diff options
author | Brett Walker <bwalker@gitlab.com> | 2019-04-05 12:30:10 -0500 |
---|---|---|
committer | Brett Walker <bwalker@gitlab.com> | 2019-04-08 10:35:43 -0500 |
commit | 7521fbbf9e4cde1e8c322d000cc01940d1ba5d3c (patch) | |
tree | efa8d703167ac524657f8b0042d580b8bb9f536e | |
parent | 425377f35747131bed6550170af576d3028b28f9 (diff) | |
download | gitlab-ce-60123-graphql-complexity-limit-too-low-for-schema-load.tar.gz |
Increase GraphQL complexity60123-graphql-complexity-limit-too-low-for-schema-load
An IntrospectionQuery required more
complexity points.
-rw-r--r-- | app/graphql/gitlab_schema.rb | 9 | ||||
-rw-r--r-- | spec/fixtures/api/graphql/introspection.graphql | 92 | ||||
-rw-r--r-- | spec/requests/api/graphql/gitlab_schema_spec.rb | 26 |
3 files changed, 116 insertions, 11 deletions
diff --git a/app/graphql/gitlab_schema.rb b/app/graphql/gitlab_schema.rb index 53efd9042b1..1afe000c5f8 100644 --- a/app/graphql/gitlab_schema.rb +++ b/app/graphql/gitlab_schema.rb @@ -1,12 +1,11 @@ # frozen_string_literal: true class GitlabSchema < GraphQL::Schema - # Took our current most complicated query in use, issues.graphql, - # with a complexity of 19, and added a 20 point buffer to it. + # Currently an IntrospectionQuery has a complexity of 179. # These values will evolve over time. - DEFAULT_MAX_COMPLEXITY = 40 - AUTHENTICATED_COMPLEXITY = 50 - ADMIN_COMPLEXITY = 60 + DEFAULT_MAX_COMPLEXITY = 200 + AUTHENTICATED_COMPLEXITY = 250 + ADMIN_COMPLEXITY = 300 use BatchLoader::GraphQL use Gitlab::Graphql::Authorize diff --git a/spec/fixtures/api/graphql/introspection.graphql b/spec/fixtures/api/graphql/introspection.graphql new file mode 100644 index 00000000000..7b712068fcd --- /dev/null +++ b/spec/fixtures/api/graphql/introspection.graphql @@ -0,0 +1,92 @@ +# pulled from GraphiQL query +query IntrospectionQuery { + __schema { + queryType { name } + mutationType { name } + subscriptionType { name } + types { + ...FullType + } + directives { + name + description + locations + args { + ...InputValue + } + } + } +} + +fragment FullType on __Type { + kind + name + description + fields(includeDeprecated: true) { + name + description + args { + ...InputValue + } + type { + ...TypeRef + } + isDeprecated + deprecationReason + } + inputFields { + ...InputValue + } + interfaces { + ...TypeRef + } + enumValues(includeDeprecated: true) { + name + description + isDeprecated + deprecationReason + } + possibleTypes { + ...TypeRef + } +} + +fragment InputValue on __InputValue { + name + description + type { ...TypeRef } + defaultValue +} + +fragment TypeRef on __Type { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + } + } + } + } + } + } + } +} diff --git a/spec/requests/api/graphql/gitlab_schema_spec.rb b/spec/requests/api/graphql/gitlab_schema_spec.rb index 708a000532b..ebf4b3d0e8c 100644 --- a/spec/requests/api/graphql/gitlab_schema_spec.rb +++ b/spec/requests/api/graphql/gitlab_schema_spec.rb @@ -3,14 +3,28 @@ require 'spec_helper' describe 'GitlabSchema configurations' do include GraphqlHelpers - let(:project) { create(:project, :repository) } - let!(:query) { graphql_query_for('project', 'fullPath' => project.full_path) } + context 'when complexity is too high' do + let(:project) { create(:project, :repository) } + let(:query) do + graphql_query_for('project', { 'fullPath' => project.full_path }, "id\nname\ndescription") + end - it 'shows an error if complexity it too high' do - allow(GitlabSchema).to receive(:max_query_complexity).and_return 1 + it 'shows an error' do + allow(GitlabSchema).to receive(:max_query_complexity).and_return 1 - post_graphql(query, current_user: nil) + post_graphql(query, current_user: nil) - expect(graphql_errors.first['message']).to include('which exceeds max complexity of 1') + expect(graphql_errors.first['message']).to include('which exceeds max complexity of 1') + end + end + + context 'when IntrospectionQuery' do + it 'is not too complex' do + query = File.read(Rails.root.join('spec/fixtures/api/graphql/introspection.graphql')) + + post_graphql(query, current_user: nil) + + expect(graphql_errors).to be_nil + end end end |