graphql-python/graphene
1
1
Fork 0
mirror of https://github.com/graphql-python/graphene.git synced 2025-11-04 01:47:45 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix: raise proper error when UUID parsing fails (#1582)

Browse Source 
* Do not raise AttributeError when parsing non-string UUIDs

When a user sends a dictionary or other object as a UUID variable like `{[123]}`, previously graphene crashed with an `AttributeError`, like this:

```
(…)
  File "…/lib/python3.12/site-packages/graphql/utils/is_valid_value.py", line 78, in is_valid_value
    parse_result = type.parse_value(value)
                   ^^^^^^^^^^^^^^^^^^^^^^^
  File "…/lib/python3.12/site-packages/graphene/types/uuid.py", line 33, in parse_value
    return _UUID(value)
           ^^^^^^^^^^^^
  File "/usr/lib/python3.12/uuid.py", line 175, in __init__
    hex = hex.replace('urn:', '').replace('uuid:', '')
          ^^^^^^^^^^^
AttributeError: 'dict' object has no attribute 'replace'
```

But an `AttributeError` makes it seem like this is the server's fault, when it's obviously the client's.

Report a proper GraphQLError.

* fix: adjust exception message structure

---------

Co-authored-by: Erik Wrede <erikwrede@users.noreply.github.com>
This commit is contained in:
Philipp Hagemeister 2024-11-09 21:42:51 +01:00 committed by GitHub
parent b3db1c0cb2
commit 4a274b8424
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
graphene/types/tests/test_uuid.py
View File

@ -36,6 +36,21 @@ def test_uuidstring_query_variable():
assert result.data == {"uuid": uuid_value} assert result.data == {"uuid": uuid_value}
def test_uuidstring_invalid_argument():
uuid_value = {"not": "a string"}
result = schema.execute(
"""query Test($uuid: UUID){ uuid(input: $uuid) }""",
variables={"uuid": uuid_value},
)
assert result.errors
assert len(result.errors) == 1
assert (
result.errors[0].message
== "Variable '$uuid' got invalid value {'not': 'a string'}; UUID cannot represent value: {'not': 'a string'}"
)
def test_uuidstring_optional_uuid_input(): def test_uuidstring_optional_uuid_input():
""" """
Test that we can provide a null value to an optional input Test that we can provide a null value to an optional input

8
graphene/types/uuid.py
View File

@ -1,5 +1,6 @@
from uuid import UUID as _UUID from uuid import UUID as _UUID
from graphql.error import GraphQLError
from graphql.language.ast import StringValueNode from graphql.language.ast import StringValueNode
from graphql import Undefined from graphql import Undefined
@ -28,4 +29,9 @@ class UUID(Scalar):
@staticmethod @staticmethod
def parse_value(value): def parse_value(value):
return _UUID(value) if isinstance(value, _UUID):
return value
try:
return _UUID(value)
except (ValueError, AttributeError):
raise GraphQLError(f"UUID cannot represent value: {repr(value)}")