Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(GraphQL) fix auth query rewriting with ID filter (cherry-pick-7740) #8157

Merged
merged 5 commits into from
Sep 28, 2022
Merged

fix(GraphQL) fix auth query rewriting with ID filter (cherry-pick-7740) #8157

merged 5 commits into from
Sep 28, 2022

Conversation

joshua-goldstein
Copy link
Contributor

@joshua-goldstein joshua-goldstein commented Aug 19, 2022
edited
Loading

Refers to this PR. Cherry pick 7740.

@CLAassistant
Copy link

CLAassistant commented Aug 19, 2022
edited
Loading

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
2 out of 3 committers have signed the CLA.

✅ joshua-goldstein
✅ matthewmcneely
❌ minhaj-shakeel
You have signed the CLA already but the status is still pending? Let us recheck it.

@joshua-goldstein joshua-goldstein changed the title commenting out potentially unnecessary blocks (should verify) fix(GraphQL) fix auth query rewriting with ID filter (cherry-pick-7740) Aug 20, 2022
@coveralls
Copy link

coveralls commented Sep 15, 2022
edited
Loading

Coverage Status

Coverage increased (+0.003%) to 37.102% when pulling 50ee38a on cherry-pick-7740 into 9b67017 on main.

minhaj-shakeel and others added 3 commits September 18, 2022 23:38
@minhaj-shakeel @joshua-goldstein
rebasing on main
e588106 
fix(GraphQL): fix auth query rewriting with ID filter (#7740)

Fixes GRAPHQL-1159.
@joshua-goldstein
removed comment
2f0a6d6
@joshua-goldstein
resolve conflict in query_rewriter.go
ede22bd
meghalims
meghalims approved these changes Sep 23, 2022
View reviewed changes
Copy link
Contributor

@meghalims meghalims left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good 👍

@skrdgraph
Copy link
Contributor

@joshua-goldstein - the tests seem to have failed, I am re-running them (because I suspect this must have happened when one of us was mucking with the runners)

@matthewmcneely
Copy link
Contributor

Please don't merge this yet. Getting a panic when testing this locally.

@joshua-goldstein
Copy link
Contributor Author

Please don't merge this yet. Getting a panic when testing this locally.

Hi Matthew, any idea why this might be happening locally? Do you have a stack trace of the panic? I reran the test on our runners three times and we see the test passing there.

matthewmcneely
matthewmcneely reviewed Sep 27, 2022
View reviewed changes
graphql/resolve/query_rewriter.go
@@ -1567,7 +1573,18 @@ func idFilter(filter map[string]interface{}, idField schema.FieldDefinition) []u
if idsFilter == nil {
return nil
}
idsSlice := idsFilter.([]interface{})
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was panic-ing if the type coming in from the wild was a simple string—which I'd say is the typical scenario for IDs when encoded in JWTs (taken from some session ID or something).

@matthewmcneely
Copy link
Contributor

@joshua-goldstein, @skrdgraph Could you guys review my recent commits to this branch?

@matthewmcneely
Copy link
Contributor

Please don't merge this yet. Getting a panic when testing this locally.

Hi Matthew, any idea why this might be happening locally? Do you have a stack trace of the panic? I reran the test on our runners three times and we see the test passing there.

@joshua-goldstein The issue was that the tests were not creating all the conditions in which an ID-assigned JWT variable was being passed—namely, the tests covered arrays (slices), but not single values. I uncovered this by actually deploying a graph with auth protected types and running queries with actual JWTs in the requests.

So the fix was to check for that single value, not just the slice. I added another test to cover this condition.

skrdgraph
skrdgraph approved these changes Sep 28, 2022
View reviewed changes
Copy link
Contributor

@skrdgraph skrdgraph left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thnx for explaining this, it was easy to understand this @matthewmcneely

@nswamy nswamy self-requested a review September 28, 2022 21:13
@joshua-goldstein joshua-goldstein merged commit a2babb8 into main Sep 28, 2022
@joshua-goldstein joshua-goldstein deleted the cherry-pick-7740 branch September 28, 2022 21:14
@skrdgraph skrdgraph restored the cherry-pick-7740 branch September 29, 2022 16:58
@joshua-goldstein joshua-goldstein deleted the cherry-pick-7740 branch May 17, 2023 18:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matthewmcneely matthewmcneely matthewmcneely left review comments

@nswamy nswamy nswamy approved these changes

@meghalims meghalims meghalims approved these changes

@skrdgraph skrdgraph skrdgraph approved these changes

@akon-dey akon-dey Awaiting requested review from akon-dey

@MichelDiz MichelDiz Awaiting requested review from MichelDiz

@gcxml gcxml Awaiting requested review from gcxml

Assignees
No one assigned
Labels
cherry-pick
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@joshua-goldstein @CLAassistant @coveralls @skrdgraph @matthewmcneely @nswamy @meghalims @minhaj-shakeel