2021-01-29 04:02:34 +03:00
module Hasura.Server.Rest
2021-09-24 01:56:37 +03:00
( runCustomEndpoint ,
RestRequest ( .. ) ,
)
where
import Control.Monad.Trans.Control ( MonadBaseControl )
import Data.Aeson hiding ( json )
import Data.Aeson qualified as J
import Data.Align qualified as Align
import Data.Environment qualified as Env
2022-03-03 23:12:09 +03:00
import Data.HashMap.Strict.Extended qualified as M
2021-09-24 01:56:37 +03:00
import Data.Text qualified as T
import Data.Text.Encoding qualified as T
import Data.Text.Extended
import Data.These ( These ( .. ) )
import Hasura.Base.Error
import Hasura.EncJSON
import Hasura.GraphQL.Execute qualified as E
import Hasura.GraphQL.Execute.Backend qualified as EB
2023-03-15 16:05:17 +03:00
import Hasura.GraphQL.Logging ( MonadExecutionLog , MonadQueryLog )
2023-03-21 15:35:46 +03:00
import Hasura.GraphQL.ParameterizedQueryHash
2022-07-15 13:09:24 +03:00
import Hasura.GraphQL.Parser.Name qualified as GName
2021-09-24 01:56:37 +03:00
import Hasura.GraphQL.Transport.HTTP qualified as GH
import Hasura.GraphQL.Transport.HTTP.Protocol
import Hasura.HTTP
2023-03-21 15:35:46 +03:00
import Hasura.Logging qualified as L
2021-09-24 01:56:37 +03:00
import Hasura.Metadata.Class
2023-03-21 15:35:46 +03:00
import Hasura.Prelude
import Hasura.RQL.Types.Common
2022-03-13 10:40:06 +03:00
import Hasura.RQL.Types.Endpoint
2022-04-27 16:57:28 +03:00
import Hasura.RQL.Types.QueryCollection
2023-03-21 15:35:46 +03:00
import Hasura.RQL.Types.SchemaCache
import Hasura.Server.Init qualified as Init
2021-09-29 19:20:06 +03:00
import Hasura.Server.Limits
2021-09-24 01:56:37 +03:00
import Hasura.Server.Logging
2022-06-23 12:14:24 +03:00
import Hasura.Server.Name qualified as Name
2023-03-21 15:35:46 +03:00
import Hasura.Server.Prometheus ( PrometheusMetrics )
2021-09-24 01:56:37 +03:00
import Hasura.Server.Types
2023-03-21 15:35:46 +03:00
import Hasura.Services
2021-09-24 01:56:37 +03:00
import Hasura.Session
import Hasura.Tracing qualified as Tracing
import Language.GraphQL.Draft.Syntax qualified as G
import Network.HTTP.Types qualified as HTTP
import Network.Wai.Extended qualified as Wai
2021-02-12 06:04:09 +03:00
2021-01-29 04:02:34 +03:00
-- Note: There may be a better way of constructing this when building the Endpoint datastructure.
parseVariableNames :: EndpointMetadata GQLQueryWithText -> [ Text ]
parseVariableNames queryx =
2021-09-24 01:56:37 +03:00
mapMaybe ( T . stripPrefix " : " ) $ T . split ( == '/' ) ( toTxt $ _ceUrl queryx )
2021-01-29 04:02:34 +03:00
-- Given a list of expected variables and the parsed vars from the path,
-- return a map of variable names to `These expected parsed`.
alignVars :: [ G . VariableDefinition ] -> [ ( Text , Either Text Value ) ] -> HashMap G . Name ( These G . VariableDefinition ( Either Text Value ) )
alignVars defVars parseVars =
Align . align
( M . fromList ( map ( \ v -> ( G . _vdName v , v ) ) defVars ) )
2021-09-24 01:56:37 +03:00
( M . fromList ( mapMaybe ( \ ( k , v ) -> ( , v ) <$> G . mkName k ) parseVars ) )
2021-01-29 04:02:34 +03:00
2022-05-02 06:33:17 +03:00
-- | `resolveVar` is responsible for decoding variables sent via REST request.
-- These can either be via body (represented by Right) or via query-param or URL param (represented by Left).
-- A variable can be expected, unexpected, or missing (represented by These, This, and That).
2021-01-29 04:02:34 +03:00
resolveVar :: G . Name -> These G . VariableDefinition ( Either Text J . Value ) -> Either Text ( Maybe Value )
2022-05-02 06:33:17 +03:00
resolveVar _ ( This _expectedVar ) = Right Nothing -- If a variable is expected but missing, assign a missing value `Nothing` to it for resolution in query execution. This allows Null defaulting.
resolveVar varName ( That _providedVar ) = Left $ " Unexpected variable " <> toTxt @ G . Name varName -- If a variable is unexpected but present, throw an error.
resolveVar _varName ( These _expectedVar ( Right bodyVar ) ) = Right ( Just bodyVar ) -- Variables sent via body can be passed through to execution without parsing.
resolveVar varName ( These expectedVar ( Left l ) ) =
2021-01-29 04:02:34 +03:00
case G . _vdType expectedVar of
2022-05-02 06:33:17 +03:00
G . TypeList _ _ -> Left $ " List variables are not currently supported in URL or Query parameters. (Variable " <> toTxt @ G . Name varName <> " , with value " <> tshow l <> " ) "
G . TypeNamed ( G . Nullability nullable ) typeName
2022-07-15 13:09:24 +03:00
| typeName == GName . _Boolean && T . null l -> Right $ Just $ J . Bool True -- Booleans indicated true by a standalone key.
2022-05-02 06:33:17 +03:00
| nullable && T . null l -> Right Nothing -- Missing value, but nullable variable sets value to null.
| otherwise -> case J . decodeStrict ( T . encodeUtf8 l ) of -- We special case parsing of bools and numbers and pass the rest through as literal strings.
2022-11-02 23:53:23 +03:00
Just v @ ( J . Bool _ ) | typeName ` elem ` [ Name . _Bool , GName . _Boolean ] -> Right $ Just v
Just v @ ( J . Number _ ) | typeName ` elem ` [ GName . _Int , GName . _Float , Name . _Number , Name . _Double , Name . _float8 , Name . _numeric ] -> Right $ Just v
_ -> Right $ Just $ J . String l
2021-01-29 04:02:34 +03:00
mkPassthroughRequest :: EndpointMetadata GQLQueryWithText -> VariableValues -> GQLReq GQLQueryText
mkPassthroughRequest queryx resolvedVariables =
GQLReq
Nothing
( GQLQueryText $ getGQLQueryText ( _edQuery ( _ceDefinition queryx ) ) )
( Just resolvedVariables )
data RestRequest method = RestRequest
2021-09-24 01:56:37 +03:00
{ -- | Remainder of the url path after `api/rest`
reqPath :: Text ,
reqMethod :: method , -- EndpointMethod
-- | URL Query/Request Body Arguments
reqArgs :: [ ( Text , Either Text J . Value ) ]
}
deriving ( Functor , Foldable , Traversable )
2021-01-29 04:02:34 +03:00
-- | Implements all the custom endpoints by looking up the
-- path/methods in the endpoint trie and delegating to the graphql
-- handler.
2021-09-24 01:56:37 +03:00
runCustomEndpoint ::
forall m .
2021-10-13 19:38:56 +03:00
( MonadIO m ,
2021-09-24 01:56:37 +03:00
MonadError QErr m ,
Tracing . MonadTrace m ,
MonadBaseControl IO m ,
E . MonadGQLExecutionCheck m ,
MonadQueryLog m ,
2023-03-15 16:05:17 +03:00
MonadExecutionLog m ,
2021-09-24 01:56:37 +03:00
GH . MonadExecuteQuery m ,
2023-02-03 04:03:23 +03:00
MonadMetadataStorage m ,
2021-09-29 19:20:06 +03:00
EB . MonadQueryTags m ,
harmonize network manager handling
## Description
### I want to speak to the `Manager`
Oh boy. This PR is both fairly straightforward and overreaching, so let's break it down.
For most network access, we need a [`HTTP.Manager`](https://hackage.haskell.org/package/http-client-0.1.0.0/docs/Network-HTTP-Client-Manager.html). It is created only once, at the top level, when starting the engine, and is then threaded through the application to wherever we need to make a network call. As of main, the way we do this is not standardized: most of the GraphQL execution code passes it "manually" as a function argument throughout the code. We also have a custom monad constraint, `HasHttpManagerM`, that describes a monad's ability to provide a manager. And, finally, several parts of the code store the manager in some kind of argument structure, such as `RunT`'s `RunCtx`.
This PR's first goal is to harmonize all of this: we always create the manager at the root, and we already have it when we do our very first `runReaderT`. Wouldn't it make sense for the rest of the code to not manually pass it anywhere, to not store it anywhere, but to always rely on the current monad providing it? This is, in short, what this PR does: it implements a constraint on the base monads, so that they provide the manager, and removes most explicit passing from the code.
### First come, first served
One way this PR goes a tiny bit further than "just" doing the aforementioned harmonization is that it starts the process of implementing the "Services oriented architecture" roughly outlined in this [draft document](https://docs.google.com/document/d/1FAigqrST0juU1WcT4HIxJxe1iEBwTuBZodTaeUvsKqQ/edit?usp=sharing). Instead of using the existing `HasHTTPManagerM`, this PR revamps it into the `ProvidesNetwork` service.
The idea is, again, that we should make all "external" dependencies of the engine, all things that the core of the engine doesn't care about, a "service". This allows us to define clear APIs for features, to choose different implementations based on which version of the engine we're running, harmonizes our many scattered monadic constraints... Which is why this service is called "Network": we can refine it, moving forward, to be the constraint that defines how all network communication is to operate, instead of relying on disparate classes constraint or hardcoded decisions. A comment in the code clarifies this intent.
### Side-effects? In my Haskell?
This PR also unavoidably touches some other aspects of the codebase. One such example: it introduces `Hasura.App.AppContext`, named after `HasuraPro.Context.AppContext`: a name for the reader structure at the base level. It also transforms `Handler` from a type alias to a newtype, as `Handler` is where we actually enforce HTTP limits; but without `Handler` being a distinct type, any code path could simply do a `runExceptT $ runReader` and forget to enforce them.
(As a rule of thumb, i am starting to consider any straggling `runReaderT` or `runExceptT` as a code smell: we should not stack / unstack monads haphazardly, and every layer should be an opaque `newtype` with a corresponding run function.)
## Further work
In several places, i have left TODOs when i have encountered things that suggest that we should do further unrelated cleanups. I'll write down the follow-up steps, either in the aforementioned document or on slack. But, in short, at a glance, in approximate order, we could:
- delete `ExecutionCtx` as it is only a subset of `ServerCtx`, and remove one more `runReaderT` call
- delete `ServerConfigCtx` as it is only a subset of `ServerCtx`, and remove it from `RunCtx`
- remove `ServerCtx` from `HandlerCtx`, and make it part of `AppContext`, or even make it the `AppContext` altogether (since, at least for the OSS version, `AppContext` is there again only a subset)
- remove `CacheBuildParams` and `CacheBuild` altogether, as they're just a distinct stack that is a `ReaderT` on top of `IO` that contains, you guessed it, the same thing as `ServerCtx`
- move `RunT` out of `RQL.Types` and rename it, since after the previous cleanups **it only contains `UserInfo`**; it could be bundled with the authentication service, made a small implementation detail in `Hasura.Server.Auth`
- rename `PGMetadaStorageT` to something a bit more accurate, such as `App`, and enforce its IO base
This would significantly simply our complex stack. From there, or in parallel, we can start moving existing dependencies as Services. For the purpose of supporting read replicas entitlement, we could move `MonadResolveSource` to a `SourceResolver` service, as attempted in #7653, and transform `UserAuthenticationM` into a `Authentication` service.
