gitlab-org--gitlab-foss/app/graphql/gitlab_schema.rb

# frozen_string_literal: true

class GitlabSchema < GraphQL::Schema
  # Currently an IntrospectionQuery has a complexity of 179.
  # These values will evolve over time.
  DEFAULT_MAX_COMPLEXITY   = 200
  AUTHENTICATED_COMPLEXITY = 250
  ADMIN_COMPLEXITY         = 300

  ANONYMOUS_MAX_DEPTH = 10
  AUTHENTICATED_MAX_DEPTH = 15

  use BatchLoader::GraphQL
  use Gitlab::Graphql::Authorize
  use Gitlab::Graphql::Present
  use Gitlab::Graphql::Connections
  use Gitlab::Graphql::GenericTracing

  query_analyzer Gitlab::Graphql::QueryAnalyzers::LogQueryComplexity.analyzer

  query(Types::QueryType)

  default_max_page_size 100

  max_complexity DEFAULT_MAX_COMPLEXITY

  mutation(Types::MutationType)

  class << self
    def execute(query_str = nil, **kwargs)
      kwargs[:max_complexity] ||= max_query_complexity(kwargs[:context])
      kwargs[:max_depth] ||= max_query_depth(kwargs[:context])

      super(query_str, **kwargs)
    end

    private

    def max_query_complexity(ctx)
      current_user = ctx&.fetch(:current_user, nil)

      if current_user&.admin
        ADMIN_COMPLEXITY
      elsif current_user
        AUTHENTICATED_COMPLEXITY
      else
        DEFAULT_MAX_COMPLEXITY
      end
    end

    def max_query_depth(ctx)
      current_user = ctx&.fetch(:current_user, nil)

      if current_user
        AUTHENTICATED_MAX_DEPTH
      else
        ANONYMOUS_MAX_DEPTH
      end
    end
  end
end
Enable frozen string in app/graphql + app/finders Partially addresses #47424. 2018-09-11 15:08:34 -04:00			`# frozen_string_literal: true`

Initial setup GraphQL using graphql-ruby 1.8 - All definitions have been replaced by classes: http://graphql-ruby.org/schema/class_based_api.html - Authorization & Presentation have been refactored to work in the class based system - Loaders have been replaced by resolvers - Times are now coersed as ISO 8601 2018-05-23 03:55:14 -04:00			`class GitlabSchema < GraphQL::Schema`
Increase GraphQL complexity An IntrospectionQuery required more complexity points. 2019-04-05 13:30:10 -04:00			`# Currently an IntrospectionQuery has a complexity of 179.`
Initial field and query complexity limits It makes all Types::BaseField default to a complexity of 1. Queries themselves now have limited complexity, scaled to the type of user: no user, authenticated user, or an admin user. 2019-03-27 16:02:25 -04:00			`# These values will evolve over time.`
Increase GraphQL complexity An IntrospectionQuery required more complexity points. 2019-04-05 13:30:10 -04:00			`DEFAULT_MAX_COMPLEXITY = 200`
			`AUTHENTICATED_COMPLEXITY = 250`
			`ADMIN_COMPLEXITY = 300`
Initial field and query complexity limits It makes all Types::BaseField default to a complexity of 1. Queries themselves now have limited complexity, scaled to the type of user: no user, authenticated user, or an admin user. 2019-03-27 16:02:25 -04:00
58404 - setup max depth for graphql 58404 - add change log 58404 - add spec 58404 - add more spec to test depth 2 58404 - fix spec 58404 - fix rubocop 58404 - refactor the code by Bob's advice 58404 - revert changes of all_graphql_fields_for 58404 - change text only 58404 - fix rspec according to gitlab's standard 58404 - revert previous spec 58404 - fix rubocop 2019-05-06 10:00:03 -04:00			`ANONYMOUS_MAX_DEPTH = 10`
			`AUTHENTICATED_MAX_DEPTH = 15`

Convert from GraphQL::Batch to BatchLoader 2018-02-23 10:36:40 -05:00			`use BatchLoader::GraphQL`
Initial setup GraphQL using graphql-ruby 1.8 - All definitions have been replaced by classes: http://graphql-ruby.org/schema/class_based_api.html - Authorization & Presentation have been refactored to work in the class based system - Loaders have been replaced by resolvers - Times are now coersed as ISO 8601 2018-05-23 03:55:14 -04:00			`use Gitlab::Graphql::Authorize`
			`use Gitlab::Graphql::Present`
Add pipeline lists to GraphQL This adds Keyset pagination to GraphQL lists. PoC for that is pipelines on merge requests and projects. When paginating a list, the base-64 encoded id of the ordering field (in most cases the primary key) can be passed in the `before` or `after` GraphQL argument. 2018-06-26 12:31:05 -04:00			`use Gitlab::Graphql::Connections`
Add opentracing integration for graphql Extends existing graphql's tracer with opentracing measurements. Because it also adds Tracing::Graphql class (for opentracing), it also renames Graphql::Tracing class to Graphql::GenericTracing to minimize confusion with similar class names. 2019-05-02 03:01:14 -04:00			`use Gitlab::Graphql::GenericTracing`
Add a minimal GraphQL API 2017-08-16 09:04:41 -04:00
Initial field and query complexity limits It makes all Types::BaseField default to a complexity of 1. Queries themselves now have limited complexity, scaled to the type of user: no user, authenticated user, or an admin user. 2019-03-27 16:02:25 -04:00			`query_analyzer Gitlab::Graphql::QueryAnalyzers::LogQueryComplexity.analyzer`

Add a minimal GraphQL API 2017-08-16 09:04:41 -04:00			`query(Types::QueryType)`
Add pipeline lists to GraphQL This adds Keyset pagination to GraphQL lists. PoC for that is pipelines on merge requests and projects. When paginating a list, the base-64 encoded id of the ordering field (in most cases the primary key) can be passed in the `before` or `after` GraphQL argument. 2018-06-26 12:31:05 -04:00
			`default_max_page_size 100`
Initial field and query complexity limits It makes all Types::BaseField default to a complexity of 1. Queries themselves now have limited complexity, scaled to the type of user: no user, authenticated user, or an admin user. 2019-03-27 16:02:25 -04:00
			`max_complexity DEFAULT_MAX_COMPLEXITY`

Add mutation toggling WIP state of merge requests This is mainly the setup of mutations for GraphQL. Including authorization and basic return type-structure. 2018-07-10 10:19:45 -04:00			`mutation(Types::MutationType)`
Initial field and query complexity limits It makes all Types::BaseField default to a complexity of 1. Queries themselves now have limited complexity, scaled to the type of user: no user, authenticated user, or an admin user. 2019-03-27 16:02:25 -04:00
58404 - setup max depth for graphql 58404 - add change log 58404 - add spec 58404 - add more spec to test depth 2 58404 - fix spec 58404 - fix rubocop 58404 - refactor the code by Bob's advice 58404 - revert changes of all_graphql_fields_for 58404 - change text only 58404 - fix rspec according to gitlab's standard 58404 - revert previous spec 58404 - fix rubocop 2019-05-06 10:00:03 -04:00			`class << self`
			`def execute(query_str = nil, **kwargs)`
			`kwargs[:max_complexity] \|\|= max_query_complexity(kwargs[:context])`
			`kwargs[:max_depth] \|\|= max_query_depth(kwargs[:context])`
Initial field and query complexity limits It makes all Types::BaseField default to a complexity of 1. Queries themselves now have limited complexity, scaled to the type of user: no user, authenticated user, or an admin user. 2019-03-27 16:02:25 -04:00
58404 - setup max depth for graphql 58404 - add change log 58404 - add spec 58404 - add more spec to test depth 2 58404 - fix spec 58404 - fix rubocop 58404 - refactor the code by Bob's advice 58404 - revert changes of all_graphql_fields_for 58404 - change text only 58404 - fix rspec according to gitlab's standard 58404 - revert previous spec 58404 - fix rubocop 2019-05-06 10:00:03 -04:00			`super(query_str, **kwargs)`
			`end`

			`private`

			`def max_query_complexity(ctx)`
			`current_user = ctx&.fetch(:current_user, nil)`

			`if current_user&.admin`
			`ADMIN_COMPLEXITY`
			`elsif current_user`
			`AUTHENTICATED_COMPLEXITY`
			`else`
			`DEFAULT_MAX_COMPLEXITY`
			`end`
			`end`
Initial field and query complexity limits It makes all Types::BaseField default to a complexity of 1. Queries themselves now have limited complexity, scaled to the type of user: no user, authenticated user, or an admin user. 2019-03-27 16:02:25 -04:00
58404 - setup max depth for graphql 58404 - add change log 58404 - add spec 58404 - add more spec to test depth 2 58404 - fix spec 58404 - fix rubocop 58404 - refactor the code by Bob's advice 58404 - revert changes of all_graphql_fields_for 58404 - change text only 58404 - fix rspec according to gitlab's standard 58404 - revert previous spec 58404 - fix rubocop 2019-05-06 10:00:03 -04:00			`def max_query_depth(ctx)`
			`current_user = ctx&.fetch(:current_user, nil)`
Initial field and query complexity limits It makes all Types::BaseField default to a complexity of 1. Queries themselves now have limited complexity, scaled to the type of user: no user, authenticated user, or an admin user. 2019-03-27 16:02:25 -04:00
58404 - setup max depth for graphql 58404 - add change log 58404 - add spec 58404 - add more spec to test depth 2 58404 - fix spec 58404 - fix rubocop 58404 - refactor the code by Bob's advice 58404 - revert changes of all_graphql_fields_for 58404 - change text only 58404 - fix rspec according to gitlab's standard 58404 - revert previous spec 58404 - fix rubocop 2019-05-06 10:00:03 -04:00			`if current_user`
			`AUTHENTICATED_MAX_DEPTH`
			`else`
			`ANONYMOUS_MAX_DEPTH`
			`end`
Initial field and query complexity limits It makes all Types::BaseField default to a complexity of 1. Queries themselves now have limited complexity, scaled to the type of user: no user, authenticated user, or an admin user. 2019-03-27 16:02:25 -04:00			`end`
			`end`
Add a minimal GraphQL API 2017-08-16 09:04:41 -04:00			`end`