mirror of
https://github.com/hasura/graphql-engine.git
synced 2024-12-17 04:24:35 +03:00
71af68e9e5
The only real use was for the dubious multitenant option --consoleAssetsVersion, which actually overrode not just the assets version. I.e., as far as I can tell, if you pass --consoleAssetsVersion to multitenant, that version will also make it into e.g. HTTP client user agent headers as the proper graphql-engine version. I'm dropping that option, since it seems unused in production and I don't want to go to the effort of fixing it, but am happy to look into that if folks feels strongly that it should be kept. (Reason for attacking this is that I was looking into http client things around blacklisting, and the versioning thing is a bit painful around http client headers.) PR-URL: https://github.com/hasura/graphql-engine-mono/pull/2458 GitOrigin-RevId: a02b05557124bdba9f65e96b3aa2746aeee03f4a
178 lines
8.8 KiB
Haskell
178 lines
8.8 KiB
Haskell
module Hasura.Server.Rest
|
|
( runCustomEndpoint,
|
|
RestRequest (..),
|
|
)
|
|
where
|
|
|
|
import Control.Monad.Trans.Control (MonadBaseControl)
|
|
import Data.Aeson hiding (json)
|
|
import Data.Aeson qualified as J
|
|
import Data.Align qualified as Align
|
|
import Data.Environment qualified as Env
|
|
import Data.HashMap.Strict qualified as M
|
|
import Data.Text qualified as T
|
|
import Data.Text.Encoding qualified as T
|
|
import Data.Text.Extended
|
|
import Data.These (These (..))
|
|
import Hasura.Base.Error
|
|
import Hasura.EncJSON
|
|
import Hasura.GraphQL.Execute qualified as E
|
|
import Hasura.GraphQL.Execute.Backend qualified as EB
|
|
import Hasura.GraphQL.Logging (MonadQueryLog)
|
|
import Hasura.GraphQL.ParameterizedQueryHash (ParameterizedQueryHashList (..))
|
|
import Hasura.GraphQL.Transport.HTTP qualified as GH
|
|
import Hasura.GraphQL.Transport.HTTP.Protocol
|
|
import Hasura.HTTP
|
|
import Hasura.Metadata.Class
|
|
import Hasura.Prelude hiding (get, put)
|
|
import Hasura.RQL.Types
|
|
import Hasura.Server.Limits
|
|
import Hasura.Server.Logging
|
|
import Hasura.Server.Types
|
|
import Hasura.Session
|
|
import Hasura.Tracing qualified as Tracing
|
|
import Language.GraphQL.Draft.Syntax qualified as G
|
|
import Network.HTTP.Types qualified as HTTP
|
|
import Network.Wai.Extended qualified as Wai
|
|
|
|
-- Note: There may be a better way of constructing this when building the Endpoint datastructure.
|
|
parseVariableNames :: EndpointMetadata GQLQueryWithText -> [Text]
|
|
parseVariableNames queryx =
|
|
mapMaybe (T.stripPrefix ":") $ T.split (== '/') (toTxt $ _ceUrl queryx)
|
|
|
|
-- Given a list of expected variables and the parsed vars from the path,
|
|
-- return a map of variable names to `These expected parsed`.
|
|
alignVars :: [G.VariableDefinition] -> [(Text, Either Text Value)] -> HashMap G.Name (These G.VariableDefinition (Either Text Value))
|
|
alignVars defVars parseVars =
|
|
Align.align
|
|
(M.fromList (map (\v -> (G._vdName v, v)) defVars))
|
|
(M.fromList (mapMaybe (\(k, v) -> (,v) <$> G.mkName k) parseVars))
|
|
|
|
resolveVar :: G.Name -> These G.VariableDefinition (Either Text J.Value) -> Either Text (Maybe Value)
|
|
resolveVar _ (This _expectedVar) = Right Nothing
|
|
resolveVar varName (That _providedVar) = Left $ "Unexpected variable " <> toTxt @G.Name varName
|
|
resolveVar varName (These expectedVar providedVar) =
|
|
-- TODO: See CustomTypes.hs for SCALAR types
|
|
case G._vdType expectedVar of
|
|
G.TypeNamed (G.Nullability nullable) typeName -> case providedVar of
|
|
Right r -> Right (Just r)
|
|
Left l
|
|
| typeName == stringScalar -> Right $ Just $ J.String l -- "String" -- Note: Strings don't need to be decoded since the format already matches.
