Merge branch 'main' into 2815-add-repo-signal-fields

Author: adrian-codecov

codecov/settings_base.py

@@ -106,6 +106,10 @@
 
 GRAPHQL_INTROSPECTION_ENABLED = False
 
+GRAPHQL_MAX_DEPTH = get_config("setup", "graphql", "max_depth", default=20)
+
+GRAPHQL_MAX_ALIASES = get_config("setup", "graphql", "max_aliases", default=10)
+
 # Database
 # https://docs.djangoproject.com/en/2.1/ref/settings/#databases
 

graphql_api/tests/test_validation.py

@@ -0,0 +1,100 @@
+from graphql import (
+    GraphQLField,
+    GraphQLObjectType,
+    GraphQLSchema,
+    GraphQLString,
+    parse,
+    validate,
+)
+
+from ..validation import (
+    create_max_aliases_rule,
+    create_max_depth_rule,
+)
+
+
+def resolve_field(*args):
+    return "test"
+
+
+QueryType = GraphQLObjectType(
+    "Query", {"field": GraphQLField(GraphQLString, resolve=resolve_field)}
+)
+schema = GraphQLSchema(query=QueryType)
+
+
+def validate_query(query, *rules):
+    ast = parse(query)
+    return validate(schema, ast, rules=rules)
+
+
+def test_max_depth_rule_allows_within_depth():
+    query = """
+    query {
+        field
+    }
+    """
+    errors = validate_query(query, create_max_depth_rule(2))
+    assert not errors, "Expected no errors for depth within the limit"
+
+
+def test_max_depth_rule_rejects_exceeding_depth():
+    query = """
+    query {
+        field {
+            field {
+                field
+            }
+        }
+    }
+    """
+    errors = validate_query(query, create_max_depth_rule(2))
+    assert errors, "Expected errors for exceeding depth limit"
+    assert any(
+        "Query depth exceeds the maximum allowed depth" in str(e) for e in errors
+    )
+
+
+def test_max_depth_rule_exact_depth():
+    query = """
+    query {
+        field
+    }
+    """
+    errors = validate_query(query, create_max_depth_rule(2))
+    assert not errors, "Expected no errors when query depth matches the limit"
+
+
+def test_max_aliases_rule_allows_within_alias_limit():
+    query = """
+    query {
+        alias1: field
+        alias2: field
+    }
+    """
+    errors = validate_query(query, create_max_aliases_rule(2))
+    assert not errors, "Expected no errors for alias count within the limit"
+
+
+def test_max_aliases_rule_rejects_exceeding_alias_limit():
+    query = """
+    query {
+        alias1: field
+        alias2: field
+        alias3: field
+    }
+    """
+    errors = validate_query(query, create_max_aliases_rule(2))
+    assert errors, "Expected errors for exceeding alias limit"
+    assert any("Query uses too many aliases" in str(e) for e in errors)
+
+
+def test_max_aliases_rule_exact_alias_limit():
+    query = """
+    query {
+        alias1: field
+        alias2: field
+    }
+    """
+    errors = validate_query(query, create_max_aliases_rule(2))
+    assert not errors, "Expected no errors when alias count matches the limit"

graphql_api/tests/test_views.py

@@ -113,7 +113,7 @@ async def test_when_debug_is_false_and_exception_we_know(self):
         assert data["errors"][0]["type"] == "Unauthorized"
         assert data["errors"][0].get("extensions") is None
 
-    @override_settings(DEBUG=False)
+    @override_settings(DEBUG=True)
     async def test_when_bad_query(self):
         schema = generate_schema_that_raise_with(Unauthorized())
         data = await self.do_query(schema, " { fieldThatDoesntExist }")
@@ -123,6 +123,13 @@ async def test_when_bad_query(self):
             == "Cannot query field 'fieldThatDoesntExist' on type 'Query'."
         )
 
+    @override_settings(DEBUG=False)
+    async def test_when_bad_query_and_anonymous(self):
+        schema = generate_schema_that_raise_with(Unauthorized())
+        data = await self.do_query(schema, " { fieldThatDoesntExist }")
+        assert data["errors"] is not None
+        assert data["errors"][0]["message"] == "INTERNAL SERVER ERROR"
+
     @override_settings(DEBUG=False, GRAPHQL_QUERY_COST_THRESHOLD=1000)
     @patch("logging.Logger.error")
     async def test_when_costly_query(self, mock_error_logger):

graphql_api/validation.py

@@ -0,0 +1,65 @@
+from typing import Any, Type
+
+from graphql import GraphQLError, ValidationRule
+from graphql.language.ast import DocumentNode, FieldNode, OperationDefinitionNode
+from graphql.validation import ValidationContext
+
+
+def create_max_depth_rule(max_depth: int) -> Type[ValidationRule]:
+    class MaxDepthRule(ValidationRule):
+        def __init__(self, context: ValidationContext) -> None:
+            super().__init__(context)
+            self.operation_depth: int = 1
+            self.max_depth_reached: bool = False
+            self.max_depth: int = max_depth
+
+        def enter_operation_definition(
+            self, node: OperationDefinitionNode, *_args: Any
+        ) -> None:
+            self.operation_depth = 1
+            self.max_depth_reached = False
+
+        def enter_field(self, node: FieldNode, *_args: Any) -> None:
+            self.operation_depth += 1
+
+            if self.operation_depth > self.max_depth and not self.max_depth_reached:
+                self.max_depth_reached = True
+                self.report_error(
+                    GraphQLError(
+                        "Query depth exceeds the maximum allowed depth",
+                        node,
+                    )
+                )
+
+        def leave_field(self, node: FieldNode, *_args: Any) -> None:
+            self.operation_depth -= 1
+
+    return MaxDepthRule
+
+
+def create_max_aliases_rule(max_aliases: int) -> Type[ValidationRule]:
+    class MaxAliasesRule(ValidationRule):
+        def __init__(self, context: ValidationContext) -> None:
+            super().__init__(context)
+            self.alias_count: int = 0
+            self.has_reported_error: bool = False
+            self.max_aliases: int = max_aliases
+
+        def enter_document(self, node: DocumentNode, *_args: Any) -> None:
+            self.alias_count = 0
+            self.has_reported_error = False
+
+        def enter_field(self, node: FieldNode, *_args: Any) -> None:
+            if node.alias:
+                self.alias_count += 1
+
+                if self.alias_count > self.max_aliases and not self.has_reported_error:
+                    self.has_reported_error = True
+                    self.report_error(
+                        GraphQLError(
+                            "Query uses too many aliases",
+                            node,
+                        )
+                    )
+
+    return MaxAliasesRule

graphql_api/views.py

@@ -28,6 +28,7 @@
 from services.redis_configuration import get_redis_connection
 
 from .schema import schema
+from .validation import create_max_aliases_rule, create_max_depth_rule
 
 log = logging.getLogger(__name__)
 
@@ -188,7 +189,7 @@ def __exit__(self, exc_type, exc_value, exc_traceback):
 class AsyncGraphqlView(GraphQLAsyncView):
     schema = schema
     extensions = [QueryMetricsExtension]
-    introspection = getattr(settings, "GRAPHQL_INTROSPECTION_ENABLED", False)
+    introspection = settings.GRAPHQL_INTROSPECTION_ENABLED
 
     def get_validation_rules(
         self,
@@ -197,11 +198,13 @@ def get_validation_rules(
         data: dict,
     ) -> Optional[Collection]:
         return [
+            create_max_aliases_rule(max_aliases=settings.GRAPHQL_MAX_ALIASES),
+            create_max_depth_rule(max_depth=settings.GRAPHQL_MAX_DEPTH),
             cost_validator(
                 maximum_cost=settings.GRAPHQL_QUERY_COST_THRESHOLD,
                 default_cost=1,
                 variables=data.get("variables"),
-            )
+            ),
         ]
 
     validation_rules = get_validation_rules  # type: ignore
@@ -293,6 +296,8 @@ async def post(self, request, *args, **kwargs):
 
     def context_value(self, request, *_):
         request_body = json.loads(request.body.decode("utf-8")) if request.body else {}
+        self.request = request
+
         return {
             "request": request,
             "service": request.resolver_match.kwargs["service"],
@@ -301,9 +306,11 @@ def context_value(self, request, *_):
         }
 
     def error_formatter(self, error, debug=False):
+        user = self.request.user
+        is_anonymous = user.is_anonymous if user else True
         # the only way to check for a malformed query
         is_bad_query = "Cannot query field" in error.formatted["message"]
-        if debug or is_bad_query:
+        if debug or (not is_anonymous and is_bad_query):
             return format_error(error, debug)
         formatted = error.formatted
         formatted["message"] = "INTERNAL SERVER ERROR"

upload/helpers.py

@@ -754,9 +754,9 @@ def dispatch_upload_task(
 
 def validate_activated_repo(repository):
     if repository.active and not repository.activated:
-        settings_url = f"{settings.CODECOV_DASHBOARD_URL}/{repository.author.service}/{repository.author.username}/{repository.name}/settings"
+        config_url = f"{settings.CODECOV_DASHBOARD_URL}/{repository.author.service}/{repository.author.username}/{repository.name}/config/general"
         raise ValidationError(
-            f"This repository is deactivated. To resume uploading to it, please activate the repository in the codecov UI: {settings_url}"
+            f"This repository is deactivated. To resume uploading to it, please activate the repository in the codecov UI: {config_url}"
         )
 
 

upload/tests/test_helpers.py

@@ -259,12 +259,12 @@ def test_validate_upload_too_many_uploads_for_commit(
 
 def test_deactivated_repo(db, mocker):
     repository = RepositoryFactory.create(active=True, activated=False)
-    settings_url = f"{settings.CODECOV_DASHBOARD_URL}/{repository.author.service}/{repository.author.username}/{repository.name}/settings"
+    config_url = f"{settings.CODECOV_DASHBOARD_URL}/{repository.author.service}/{repository.author.username}/{repository.name}/config/general"
 
     with pytest.raises(ValidationError) as exp:
         validate_activated_repo(repository)
     assert exp.match(
-        f"This repository is deactivated. To resume uploading to it, please activate the repository in the codecov UI: {settings_url}"
+        f"This repository is deactivated. To resume uploading to it, please activate the repository in the codecov UI: {config_url}"
     )
 
 

upload/tests/views/test_commits.py

@@ -68,7 +68,7 @@ def test_deactivated_repo(db):
     response_json = response.json()
     assert response.status_code == 400
     assert response_json == [
-        f"This repository is deactivated. To resume uploading to it, please activate the repository in the codecov UI: {settings.CODECOV_DASHBOARD_URL}/github/codecov/the_repo/settings"
+        f"This repository is deactivated. To resume uploading to it, please activate the repository in the codecov UI: {settings.CODECOV_DASHBOARD_URL}/github/codecov/the_repo/config/general"
     ]
 
 

upload/tests/views/test_reports.py

@@ -65,7 +65,7 @@ def test_deactivated_repo(db):
     response_json = response.json()
     assert response.status_code == 400
     assert response_json == [
-        f"This repository is deactivated. To resume uploading to it, please activate the repository in the codecov UI: {settings.CODECOV_DASHBOARD_URL}/github/codecov/the_repo/settings"
+        f"This repository is deactivated. To resume uploading to it, please activate the repository in the codecov UI: {settings.CODECOV_DASHBOARD_URL}/github/codecov/the_repo/config/general"
     ]
 
 

upload/tests/views/test_uploads.py

@@ -793,7 +793,7 @@ def test_deactivated_repo(db, mocker, mock_redis):
     response_json = response.json()
     assert response.status_code == 400
     assert response_json == [
-        f"This repository is deactivated. To resume uploading to it, please activate the repository in the codecov UI: {settings.CODECOV_DASHBOARD_URL}/github/codecov/the_repo/settings"
+        f"This repository is deactivated. To resume uploading to it, please activate the repository in the codecov UI: {settings.CODECOV_DASHBOARD_URL}/github/codecov/the_repo/config/general"
     ]