Skip to content

Commit

Permalink
Merge pull request #238 from vektah/variable-validation
Browse files Browse the repository at this point in the history
Add missing variable validation
  • Loading branch information
vektah authored Aug 1, 2018
2 parents ffee020 + d6a7625 commit 600f467
Show file tree
Hide file tree
Showing 4 changed files with 16 additions and 5 deletions.
5 changes: 3 additions & 2 deletions Gopkg.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion example/todo/todo.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
//go:generate gorunpkg github.com/vektah/gqlgen --out generated.go -v
//go:generate gorunpkg github.com/vektah/gqlgen --out generated.go

package todo

Expand Down
7 changes: 6 additions & 1 deletion handler/graphql.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import (
"github.com/vektah/gqlparser"
"github.com/vektah/gqlparser/ast"
"github.com/vektah/gqlparser/gqlerror"
"github.com/vektah/gqlparser/validator"
)

type params struct {
Expand Down Expand Up @@ -167,7 +168,11 @@ func GraphQL(exec graphql.ExecutableSchema, options ...Option) http.HandlerFunc
return
}

reqCtx := cfg.newRequestContext(doc, reqParams.Query, reqParams.Variables)
vars, err := validator.VariableValues(exec.Schema(), op, reqParams.Variables)
if err != nil {
sendError(w, http.StatusUnprocessableEntity, err)
}
reqCtx := cfg.newRequestContext(doc, reqParams.Query, vars)
ctx := graphql.WithRequestContext(r.Context(), reqCtx)

defer func() {
Expand Down
7 changes: 6 additions & 1 deletion handler/websocket.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (
"github.com/vektah/gqlparser"
"github.com/vektah/gqlparser/ast"
"github.com/vektah/gqlparser/gqlerror"
"github.com/vektah/gqlparser/validator"
)

const (
Expand Down Expand Up @@ -148,7 +149,11 @@ func (c *wsConnection) subscribe(message *operationMessage) bool {
return true
}

reqCtx := c.cfg.newRequestContext(doc, reqParams.Query, reqParams.Variables)
vars, err := validator.VariableValues(c.exec.Schema(), op, reqParams.Variables)
if err != nil {
c.sendError(message.ID, err)
}
reqCtx := c.cfg.newRequestContext(doc, reqParams.Query, vars)
ctx := graphql.WithRequestContext(c.ctx, reqCtx)

if op.Operation != ast.Subscription {
Expand Down

0 comments on commit 600f467

Please sign in to comment.