From 47324d06aa4a237ee708eec75f92a5f4b35da2e8 Mon Sep 17 00:00:00 2001 From: Michael Staib Date: Thu, 8 Aug 2024 07:18:35 +0200 Subject: [PATCH 1/9] Adds Enum Type Default Value Uses Inaccessible Value Rule --- spec/Section 4 -- Composition.md | 105 +++++++++++++++++++++++++++++++ 1 file changed, 105 insertions(+) diff --git a/spec/Section 4 -- Composition.md b/spec/Section 4 -- Composition.md index 35d3b72..73e8d06 100644 --- a/spec/Section 4 -- Composition.md +++ b/spec/Section 4 -- Composition.md @@ -14,6 +14,111 @@ run in sequence to produce the composite execution schema. ### Pre Merge Validation +#### Enum Type Default Value Uses Inaccessible Value + +**Error Code** + +`ENUM_TYPE_DEFAULT_VALUE_INACCESSIBLE` + +**Formal Specification** + +- {ValidateArgumentDefaultValues()} must be true. +- {ValidateInputFieldDefaultValues()} must be true. + +ValidateArgumentDefaultValues(): + +- Let {arguments} be all arguments of fields and directives across all subgraphs +- For each {argument} in {arguments} + - If {IsExposed(argument)} is true and has a default value: + - Let {defaultValue} be the default value of {argument} + - If not ValidateDefaultValue(defaultValue) + - return false +- return true + +ValidateInputFieldDefaultValues(): + +- Let {inputFields} be all input fields of across all subgraphs +- For each {inputField} in {inputFields}: + - Let {type} be the type of {inputField} + - If {IsExposed(inputField)} is true and {inputField} has a default value: + - Let {defaultValue} be the default value of {inputField} + - if ValidateDefaultValue(defaultValue) is false + - return false +- return true + +ValidateDefaultValue(defaultValue): + +- If {defaultValue} is a ListValue: + - For each {valueNode} in {defaultValue}: + - If {ValidateDefaultValue(valueNode)} is false + - return false +- If {defaultValue} is an ObjectValue: + - Let {objectFields} be a list of all fields of {defaultValue} + - Let {fields} be a list of all fields {objectFields} are referring to + - For each {field} in {fields}: + - If {IsExposed(field)} is false + - return false + - For each {objectField} in {objectFields}: + - Let {value} be the value of {objectField} + - return {ValidateDefaultValue(value)} +- If {defaultValue} is an EnumValue: + - If {IsExposed(defaultValue)} is false + - return false +- return true + +**Explanatory Text** + +This rule ensures that inaccessible enum values are not exposed in the composed schema through default values. +Output field arguments, input fields and directive arguments must only use enum values as their default value that is not annotated with the `@inaccessible` directive. + +In this example the `FOO` value in the `Enum1` enum is not marked with +`@inaccessible`, hence it doesn't violate the rule. + +```graphql +type Query { + field(type: Enum1 = FOO): [Baz!]! +} + +enum Enum1 { + FOO + BAR +} +``` + +This following example violates this rule because the default value for the field +`field` in type `Input1` references an enum value (`FOO`) that is marked as +`@inaccessible`. + +```graphql counter-example +type Query { + field(arg: Enum1 = FOO): [Baz!]! +} + +input Input1 { + field: Enum1 = FOO +} + +directive @directive1(arg: Enum1 = FOO) on FIELD_DEFINITION + +enum Enum1 { + FOO @inaccessible + BAR +} +``` + +```graphql counter-example +type Query { + field(arg: Input1 = { field2: "ERROR" }): [Baz!]! +} + +directive @directive1(arg: Input1 = { field2: "ERROR" }) on FIELD_DEFINITION + +input Input1 { + field1: String + field2: String @inaccessible +} +``` + ### Merge ### Post Merge Validation From ac867021f70f97600d7db9cde35dc6138c54cbbc Mon Sep 17 00:00:00 2001 From: Michael Staib Date: Thu, 14 Nov 2024 12:25:23 +0200 Subject: [PATCH 2/9] Update spec/Section 4 -- Composition.md Co-authored-by: Glen --- spec/Section 4 -- Composition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/Section 4 -- Composition.md b/spec/Section 4 -- Composition.md index 73e8d06..c9acfcb 100644 --- a/spec/Section 4 -- Composition.md +++ b/spec/Section 4 -- Composition.md @@ -27,7 +27,7 @@ run in sequence to produce the composite execution schema. ValidateArgumentDefaultValues(): -- Let {arguments} be all arguments of fields and directives across all subgraphs +- Let {arguments} be all arguments of fields and directives across all source schemas - For each {argument} in {arguments} - If {IsExposed(argument)} is true and has a default value: - Let {defaultValue} be the default value of {argument} From b7fbed88a5f8a00e99fd812e366421ee8bedc70f Mon Sep 17 00:00:00 2001 From: Michael Staib Date: Thu, 14 Nov 2024 12:25:28 +0200 Subject: [PATCH 3/9] Update spec/Section 4 -- Composition.md Co-authored-by: Glen --- spec/Section 4 -- Composition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/Section 4 -- Composition.md b/spec/Section 4 -- Composition.md index c9acfcb..e0c58ac 100644 --- a/spec/Section 4 -- Composition.md +++ b/spec/Section 4 -- Composition.md @@ -42,7 +42,7 @@ ValidateInputFieldDefaultValues(): - Let {type} be the type of {inputField} - If {IsExposed(inputField)} is true and {inputField} has a default value: - Let {defaultValue} be the default value of {inputField} - - if ValidateDefaultValue(defaultValue) is false + - If {ValidateDefaultValue(defaultValue)} is false - return false - return true From 1ea97bba1f009c3b540237c27d32199e46ba7fdd Mon Sep 17 00:00:00 2001 From: Michael Staib Date: Thu, 14 Nov 2024 12:25:34 +0200 Subject: [PATCH 4/9] Update spec/Section 4 -- Composition.md Co-authored-by: Glen --- spec/Section 4 -- Composition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/Section 4 -- Composition.md b/spec/Section 4 -- Composition.md index e0c58ac..7b10505 100644 --- a/spec/Section 4 -- Composition.md +++ b/spec/Section 4 -- Composition.md @@ -72,7 +72,7 @@ This rule ensures that inaccessible enum values are not exposed in the composed Output field arguments, input fields and directive arguments must only use enum values as their default value that is not annotated with the `@inaccessible` directive. In this example the `FOO` value in the `Enum1` enum is not marked with -`@inaccessible`, hence it doesn't violate the rule. +`@inaccessible`, hence it does not violate the rule. ```graphql type Query { From 9b09474b3082eeb322356ece6f76ce838a19b564 Mon Sep 17 00:00:00 2001 From: Michael Staib Date: Thu, 14 Nov 2024 12:25:41 +0200 Subject: [PATCH 5/9] Update spec/Section 4 -- Composition.md Co-authored-by: Glen --- spec/Section 4 -- Composition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/Section 4 -- Composition.md b/spec/Section 4 -- Composition.md index 7b10505..c2013e0 100644 --- a/spec/Section 4 -- Composition.md +++ b/spec/Section 4 -- Composition.md @@ -85,7 +85,7 @@ enum Enum1 { } ``` -This following example violates this rule because the default value for the field +The following example violates this rule because the default value for the field `field` in type `Input1` references an enum value (`FOO`) that is marked as `@inaccessible`. From 7428ffdffbfa8c12afd4213621cecadc794e307a Mon Sep 17 00:00:00 2001 From: Michael Staib Date: Thu, 14 Nov 2024 12:26:16 +0200 Subject: [PATCH 6/9] Update spec/Section 4 -- Composition.md Co-authored-by: Glen --- spec/Section 4 -- Composition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/Section 4 -- Composition.md b/spec/Section 4 -- Composition.md index c2013e0..8320787 100644 --- a/spec/Section 4 -- Composition.md +++ b/spec/Section 4 -- Composition.md @@ -31,7 +31,7 @@ ValidateArgumentDefaultValues(): - For each {argument} in {arguments} - If {IsExposed(argument)} is true and has a default value: - Let {defaultValue} be the default value of {argument} - - If not ValidateDefaultValue(defaultValue) + - If not {ValidateDefaultValue(defaultValue)} - return false - return true From 6d9307b9a1bfb31a4a43968364535b75bf63a622 Mon Sep 17 00:00:00 2001 From: Michael Staib Date: Thu, 14 Nov 2024 12:26:23 +0200 Subject: [PATCH 7/9] Update spec/Section 4 -- Composition.md Co-authored-by: Glen --- spec/Section 4 -- Composition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/Section 4 -- Composition.md b/spec/Section 4 -- Composition.md index 8320787..6883cbc 100644 --- a/spec/Section 4 -- Composition.md +++ b/spec/Section 4 -- Composition.md @@ -37,7 +37,7 @@ ValidateArgumentDefaultValues(): ValidateInputFieldDefaultValues(): -- Let {inputFields} be all input fields of across all subgraphs +- Let {inputFields} be all input fields across all source schemas - For each {inputField} in {inputFields}: - Let {type} be the type of {inputField} - If {IsExposed(inputField)} is true and {inputField} has a default value: From c5d13243db2baaf4adbc304b398e71a43b5f1e34 Mon Sep 17 00:00:00 2001 From: Michael Staib Date: Thu, 14 Nov 2024 12:26:30 +0200 Subject: [PATCH 8/9] Update spec/Section 4 -- Composition.md Co-authored-by: Glen --- spec/Section 4 -- Composition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/Section 4 -- Composition.md b/spec/Section 4 -- Composition.md index 6883cbc..b60bc3e 100644 --- a/spec/Section 4 -- Composition.md +++ b/spec/Section 4 -- Composition.md @@ -69,7 +69,7 @@ ValidateDefaultValue(defaultValue): **Explanatory Text** This rule ensures that inaccessible enum values are not exposed in the composed schema through default values. -Output field arguments, input fields and directive arguments must only use enum values as their default value that is not annotated with the `@inaccessible` directive. +Output field arguments, input fields, and directive arguments must only use enum values as their default value when not annotated with the `@inaccessible` directive. In this example the `FOO` value in the `Enum1` enum is not marked with `@inaccessible`, hence it does not violate the rule. From 7da6d59d39ac4684181a30504217b53aa31a89a0 Mon Sep 17 00:00:00 2001 From: Michael Staib Date: Thu, 14 Nov 2024 14:45:19 +0200 Subject: [PATCH 9/9] Formatting --- spec/Section 4 -- Composition.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/spec/Section 4 -- Composition.md b/spec/Section 4 -- Composition.md index 78aa861..09e5e4b 100644 --- a/spec/Section 4 -- Composition.md +++ b/spec/Section 4 -- Composition.md @@ -27,7 +27,8 @@ run in sequence to produce the composite execution schema. ValidateArgumentDefaultValues(): -- Let {arguments} be all arguments of fields and directives across all source schemas +- Let {arguments} be all arguments of fields and directives across all source + schemas - For each {argument} in {arguments} - If {IsExposed(argument)} is true and has a default value: - Let {defaultValue} be the default value of {argument} @@ -68,8 +69,10 @@ ValidateDefaultValue(defaultValue): **Explanatory Text** -This rule ensures that inaccessible enum values are not exposed in the composed schema through default values. -Output field arguments, input fields, and directive arguments must only use enum values as their default value when not annotated with the `@inaccessible` directive. +This rule ensures that inaccessible enum values are not exposed in the composed +schema through default values. Output field arguments, input fields, and +directive arguments must only use enum values as their default value when not +annotated with the `@inaccessible` directive. In this example the `FOO` value in the `Enum1` enum is not marked with `@inaccessible`, hence it does not violate the rule. @@ -802,4 +805,4 @@ type ObjectType1 { } ``` -## Validate Satisfiability \ No newline at end of file +## Validate Satisfiability