|
|
| otherwise ->
|
|
case (J.decodeStrict (T.encodeUtf8 l), nullable) of
|
|
(Just J.Null, True) -> pure Nothing
|
|
(decoded, _)
|
|
| typeName == boolScalar && T.null l -> Right $ Just $ J.Bool True -- Key present but value missing for bools defaults to True.
|
|
| typeName == $$(G.litName "UUID") -> Right $ Just $ J.String l
|
|
| typeName == $$(G.litName "uuid") -> Right $ Just $ J.String l
|
|
| typeName == idScalar -> Right $ Just $ J.String l -- "ID" -- Note: Console doesn't expose this as a column type.
|
|
| otherwise -> case decoded of
|
|
(Just (J.Null)) -> Left $ "Null or missing value for non-nullable variable: " <> G.unName varName
|
|
(Just x@(J.Bool _))
|
|
| typeName == boolScalar -> pure $ Just x -- "Boolean"
|
|
| typeName == $$(G.litName "Bool") -> pure $ Just x
|
|
| otherwise -> Left $ "Expected " <> toTxt typeName <> " for variable " <> G.unName varName <> " got Bool"
|
|
(Just x@(J.Number _))
|
|
| typeName == intScalar -> pure $ Just x -- "Int"
|
|
| typeName == floatScalar -> pure $ Just x -- "Float"
|
|
| typeName == $$(G.litName "Number") -> pure $ Just x
|
|
| typeName == $$(G.litName "Double") -> pure $ Just x
|
|
| typeName == $$(G.litName "float8") -> pure $ Just x
|
|
| typeName == $$(G.litName "numeric") -> pure $ Just x
|
|
| otherwise -> Left $ "Expected " <> toTxt typeName <> " for variable " <> G.unName varName <> " got Number"
|
|
_ -> Left ("Type of URL parameter for variable " <> G.unName varName <> " not supported - Consider putting it in the request body: " <> tshow l)
|
|
-- TODO: This is a fallthrough case and is still required
|
|
-- but we can move checks for template variables being
|
|
-- scalars into the schema-cache construction.
|
|
_ -> Left ("The variable type for the expected variable " <> toTxt @G.Name varName <> " was not supported.")
|
|
|
|
mkPassthroughRequest :: EndpointMetadata GQLQueryWithText -> VariableValues -> GQLReq GQLQueryText
|
|
mkPassthroughRequest queryx resolvedVariables =
|
|
GQLReq
|
|
Nothing
|
|
(GQLQueryText $ getGQLQueryText (_edQuery (_ceDefinition queryx)))
|
|
(Just resolvedVariables)
|
|
|
|
data RestRequest method = RestRequest
|
|
{ -- | Remainder of the url path after `api/rest`
|
|
reqPath :: Text,
|
|
reqMethod :: method, -- EndpointMethod
|
|
|
|
-- | URL Query/Request Body Arguments
|
|
reqArgs :: [(Text, Either Text J.Value)]
|
|
}
|
|
deriving (Functor, Foldable, Traversable)
|
|
|
|
-- | Implements all the custom endpoints by looking up the
|
|
-- path/methods in the endpoint trie and delegating to the graphql
|
|
-- handler.
|
|
runCustomEndpoint ::
|
|
forall m.
|
|
( MonadIO m,
|
|
MonadError QErr m,
|
|
Tracing.MonadTrace m,
|
|
MonadBaseControl IO m,
|
|
E.MonadGQLExecutionCheck m,
|
|
MonadQueryLog m,
|
|
GH.MonadExecuteQuery m,
|
|
MonadMetadataStorage (MetadataStorageT m),
|
|
HttpLog m,
|
|
EB.MonadQueryTags m,
|
|
HasResourceLimits m
|
|
) =>
|
|
Env.Environment ->
|
|
E.ExecutionCtx ->
|
|
RequestId ->
|
|
UserInfo ->
|
|
[HTTP.Header] ->
|
|
Wai.IpAddress ->
|
|
RestRequest EndpointMethod ->
|
|
EndpointTrie GQLQueryWithText ->
|
|
m (HttpLogMetadata m, HttpResponse EncJSON)
|
|
runCustomEndpoint env execCtx requestId userInfo reqHeaders ipAddress RestRequest {..} endpoints = do
|
|
-- First match the path to an endpoint.
|
|
case matchPath reqMethod (T.split (== '/') reqPath) endpoints of
|
|
MatchFound (queryx :: EndpointMetadata GQLQueryWithText) matches ->
|
|
let definitions =
|
|
queryx
|
|
& _ceDefinition
|
|
& _edQuery
|
|
& getGQLQuery
|
|
& unGQLQuery
|
|
& G.getExecutableDefinitions
|
|
in -- Next, pattern match on the query definition to extract the
|
|
-- (hopefully single) ExecutableDefinitionOperation structure, so that
|
|
-- we can get hold of the list of query variables.
|
|
case definitions of
|
|
[G.ExecutableDefinitionOperation (G.OperationDefinitionTyped typedDef)] -> do
|
|
-- Perform a join between the expected variables and the provided variables.
|
|
-- If there is a mismatch, throw an error. Also, check that the provided
|
|
-- values are compatible with the expected types.
|
|
let expectedVariables = G._todVariableDefinitions typedDef
|
|
let joinedVars = M.traverseWithKey resolveVar (alignVars expectedVariables (reqArgs ++ zip (parseVariableNames queryx) (map Left matches)))
|
|
|
|
resolvedVariablesMaybe <- joinedVars `onLeft` throw400 BadRequest
|
|
|
|
let resolvedVariables = M.mapMaybe id resolvedVariablesMaybe
|
|
|
|
-- Construct a graphql query by pairing the resolved variables
|
|
-- with the query string from the schema cache, and pass it
|
|
-- through to the /v1/graphql endpoint.
|
|
(httpLoggingMetadata, handlerResp) <- flip runReaderT execCtx $ do
|
|
(gqlOperationLog, resp) <- GH.runGQ env (E._ecxLogger execCtx) requestId userInfo ipAddress reqHeaders E.QueryHasura (mkPassthroughRequest queryx resolvedVariables)
|
|
let httpLogMetadata =
|
|
buildHttpLogMetadata @m (PQHSetSingleton (gqolParameterizedQueryHash gqlOperationLog)) RequestModeNonBatchable Nothing
|
|
return (httpLogMetadata, fst <$> resp)
|
|
case sequence handlerResp of
|
|
Just resp -> pure (httpLoggingMetadata, fmap encodeHTTPResp resp)
|
|
-- a Nothing value here indicates a failure to parse the cached request from redis.
|
|
-- TODO: Do we need an additional log message here?
|
|
Nothing -> throw500 "An unexpected error occurred while fetching the data from the cache"
|
|
|
|
-- Note: This fallthrough is required for runtime scenarios where the endpoint is ambiguous, such as:
|
|
-- Endpoints /:a/b + /a/:b = Request /a/b - Invalid, but checked at runtime.
|
|
_ -> throw500 "A stored query should contain exactly one definition"
|
|
MatchNotFound -> throw404 "Endpoint not found"
|
|
MatchMissingKey allowedMethods -> throw405 $ "Allowed methods: " <> commaSeparated allowedMethods
|
|
MatchAmbiguous -> throw500 "Multiple endpoints match request"
|