|
1
|
|
|
<?php |
|
2
|
|
|
namespace GraphQL\Tests\Validator; |
|
3
|
|
|
|
|
4
|
|
|
use GraphQL\Error\FormattedError; |
|
5
|
|
|
use GraphQL\Language\Parser; |
|
6
|
|
|
use GraphQL\Type\Introspection; |
|
7
|
|
|
use GraphQL\Validator\DocumentValidator; |
|
8
|
|
|
use GraphQL\Validator\Rules\AbstractQuerySecurity; |
|
9
|
|
|
use PHPUnit\Framework\TestCase; |
|
10
|
|
|
|
|
11
|
|
|
abstract class QuerySecurityTestCase extends TestCase |
|
12
|
|
|
{ |
|
13
|
|
|
/** |
|
14
|
|
|
* @param $max |
|
15
|
|
|
* |
|
16
|
|
|
* @return AbstractQuerySecurity |
|
17
|
|
|
*/ |
|
18
|
|
|
abstract protected function getRule($max); |
|
19
|
|
|
|
|
20
|
|
|
/** |
|
21
|
|
|
* @param $max |
|
22
|
|
|
* @param $count |
|
23
|
|
|
* |
|
24
|
|
|
* @return string |
|
25
|
|
|
*/ |
|
26
|
|
|
abstract protected function getErrorMessage($max, $count); |
|
27
|
|
|
|
|
28
|
|
|
/** |
|
29
|
|
|
* @expectedException \InvalidArgumentException |
|
30
|
|
|
* @expectedExceptionMessage argument must be greater or equal to 0. |
|
31
|
|
|
*/ |
|
32
|
|
|
public function testMaxQueryDepthMustBeGreaterOrEqualTo0() |
|
33
|
|
|
{ |
|
34
|
|
|
$this->getRule(-1); |
|
35
|
|
|
} |
|
36
|
|
|
|
|
37
|
|
|
protected function createFormattedError($max, $count, $locations = []) |
|
38
|
|
|
{ |
|
39
|
|
|
return FormattedError::create($this->getErrorMessage($max, $count), $locations); |
|
|
|
|
|
|
40
|
|
|
} |
|
41
|
|
|
|
|
42
|
|
|
protected function assertDocumentValidator($queryString, $max, array $expectedErrors = []) |
|
43
|
|
|
{ |
|
44
|
|
|
$errors = DocumentValidator::validate( |
|
45
|
|
|
QuerySecuritySchema::buildSchema(), |
|
46
|
|
|
Parser::parse($queryString), |
|
47
|
|
|
[$this->getRule($max)] |
|
48
|
|
|
); |
|
49
|
|
|
|
|
50
|
|
|
$this->assertEquals($expectedErrors, array_map(['GraphQL\Error\Error', 'formatError'], $errors), $queryString); |
|
51
|
|
|
|
|
52
|
|
|
return $errors; |
|
53
|
|
|
} |
|
54
|
|
|
|
|
55
|
|
|
protected function assertIntrospectionQuery($maxExpected) |
|
56
|
|
|
{ |
|
57
|
|
|
$query = Introspection::getIntrospectionQuery(); |
|
58
|
|
|
|
|
59
|
|
|
$this->assertMaxValue($query, $maxExpected); |
|
60
|
|
|
} |
|
61
|
|
|
|
|
62
|
|
|
protected function assertIntrospectionTypeMetaFieldQuery($maxExpected) |
|
63
|
|
|
{ |
|
64
|
|
|
$query = ' |
|
65
|
|
|
{ |
|
66
|
|
|
__type(name: "Human") { |
|
67
|
|
|
name |
|
68
|
|
|
} |
|
69
|
|
|
} |
|
70
|
|
|
'; |
|
71
|
|
|
|
|
72
|
|
|
$this->assertMaxValue($query, $maxExpected); |
|
73
|
|
|
} |
|
74
|
|
|
|
|
75
|
|
|
protected function assertTypeNameMetaFieldQuery($maxExpected) |
|
76
|
|
|
{ |
|
77
|
|
|
$query = ' |
|
78
|
|
|
{ |
|
79
|
|
|
human { |
|
80
|
|
|
__typename |
|
81
|
|
|
firstName |
|
82
|
|
|
} |
|
83
|
|
|
} |
|
84
|
|
|
'; |
|
85
|
|
|
$this->assertMaxValue($query, $maxExpected); |
|
86
|
|
|
} |
|
87
|
|
|
|
|
88
|
|
|
protected function assertMaxValue($query, $maxExpected) |
|
89
|
|
|
{ |
|
90
|
|
|
$this->assertDocumentValidator($query, $maxExpected); |
|
91
|
|
|
$newMax = $maxExpected - 1; |
|
92
|
|
|
if ($newMax !== AbstractQuerySecurity::DISABLED) { |
|
93
|
|
|
$this->assertDocumentValidator($query, $newMax, [$this->createFormattedError($newMax, $maxExpected)]); |
|
94
|
|
|
} |
|
95
|
|
|
} |
|
96
|
|
|
} |
|
97
|
|
|
|
webonyx /
graphql-php
This function has been deprecated. The supplier of the function has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.