graphql-python · kiendang · Oct 29, 2023 · Aug 3, 2023 · Aug 3, 2023 · Aug 3, 2023
diff --git a/graphene_django/views.py b/graphene_django/views.py
@@ -9,13 +9,13 @@
 from django.utils.decorators import method_decorator
 from django.views.decorators.csrf import ensure_csrf_cookie
 from django.views.generic import View
-from graphql import OperationType, get_operation_ast, parse
+from graphql import ExecutionResult, OperationType, execute, get_operation_ast, parse
 from graphql.error import GraphQLError
-from graphql.execution import ExecutionResult
-
-from graphene import Schema
 from graphql.execution.middleware import MiddlewareManager
+from graphql.language import OperationDefinitionNode
+from graphql.validation import validate
 
+from graphene import Schema
 from graphene_django.constants import MUTATION_ERRORS_FLAG
 from graphene_django.utils.utils import set_rollback
 
@@ -186,7 +186,7 @@ def dispatch(self, request, *args, **kwargs):
                     or 200
                 )
             else:
-                result, status_code = self.get_response(request, data, show_graphiql)
+                result, status_code = self.get_response(request, data)
 show_graphiql = self.graphiql and self.can_display_graphiql(request, data) 
 if show_graphiql: 
     return self.render_graphiql( 
 show_graphiql = self.graphiql and self.can_display_graphiql(request, data) 
  
 if show_graphiql: 
     return self.render_graphiql( 
 
             return HttpResponse(
                 status=status_code, content=result, content_type="application/json"
@@ -200,11 +200,11 @@ def dispatch(self, request, *args, **kwargs):
             )
             return response
 
-    def get_response(self, request, data, show_graphiql=False):
+    def get_response(self, request, data):
         query, variables, operation_name, id = self.get_graphql_params(request, data)
 
         execution_result = self.execute_graphql_request(
-            request, data, query, variables, operation_name, show_graphiql
+            request, data, query, variables, operation_name
         )
 
         if getattr(request, MUTATION_ERRORS_FLAG, False) is True:
@@ -231,7 +231,7 @@ def get_response(self, request, data, show_graphiql=False):
                 response["id"] = id
                 response["status"] = status_code
 
-            result = self.json_encode(request, response, pretty=show_graphiql)
+            result = self.json_encode(request, response)
         else:
             result = None
 
@@ -286,64 +286,79 @@ def parse_body(self, request):
 
         return {}
 
-    def execute_graphql_request(
-        self, request, data, query, variables, operation_name, show_graphiql=False
-    ):
+    def execute_graphql_request(self, request, data, query, variables, operation_name):
         if not query:
-            if show_graphiql:
-                return None
             raise HttpError(HttpResponseBadRequest("Must provide query string."))
 
         try:
             document = parse(query)
         except Exception as e:
             return ExecutionResult(errors=[e])
 
-        if request.method.lower() == "get":
-            operation_ast = get_operation_ast(document, operation_name)
-            if operation_ast and operation_ast.operation != OperationType.QUERY:
-                if show_graphiql:
-                    return None
+        operation_ast = get_operation_ast(document, operation_name)
 
-                raise HttpError(
-                    HttpResponseNotAllowed(
-                        ["POST"],
-                        "Can only perform a {} operation from a POST request.".format(
-                            operation_ast.operation.value
-                        ),
-                    )
+        if not operation_ast:
+            ops_count = len(
+                [
+                    x
+                    for x in document.definitions
+                    if isinstance(x, OperationDefinitionNode)
+                ]
+            )
+            if ops_count > 1:
+                op_error = (
+                    "Must provide operation name if query contains multiple operations."
                 )
-        try:
-            extra_options = {}
-            if self.execution_context_class:
-                extra_options["execution_context_class"] = self.execution_context_class
+            elif operation_name:
+                op_error = f"Unknown operation named '{operation_name}'."
+            else:
+                op_error = "Must provide a valid operation."
+
+            return ExecutionResult(errors=[GraphQLError(op_error)])
 def test_errors_when_missing_operation_name(client): 
     response = client.get( 
         url_string( 
             query=""" 
         query TestQuery { test } 
         mutation TestMutation { writeTest { test } } 
         """ 
         ) 
     ) 
     assert response.status_code == 400 
     assert response_json(response) == { 
         "errors": [ 
             { 
                 "message": "Must provide operation name if query contains multiple operations.", 
             } 
         ] 
     } 
 def test_errors_when_missing_operation_name(client): 
     response = client.get( 
         url_string( 
             query=""" 
         query TestQuery { test } 
         mutation TestMutation { writeTest { test } } 
         """ 
         ) 
     ) 
  
     assert response.status_code == 400 
     assert response_json(response) == { 
         "errors": [ 
             { 
                 "message": "Must provide operation name if query contains multiple operations.", 
             } 
         ] 
     } 
  
+
+        if (
+            request.method.lower() == "get"
+            and operation_ast.operation != OperationType.QUERY
+        ):
+            raise HttpError(
+                HttpResponseNotAllowed(
+                    ["POST"],
+                    (
+                        f"Can only perform a {operation_ast.operation.value} operation "
+                        "from a POST request."
+                    ),
+                )
+            )
 
-            options = {
-                "source": query,
+        execute_args = (self.schema.graphql_schema, document)
+
+        if validation_errors := validate(*execute_args):
+            return ExecutionResult(data=None, errors=validation_errors)
+
+        try:
+            execute_options = {
                 "root_value": self.get_root_value(request),
+                "context_value": self.get_context(request),
                 "variable_values": variables,
                 "operation_name": operation_name,
-                "context_value": self.get_context(request),
                 "middleware": self.get_middleware(request),
             }
-            options.update(extra_options)
+            if self.execution_context_class:
+                execute_options[
+                    "execution_context_class"
+                ] = self.execution_context_class
 
-            operation_ast = get_operation_ast(document, operation_name)
             if (
-                operation_ast
-                and operation_ast.operation == OperationType.MUTATION
-                and (
-                    graphene_settings.ATOMIC_MUTATIONS is True
-                    or connection.settings_dict.get("ATOMIC_MUTATIONS", False) is True
-                )
-            ):
+                graphene_settings.ATOMIC_MUTATIONS is True
+                or connection.settings_dict.get("ATOMIC_MUTATIONS", False) is True
+            ) and operation_ast.operation == OperationType.MUTATION:
                 with transaction.atomic():
-                    result = self.schema.execute(**options)
+                    result = execute(*execute_args, **execute_options)
                     if getattr(request, MUTATION_ERRORS_FLAG, False) is True:
                         transaction.set_rollback(True)
                 return result
 
-            return self.schema.execute(**options)
+            return execute(*execute_args, **execute_options)
         except Exception as e:
             return ExecutionResult(errors=[e])