-
Notifications
You must be signed in to change notification settings - Fork 177
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DSL does not provide expected argument validation #355
Comments
Poking at this a bit more (after finding from gql.dsl import print_ast
bad_query_dsl = dsl.dsl_gql(
dsl.DSLQuery(
ds.Query.continents(
filter={
'code': 'AN'
}
).select(
ds.Continent.code,
ds.Continent.name,
)
)
)
print(print_ast(bad_query_dsl)) Results in this query: {
continents(filter: {}) {
code
name
}
} This also happens in some (but not all) cases where an incorrect type is provided as a value. I've found that passing a in serialize_string(output_value)
174 # do not serialize builtin types as strings, but allow serialization of custom 175 # types via their `__str__` method
176 if type(output_value).__module__ == "builtins":
--> 177 raise GraphQLError("String cannot represent value: " + inspect(output_value))
178 return str(output_value)
GraphQLError: String cannot represent value: ['AN'] However, passing a |
Describe the bug
gql.gql()
, the query string is checked for invalid arguments, and raises an exception if any are found. (expected behavior)gql.dsl.dsl_gql()
, the arguments are not checked, causing unexpected return values. (unexpected behavior)I've been able to recreate this using the countries api used in the docs.
To Reproduce
Jump to step 5 to see the actual improper behavior.
Set up the transport/client.
Run a good query using strings.
Result:
Run a bad query using strings. The only change here is using
'AN'
directly as an argument tocode
, instead of providing theeq
directive.Result:
Run a good query using DSL.
Result:
Run a bad query using DSL. Same deal, just remove the 'eq' level of filter specification. Note that the result is an unfiltered response.
Result:
Expected behavior
Step 5 should raise an equivalent exception to step 3.
System info (please complete the following information):
The text was updated successfully, but these errors were encountered: