Query complexity

[abhikmitra]

Fixes #36
Adds an option parameter called complexity to the field decorator.

[codecov]

Codecov Report

Merging #139 into master will increase coverage by 0.01%.
The diff coverage is 100%.

@@            Coverage Diff             @@
##           master     #139      +/-   ##
==========================================
+ Coverage   95.08%   95.09%   +0.01%     
==========================================
  Files          60       60              
  Lines         956      958       +2     
  Branches      170      170              
==========================================
+ Hits          909      911       +2     
  Misses         46       46              
  Partials        1        1

Impacted Files	Coverage Δ
src/decorators/FieldResolver.ts	93.33% <ø> (ø)	⬆️
src/schema/schema-generator.ts	96.95% <ø> (ø)	⬆️
src/decorators/Field.ts	100% <ø> (ø)	⬆️
src/helpers/handlers.ts	80% <ø> (ø)	⬆️
src/metadata/metadata-storage.ts	100% <100%> (ø)	⬆️
src/interfaces/index.ts	100% <100%> (ø)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e1b0e0b...8597c7d. Read the comment docs.

[MichalLytek]

1. What about queries, mutations and subscriptions? Please add proper changes also to them.
2. query-complexity is not a simple-usage - please create a separate example folder with comments in code how and why we setup validationRules
3. no implicit any - please describe the types of graphql-query-complexity module in the way that we use, along with interfaces merging to extend GraphQLFieldConfig interface
4. add proper tests for this feature - registering in metadata storage, as well as simple check if the validation works (one query that pass, one that fails)
5. It might be useful to add proper section in docs about this integration, how to use it, etc.

I think I need to make a list of all things that PRs have to provide to be merged 😉

[MichalLytek]

graphql-query-complexity allows to calculate it dynamically: complexity: (args, childComplexity) => childComplexity * args.count,

[MichalLytek]

Please add tests also for queries and field resolver as they dynamically add fields to object types too.
Also please create proper documentation of this feature in advanced section, with tutorial how to use it and setup, just like authorization have.

[MichalLytek]

I think that this might become obsolete soon 😕
slicknode/graphql-query-complexity@f7713b2
We should just wait with this PR for publishing that package with types.

[abhikmitra]

I compiled his code in TSC and put the types. So it would be similar when he publishes.

[MichalLytek]

Partially - newest version is flattened to a single file, so there will be no graphql-query-complexity/dist/QueryComplexity and also it's weird to have typings on repo rather than publish it on DefinitelyTyped. So let's wait a few days and decide what @ivome will do 😉

[MichalLytek]

here we can declare the maximum cost of the queries, it can be dynamically and depend on user privileges

[MichalLytek]

we also have to pass the query variables to the queryComplexity validator

[MichalLytek]

We can also react on complexity calculation and do something (@abhikmitra I don't know why we show example with console.log btw 😆)

[abhikmitra]

Sure what do you have in your mind other than console log ? I just followed the same format as what is followed in graphql-query-complexity repo

[MichalLytek]

I think here you can subtract the amount from user's account points fund.

[MichalLytek]

Remove this from simple-usage

[MichalLytek]

Should we explicitly put 1 here? Isn't it default behavior of graphql-query-complexity?

[abhikmitra]

@19majkel94 So all fieldResolvers will always have a corresponding field type right ? Complexity is respected on field type and would not be respected on @fieldResolvers . Is that ok ?

Should we stop allowing complexity on field resolvers ?

[MichalLytek]

@abhikmitra
It's a bit complex 😄
For now field resolvers overwrite authorizations and args settings for the field:
https://github.com/19majkel94/type-graphql/blob/d45829c60f7a9e4a9c49d9df7f95012b31229069/src/metadata/metadata-storage.ts#L206-L215
So it should also overwrite complexity property if provided in decorator option.

And now with the fresh eyesight, my design of metadata building is awful 🤢

[abhikmitra]

Fixed your comments . Let me know what else you need.

[MichalLytek]

PascalCase for decorators names and always wrap in backticks

[MichalLytek]

Please remove also all this not needed fields - keep focus only on complexity feature, the Recipe is just the background.

[MichalLytek]

This one is not needed.

[MichalLytek]

it should register complexity info for field

[MichalLytek]

Could you create a helper function in this describe suite to avoid duplication in this three it test cases?

[MichalLytek]

For more info about how query complexity is computed, please visit graphql-query-complexity docs.

[MichalLytek]

Move You can pass complexity as option to any... above this, place it below You can omit the complexity.

[MichalLytek]

Maybe show a field with args and show how to use complexityResolver?

[MichalLytek]

• fix graphQl
• ...can potentially generate huge workload for a server, like thousands of database operations.
• maybe we should also mention DDoS and recursive queries, like user -> posts (1000) -> user -> posts (1000)

[MichalLytek]

@abhikmitra
Looks like there's no response from @ivome. Could you extract the typings and publish it to https://github.com/DefinitelyTyped/DefinitelyTyped for now? I don't want to block this PR, we can later upgrade the dependency when 0.2.x release of graphql-query-complexity will be published.

[ivome]

Sorry for the late reply. I just release a new version of graphql-query-complexity with some major changes, deprecations and new features, type definitions in the package etc.
Check the docs of the repository for more information.

[MichalLytek]

@ivome Thanks! 🎉

@abhikmitra Please check new features of graphql-query-complexity v0.2.0 and align this PR to that changes, removing our local @types folder 😉

[abhikmitra]

@19majkel94 I upgraded to 0.2.0

[MichalLytek]

Is it really to hard to write GraphQL? Copy and paste? 😆

[abhikmitra]

fixed

[MichalLytek]

space - complexity: 2 })

[abhikmitra]

fixed

[MichalLytek]

It's not a good suggestion - which one, directives?

[abhikmitra]

removed

[MichalLytek]

Here should be comment that this one is mandatory to make it works

[abhikmitra]

done

[MichalLytek]

And that here we can define the default value for field not explicitly annotated.

[abhikmitra]

done

[MichalLytek]

There is a ComplexityEstimator type that we should use - complexity function can return void to fallback to default complexity

[MichalLytek]

What is the reason of that? Declaration merging isn't working?
https://github.com/slicknode/graphql-query-complexity/blob/157285004e22eed3ca1ab1b43226d671f0c3affb/src/QueryComplexity.ts#L32-L36

[abhikmitra]

Getting this error if I remove this

[MichalLytek]

@abhikmitra
Please create our own type type Complexity = ComplexityEstimator | number and replace all of imports of this from "graphql-query-complexity" in metadata storage & others.

[abhikmitra]

@19majkel94 anything else ?

[MichalLytek]

@abhikmitra Thank you very much for your contribution! ❤️