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/7736
GitOrigin-RevId: 68cce710eb9e7d752bda1ba0c49541d24df8209f
2023-02-22 18:53:52 +03:00
HasResourceLimits m ,
ProvidesNetwork m
2021-09-24 01:56:37 +03:00
) =>
Env . Environment ->
2023-03-21 15:35:46 +03:00
SQLGenCtx ->
SchemaCache ->
SchemaCacheVer ->
Init . AllowListStatus ->
ReadOnlyMode ->
PrometheusMetrics ->
L . Logger L . Hasura ->
2021-09-24 01:56:37 +03:00
RequestId ->
UserInfo ->
[ HTTP . Header ] ->
Wai . IpAddress ->
RestRequest EndpointMethod ->
EndpointTrie GQLQueryWithText ->
2022-12-15 10:48:18 +03:00
m ( HttpLogGraphQLInfo , HttpResponse EncJSON )
2023-03-21 15:35:46 +03:00
runCustomEndpoint env sqlGenCtx sc scVer enableAL readOnlyMode prometheusMetrics logger requestId userInfo reqHeaders ipAddress RestRequest { .. } endpoints = do
2021-01-29 04:02:34 +03:00
-- First match the path to an endpoint.
case matchPath reqMethod ( T . split ( == '/' ) reqPath ) endpoints of
MatchFound ( queryx :: EndpointMetadata GQLQueryWithText ) matches ->
2021-09-24 01:56:37 +03:00
let definitions =
queryx
& _ceDefinition
& _edQuery
& getGQLQuery
& unGQLQuery
& G . getExecutableDefinitions
in -- Next, pattern match on the query definition to extract the
-- (hopefully single) ExecutableDefinitionOperation structure, so that
-- we can get hold of the list of query variables.
case definitions of
[ G . ExecutableDefinitionOperation ( G . OperationDefinitionTyped typedDef ) ] -> do
-- Perform a join between the expected variables and the provided variables.
-- If there is a mismatch, throw an error. Also, check that the provided
-- values are compatible with the expected types.
let expectedVariables = G . _todVariableDefinitions typedDef
let joinedVars = M . traverseWithKey resolveVar ( alignVars expectedVariables ( reqArgs ++ zip ( parseVariableNames queryx ) ( map Left matches ) ) )
resolvedVariablesMaybe <- joinedVars ` onLeft ` throw400 BadRequest
2022-07-29 17:52:02 +03:00
let resolvedVariables = catMaybes resolvedVariablesMaybe
2021-09-24 01:56:37 +03:00
-- Construct a graphql query by pairing the resolved variables
-- with the query string from the schema cache, and pass it
-- through to the /v1/graphql endpoint.
2023-03-21 15:35:46 +03:00
( httpLoggingMetadata , handlerResp ) <- do
( gqlOperationLog , resp ) <- GH . runGQ env sqlGenCtx sc scVer enableAL readOnlyMode prometheusMetrics logger requestId userInfo ipAddress reqHeaders E . QueryHasura ( mkPassthroughRequest queryx resolvedVariables )
2022-12-15 10:48:18 +03:00
let httpLoggingGQInfo = ( CommonHttpLogMetadata RequestModeNonBatchable Nothing , ( PQHSetSingleton ( gqolParameterizedQueryHash gqlOperationLog ) ) )
return ( httpLoggingGQInfo , fst <$> resp )
2021-09-24 01:56:37 +03:00
case sequence handlerResp of
Just resp -> pure ( httpLoggingMetadata , fmap encodeHTTPResp resp )
-- a Nothing value here indicates a failure to parse the cached request from redis.
-- TODO: Do we need an additional log message here?
Nothing -> throw500 " An unexpected error occurred while fetching the data from the cache "
-- Note: This fallthrough is required for runtime scenarios where the endpoint is ambiguous, such as:
-- Endpoints /:a/b + /a/:b = Request /a/b - Invalid, but checked at runtime.
_ -> throw500 " A stored query should contain exactly one definition "
2021-01-29 04:02:34 +03:00
MatchNotFound -> throw404 " Endpoint not found "
MatchMissingKey allowedMethods -> throw405 $ " Allowed methods: " <> commaSeparated allowedMethods
MatchAmbiguous -> throw500 " Multiple endpoints match request "