diff options
author | Brett Walker <bwalker@gitlab.com> | 2019-03-27 15:02:25 -0500 |
---|---|---|
committer | Brett Walker <bwalker@gitlab.com> | 2019-04-04 08:39:30 -0500 |
commit | f458c561070d754cd546b07caf60dfa7ffb06293 (patch) | |
tree | ef4c65fb5b6767030c0c8b88223f415eabfe88be /spec/requests/api/graphql/gitlab_schema_spec.rb | |
parent | 815901e322b60d28983f52a7ce5e98555285bef8 (diff) | |
download | gitlab-ce-f458c561070d754cd546b07caf60dfa7ffb06293.tar.gz |
Initial field and query complexity limits58405-basic-limiting-complexity-of-graphql-queries
It makes all Types::BaseField default to a complexity of 1.
Queries themselves now have limited complexity, scaled
to the type of user: no user, authenticated user, or an
admin user.
Diffstat (limited to 'spec/requests/api/graphql/gitlab_schema_spec.rb')
-rw-r--r-- | spec/requests/api/graphql/gitlab_schema_spec.rb | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/spec/requests/api/graphql/gitlab_schema_spec.rb b/spec/requests/api/graphql/gitlab_schema_spec.rb new file mode 100644 index 00000000000..708a000532b --- /dev/null +++ b/spec/requests/api/graphql/gitlab_schema_spec.rb @@ -0,0 +1,16 @@ +require 'spec_helper' + +describe 'GitlabSchema configurations' do + include GraphqlHelpers + + let(:project) { create(:project, :repository) } + let!(:query) { graphql_query_for('project', 'fullPath' => project.full_path) } + + it 'shows an error if complexity it too high' do + allow(GitlabSchema).to receive(:max_query_complexity).and_return 1 + + post_graphql(query, current_user: nil) + + expect(graphql_errors.first['message']).to include('which exceeds max complexity of 1') + end +end |