Basic limiting complexity of GraphQL queries
What does this MR do?
Add the initial work for limiting the complexities of GraphQL queries.
It makes all Types::BaseField
default to a complexity of 1.
Queries themselves now have limited complexity, scaled to the type of user: no user, authenticated user, or an admin user.
I currently placed the level of complexity very high (starting at 1000
). Otherwise specs were failing, such as
7) getting merge request information nested in a project behaves like a working graphql query returns a successful response
Got 2 failures:
Shared Example Group: "a working graphql query" called from ./spec/requests/api/graphql/project/merge_request_spec.rb:19
7.1) Failure/Error: expect(graphql_errors).to be_nil
expected: nil
got: [{"message"=>"Query has complexity of 832, which exceeds max complexity of 75"}]
Since other MRs will be based on this code, we set the limit high right now and will work towards reducing this in future MRs
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary [ ] Documentation created/updated via this MR[ ] Documentation reviewed by technical writer or follow-up review issue created-
Tests added for this feature/bug [ ] Tested in all supported browsers-
Conforms to the code review guidelines -
Conforms to the merge request performance guidelines -
Conforms to the style guides -
Conforms to the database guides - ~~[ ] Link to e2e tests MR added if this MR has Requires e2e tests label. See the Test Planning Process.~~
-
Security reports checked/validated by reviewer
Closes #58405 (closed)
Edited by Brett Walker