Class: GraphQL::Language::SanitizedPrinter

Inherits:

Printer

• Object
• Printer
• GraphQL::Language::SanitizedPrinter

Defined in:

lib/graphql/language/sanitized_printer.rb

Overview

A custom printer used to print sanitized queries. It inlines provided variables within the query for facilitate logging and analysis of queries.

The printer returns nil if the query is invalid.

Since the GraphQL Ruby AST for a GraphQL query doesnt contain any reference on the type of fields or arguments, we have to track the current object, field and input type while printing the query.

Examples:

Printing a scrubbed string

printer = QueryPrinter.new(query)
puts printer.sanitized_query_string

See Also:

• {Query{Query#sanitized_query_string}

Constant Summary

REDACTED =

"\"<REDACTED>\""

Constants inherited from Printer

Printer::OMISSION

Instance Method Summary

• #coerce_argument_value_to_list?(type, value) ⇒ Boolean
• #initialize(query, inline_variables: true) ⇒ SanitizedPrinter constructor

  A new instance of SanitizedPrinter.

• #print_argument(argument) ⇒ Object
• #print_directive(directive) ⇒ Object
• #print_field(field, indent: "") ⇒ Object
• #print_fragment_definition(fragment_def, indent: "") ⇒ Object
• #print_inline_fragment(inline_fragment, indent: "") ⇒ Object
• #print_node(node, indent: "") ⇒ Object
• #print_operation_definition(operation_definition, indent: "") ⇒ Object

  Print the operation definition but do not include the variable definitions since we will inline them within the query.

• #print_variable_identifier(variable_id) ⇒ Object
• #redact_argument_value?(argument, value) ⇒ Boolean

  Indicates whether or not to redact non-null values for the given argument.

• #redacted_argument_value(argument) ⇒ Object

  Returns the value to use for redacted versions of the given argument.

• #sanitized_query_string ⇒ String^?

  A scrubbed query string, if the query was valid.

Methods inherited from Printer

#print

Constructor Details

#initialize(query, inline_variables: true) ⇒ SanitizedPrinter

Returns a new instance of SanitizedPrinter.

# File 'lib/graphql/language/sanitized_printer.rb', line 22

def initialize(query, inline_variables: true)
  @query = query
  @current_type = nil
  @current_field = nil
  @current_input_type = nil
  @inline_variables = inline_variables
end

Instance Method Details

#coerce_argument_value_to_list?(type, value) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/graphql/language/sanitized_printer.rb', line 99

def coerce_argument_value_to_list?(type, value)
  type.list? &&
    !value.is_a?(Array) &&
    !value.nil? &&
    !value.is_a?(GraphQL::Language::Nodes::VariableIdentifier)
end

#print_argument(argument) ⇒ Object

# File 'lib/graphql/language/sanitized_printer.rb', line 75

def print_argument(argument)
  # We won't have type information if we're recursing into a custom scalar
  return super if @current_input_type && @current_input_type.kind.scalar?

  arg_owner = @current_input_type || @current_directive || @current_field
  old_current_argument = @current_argument
  @current_argument = arg_owner.get_argument(argument.name, @query.context)

  old_input_type = @current_input_type
  @current_input_type = @current_argument.type.non_null? ? @current_argument.type.of_type : @current_argument.type

  argument_value = if coerce_argument_value_to_list?(@current_input_type, argument.value)
    [argument.value]
  else
    argument.value
  end

  print_string("#{argument.name}: ")
  print_node(argument_value)

  @current_input_type = old_input_type
  @current_argument = old_current_argument
end

#print_directive(directive) ⇒ Object

# File 'lib/graphql/language/sanitized_printer.rb', line 144

def print_directive(directive)
  @current_directive = query.schema.directives[directive.name]

  super

  @current_directive = nil
end

#print_field(field, indent: "") ⇒ Object

# File 'lib/graphql/language/sanitized_printer.rb', line 115

def print_field(field, indent: "")
  @current_field = query.types.field(@current_type, field.name)
  old_type = @current_type
  @current_type = @current_field.type.unwrap
  super
  @current_type = old_type
end

#print_fragment_definition(fragment_def, indent: "") ⇒ Object

# File 'lib/graphql/language/sanitized_printer.rb', line 135

def print_fragment_definition(fragment_def, indent: "")
  old_type = @current_type
  @current_type = query.get_type(fragment_def.type.name)

  super

  @current_type = old_type
end

#print_inline_fragment(inline_fragment, indent: "") ⇒ Object

# File 'lib/graphql/language/sanitized_printer.rb', line 123

def print_inline_fragment(inline_fragment, indent: "")
  old_type = @current_type

  if inline_fragment.type
    @current_type = query.get_type(inline_fragment.type.name)
  end

  super

  @current_type = old_type
end

#print_node(node, indent: "") ⇒ Object

# File 'lib/graphql/language/sanitized_printer.rb', line 39

def print_node(node, indent: "")
  case node
  when FalseClass, Float, Integer, String, TrueClass
    if @current_argument && redact_argument_value?(@current_argument, node)
      print_string(redacted_argument_value(@current_argument))
    else
      super
    end
  when Array
    old_input_type = @current_input_type
    if @current_input_type && @current_input_type.list?
      @current_input_type = @current_input_type.of_type
      @current_input_type = @current_input_type.of_type if @current_input_type.non_null?
    end

    super
    @current_input_type = old_input_type
  else
    super
  end
end

#print_operation_definition(operation_definition, indent: "") ⇒ Object

Print the operation definition but do not include the variable definitions since we will inline them within the query

# File 'lib/graphql/language/sanitized_printer.rb', line 154

def print_operation_definition(operation_definition, indent: "")
  old_type = @current_type
  @current_type = query.schema.public_send(operation_definition.operation_type)

  if @inline_variables
    print_string("#{indent}#{operation_definition.operation_type}")
    print_string(" #{operation_definition.name}") if operation_definition.name
    print_directives(operation_definition.directives)
    print_selections(operation_definition.selections, indent: indent)
  else
    super
  end

  @current_type = old_type
end

#print_variable_identifier(variable_id) ⇒ Object

# File 'lib/graphql/language/sanitized_printer.rb', line 106

def print_variable_identifier(variable_id)
  if @inline_variables
    variable_value = query.variables[variable_id.name]
    print_node(value_to_ast(variable_value, @current_input_type))
  else
    super
  end
end

#redact_argument_value?(argument, value) ⇒ Boolean

Indicates whether or not to redact non-null values for the given argument. Defaults to redacting all strings arguments but this can be customized by subclasses.

Returns:

• (Boolean)

# File 'lib/graphql/language/sanitized_printer.rb', line 63

def redact_argument_value?(argument, value)
  # Default to redacting any strings or custom scalars encoded as strings
  type = argument.type.unwrap
  value.is_a?(String) && type.kind.scalar? && (type.graphql_name == "String" || !type.default_scalar?)
end

#redacted_argument_value(argument) ⇒ Object

Returns the value to use for redacted versions of the given argument. Defaults to the string "".

# File 'lib/graphql/language/sanitized_printer.rb', line 71

def redacted_argument_value(argument)
  REDACTED
end

#sanitized_query_string ⇒ String^?

Returns A scrubbed query string, if the query was valid.

Returns:

• (String, nil) —

  A scrubbed query string, if the query was valid.

# File 'lib/graphql/language/sanitized_printer.rb', line 31

def sanitized_query_string
  if query.valid?
    print(query.document)
  else
    nil
  end
end