Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Treat useStrictAccess option as true by default #700

Merged
merged 2 commits into from
Jul 9, 2020
Merged

Treat useStrictAccess option as true by default #700

merged 2 commits into from
Jul 9, 2020

Conversation

murtukov
Copy link
Member

@murtukov murtukov commented Jul 9, 2020
edited
Loading

Q A
Bug fix? no
New feature? no
BC breaks? no
Deprecations? no
Tests pass? yes
Documented? no

The useStrictAccess is a boolean option on GraphQL types. It is true by default. There is no need to render both states (true and false), so this PR changes it: it will be rendered only if set to false. If it's not defined, it will be considered as true.

Here is an example of an object type:

final class HumanType extends ObjectType implements GeneratedTypeInterface
{
    public const NAME = 'Human';
    
    public function __construct(ConfigProcessor $configProcessor, GlobalVariables $globalVariables = null)
    {
        $configLoader = fn() => [
            'name' => self::NAME,
            'description' => 'A humanoid creature in the Star Wars universe.',
            'fields' => fn() => [
                'id' => [
                    'type' => Type::nonNull(Type::string()),
                    'deprecationReason' => 'A terrible reason',
                    'description' => 'The id of the character.',
                    'useStrictAccess' => true,
                ],
                'name' => [
                    'type' => Type::string(),
                    'description' => 'The name of the character.',
                    'useStrictAccess' => true,
                ],
                'friends' => [
                    'type' => Type::listOf($globalVariables->get('typeResolver')->resolve('Character')),
                    'resolve' => fn () => ...,
                    'description' => 'The friends of the character.',
                    'useStrictAccess' => true,
                ],
                'appearsIn' => [
                    'type' => Type::listOf($globalVariables->get('typeResolver')->resolve('Episode')),
                    'description' => 'Which movies they appear in.',
                    'useStrictAccess' => true,
                ],
            ],
        ];
        $config = $configProcessor->process(LazyConfig::create($configLoader, $globalVariables))->load();
        parent::__construct($config);
    }
}

Obviously 'useStrictAccess' => true is not needed here.

Just a quick reminder: the useStrictAccess option is set to false only if all the following conditions are met:

  • The access option is set
  • The access option is an expression
  • The access expression contains the object variable.

@murtukov
Treat useStrictAccess=null as true
da53696 
Also:
 - Remove accomplished todos
@murtukov murtukov requested a review from mcg-web July 9, 2020 03:35
@murtukov murtukov closed this Jul 9, 2020
@murtukov murtukov deleted the enhancement/use-strict-access branch July 9, 2020 03:36
@murtukov murtukov restored the enhancement/use-strict-access branch July 9, 2020 03:37
@murtukov murtukov reopened this Jul 9, 2020
@mcg-web
Copy link
Member

mcg-web commented Jul 9, 2020

Thank you @murtukov for the PR. You should add It's always true for mutations also.

@Vincz
Copy link
Collaborator

Vincz commented Jul 9, 2020

What does the useStrictAccess mean ?

@mcg-web
Copy link
Member

mcg-web commented Jul 9, 2020
edited
Loading

useStrictAccess mean that the access does not ACL using the result of the field resolver. In other words, it will not process the field resolver before checking if ACL is ok. In mutation context you can understand why it must always be set at true, in query it helps improve performance.

@Vincz
Copy link
Collaborator

Vincz commented Jul 9, 2020

Oh ok ! Thanks for the explanation.

@murtukov murtukov merged commit a67e6e3 into overblog:master Jul 9, 2020
@murtukov murtukov deleted the enhancement/use-strict-access branch July 9, 2020 12:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mcg-web mcg-web mcg-web approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@murtukov @mcg-web @Vincz