment