f80f68d520
58404 - add change log 58404 - add spec 58404 - add more spec to test depth 2 58404 - fix spec 58404 - fix rubocop 58404 - refactor the code by Bob's advice 58404 - revert changes of all_graphql_fields_for 58404 - change text only 58404 - fix rspec according to gitlab's standard 58404 - revert previous spec 58404 - fix rubocop
61 lines
1.4 KiB
Ruby
61 lines
1.4 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class GitlabSchema < GraphQL::Schema
|
|
# Currently an IntrospectionQuery has a complexity of 179.
|
|
# These values will evolve over time.
|
|
DEFAULT_MAX_COMPLEXITY = 200
|
|
AUTHENTICATED_COMPLEXITY = 250
|
|
ADMIN_COMPLEXITY = 300
|
|
|
|
ANONYMOUS_MAX_DEPTH = 10
|
|
AUTHENTICATED_MAX_DEPTH = 15
|
|
|
|
use BatchLoader::GraphQL
|
|
use Gitlab::Graphql::Authorize
|
|
use Gitlab::Graphql::Present
|
|
use Gitlab::Graphql::Connections
|
|
use Gitlab::Graphql::GenericTracing
|
|
|
|
query_analyzer Gitlab::Graphql::QueryAnalyzers::LogQueryComplexity.analyzer
|
|
|
|
query(Types::QueryType)
|
|
|
|
default_max_page_size 100
|
|
|
|
max_complexity DEFAULT_MAX_COMPLEXITY
|
|
|
|
mutation(Types::MutationType)
|
|
|
|
class << self
|
|
def execute(query_str = nil, **kwargs)
|
|
kwargs[:max_complexity] ||= max_query_complexity(kwargs[:context])
|
|
kwargs[:max_depth] ||= max_query_depth(kwargs[:context])
|
|
|
|
super(query_str, **kwargs)
|
|
end
|
|
|
|
private
|
|
|
|
def max_query_complexity(ctx)
|
|
current_user = ctx&.fetch(:current_user, nil)
|
|
|
|
if current_user&.admin
|
|
ADMIN_COMPLEXITY
|
|
elsif current_user
|
|
AUTHENTICATED_COMPLEXITY
|
|
else
|
|
DEFAULT_MAX_COMPLEXITY
|
|
end
|
|
end
|
|
|
|
def max_query_depth(ctx)
|
|
current_user = ctx&.fetch(:current_user, nil)
|
|
|
|
if current_user
|
|
AUTHENTICATED_MAX_DEPTH
|
|
else
|
|
ANONYMOUS_MAX_DEPTH
|
|
end
|
|
end
|
|
end
|
|
end
|