Make base views more resilient

Author: syrusakbary

src/graphql_server/http/async_base_view.py

@@ -205,14 +205,10 @@ async def execute_operation(
         request_data: GraphQLRequestData,
         context: Context,
         root_value: Optional[RootValue],
+        allowed_operation_types: set[OperationType],
     ) -> ExecutionResult:
         request_adapter = self.request_adapter_class(request)
 
-        allowed_operation_types = operation_type_from_http(request_adapter.method)
-
-        if not self.allow_queries_via_get and request_adapter.method == "GET":
-            allowed_operation_types = allowed_operation_types - {OperationType.QUERY}
-
         assert self.schema
 
         if request_data.protocol == "multipart-subscription":
@@ -331,12 +327,6 @@ async def run(
         request = cast("Request", request)
 
         request_adapter = self.request_adapter_class(request)
-        sub_response = await self.get_sub_response(request)
-        context = (
-            await self.get_context(request, response=sub_response)
-            if context is UNSET
-            else context
-        )
 
         if not self.is_request_allowed(request_adapter):
             raise HTTPException(405, "GraphQL only supports GET and POST requests.")
@@ -349,17 +339,38 @@ async def run(
         except KeyError as e:
             raise HTTPException(400, "File(s) missing in form data") from e
 
-        if self.should_render_graphql_ide(request_adapter):
+        allowed_operation_types = operation_type_from_http(request_adapter.method)
+
+        if not self.allow_queries_via_get and request_adapter.method == "GET":
+            allowed_operation_types = allowed_operation_types - {OperationType.QUERY}
+
+        if request_adapter.method == "GET":
+            if not self.allow_queries_via_get:
+                allowed_operation_types = allowed_operation_types - {
+                    OperationType.QUERY
+                }
+
+            should_render_graphql_ide = self.should_render_graphql_ide(request_adapter)
             if self.graphql_ide:
-                return await self.render_graphql_ide(request, request_data)
-            raise HTTPException(404, "Not Found")
+                if should_render_graphql_ide:
+                    return await self.render_graphql_ide(request, request_data)
+            elif should_render_graphql_ide:
+                raise HTTPException(404, "Not Found")  # pragma: no cover
+
+        sub_response = await self.get_sub_response(request)
+        context = (
+            await self.get_context(request, response=sub_response)
+            if context is UNSET
+            else context
+        )
 
         try:
             result = await self.execute_operation(
                 request=request,
                 request_data=request_data,
                 context=context,
                 root_value=root_value,
+                allowed_operation_types=allowed_operation_types,
             )
         except GraphQLValidationError as e:
             result = ExecutionResult(data=None, errors=e.errors)

src/graphql_server/http/sync_base_view.py

@@ -104,14 +104,10 @@ def execute_operation(
         request_data: GraphQLRequestData,
         context: Context,
         root_value: Optional[RootValue],
+        allowed_operation_types: set[OperationType],
     ) -> ExecutionResult:
         request_adapter = self.request_adapter_class(request)
 
-        allowed_operation_types = operation_type_from_http(request_adapter.method)
-
-        if not self.allow_queries_via_get and request_adapter.method == "GET":
-            allowed_operation_types = allowed_operation_types - {OperationType.QUERY}
-
         assert self.schema
 
         return execute_sync(
@@ -189,10 +185,20 @@ def run(
         except KeyError as e:
             raise HTTPException(400, "File(s) missing in form data") from e
 
-        if self.should_render_graphql_ide(request_adapter):
+        allowed_operation_types = operation_type_from_http(request_adapter.method)
+
+        if request_adapter.method == "GET":
+            if not self.allow_queries_via_get:
+                allowed_operation_types = allowed_operation_types - {
+                    OperationType.QUERY
+                }
+
+            should_render_graphql_ide = self.should_render_graphql_ide(request_adapter)
             if self.graphql_ide:
-                return self.render_graphql_ide(request, request_data)
-            raise HTTPException(404, "Not Found")
+                if should_render_graphql_ide:
+                    return self.render_graphql_ide(request, request_data)
+            elif should_render_graphql_ide:
+                raise HTTPException(404, "Not Found")  # pragma: no cover
 
         sub_response = self.get_sub_response(request)
         context = (
@@ -208,6 +214,7 @@ def run(
                 request_data=request_data,
                 context=context,
                 root_value=root_value,
+                allowed_operation_types=allowed_operation_types,
             )
         except HTTPException:
             raise