-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OneOf late validation #3572
Comments
We do the validation late execution because of variables - we have not coerced variables at the time the validation rules run. We could do literals at validation time for things like We are lazy later because why coerce values if they are never accessed. In fact its an existential question - if you never access and argument - does it matter that its values might have been invalid ? Schrödinger's argument!! We could do something like look at the arg types and see if they are However it will costs us processing time to descend the type structure to find |
Looking into the graphql-js impl - they do it in two places
|
Thanks for looking into this Brad! And thanks for putting together #3577.
I think this is true in the sense that variable values are not coerced during the validation stage, but less accurate in suggesting that coercion is always lazy and driven by resolvers. It looks like variable coercion is done eagerly, outside of the validation framework and before execution in Execution.execute To double check this, here's a test case showing that:
This is all to say that I think that the performance hit of coercing variables, even ones that are never read by a data fetcher, is already being paid. It seems like a OneOf structural validation, even for variables, could be doable with out significant perf cost? |
So just to state where we are up to - my PR will cover the case where a literal AST element has too many values (eg As for
Remember in the above if we never visit a sub child, the execution engine never traverses to the sub child. Yeah I guess we traversing the AST tree anyway during validation and would could coerce as we do that and check variables just for certain However one of the problems with access data in the validation phase is that of stored documents. If some one is using persisted queries or just pre parsed docs via So checking in the validation phase will catch a bad So it has to happen in the execution phase. And hence we would have to eagerly go over the query tree ahead of time to catch the case you have above. Which is doable but BUT what we do today - today if a field returns null, we never visit its child fields. Hmmm mayb e there is a way - as I type and investigate - the JS code seems to hit the oneOf checks during the "execute" stage when it gets the map of coerced variables. Hmmm we should probably put code in there as well... Let me dig more |
See #3580 This will cause oneOf validation to happen at execution time when we build the "coerced variables" map - this is just like how graphql-js does it Note:
We still do not do this - we use execeptions during variable coercion so the first bad bit of input throws an exception and hence you still will only get 1 error - in this case the bad number / string input check first |
Describe the bug
OneOf values seem to get validated lazily when a DataFetcher accesses its arguments. This allows OneOf types to be used incorrectly and to not raise a validation error, which can happen when using a PropertyDataFetcher or a DataFetcher that ignores its arguments.
This seems not in keeping with section 6.11 of the spec, which requires that all validation happen before execution:
I was expecting OneOf value validation to be implemented in graphql.validation.rules and to be handled earlier, at the same stage as rules like
ArgumentsOfCorrectType
. I'd be interested in implementing a rule to do this, though I wanted to first check to see if this was a deliberate decision or if there's something I'm missing.To Reproduce
Here's a PR with a test case that uses a OneOf value with multiple keys. The test case fails because no validation error is raised.
The text was updated successfully, but these errors were encountered: