-
-
Notifications
You must be signed in to change notification settings - Fork 723
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Query Complexity #80
Comments
This is a nice way to annotate complexity and specify the multipliers. type Participant {
# The complexity of getting one thread in a thread connection is 3, and multiply that by the amount of threads fetched
threadConnection(first: PaginationAmount, after: String): ThreadConnection @cost(complexity: 3, multipliers: ["first"])
}
type Thread {
author: Author @cost(complexity: 1)
participants(first: PaginationAmount,...): [Participant] @cost(complexity: 2, multipliers: ["first"])
} |
Multipliers should be limited to built-in scalar types since the variables are not coerced at the time we validate. Since we have the schema we could coerce simple variables on the go. |
Look also at what the GitHub guys did. |
I will add support for variables to the validation rules. |
Fields can be annotated with the The algorithm for field complexity can be replaced by a custom algorithm. The complexity algorithm can be defined for all fields or one can opt to add a specific algorithm for specific fields. builder.AddOperationComplexityRule((field, complexity, multipliers) =>
{
// ... custom code
}); or builder.AddOperationComplexityRule(
"TypeName",
"FieldName",
(field, complexity, multipliers) =>
{
// ... custom code
}); |
This issue was closed by accident. |
This one is now implemented |
This feature shall provide more security options to the execution engine.
Sometimes, the depth of a query is not enough to truly know how large or expensive a GraphQL query will be. In a lot of cases, certain fields in our schema are known to be more complex to compute than others.
Query complexity allows you to define how complex these fields are, and to restrict queries with a maximum complexity. The idea is to define how complex each field is by using a simple number. A common default is to give each field a complexity of
1
. Take this query for example:A simple addition gives us a total of
3
for the complexity of this query. If we were to set a max complexity of2
on our schema, this query would fail.What if the
posts field is actually much more complex than the
author` field? We can set a different complexity to the field. We can even set a different complexity depending on arguments! Let’s take a look at a similar query, where posts has a variable complexity depending on its arguments:Query Complexity Pros
Query Complexity Cons
https://www.howtographql.com/advanced/4-security/
The text was updated successfully, but these errors were encountered: