fix password rewriting #5256
fix password rewriting #5256
Conversation
MichaelJCompton
added
the
area/graphql
There was a problem hiding this comment.
Reviewed 2 of 2 files at r1.
Reviewable status: all files reviewed, 2 unresolved discussions (waiting on @manishrjain and @MichaelJCompton)
graphql/resolve/query_test.yaml, line 1157 at r1 (raw file):
gqlquery: | query { checkUserPassword(name: "user1", pwd: "Password") {
Is there a test which uses an ID as well? If not could we add one and make sure the filter is added for it as well.
graphql/resolve/query_test.yaml, line 1163 at r1 (raw file):
dgquery: |- query { checkUserPassword(func: eq(User.name, "user1")) @filter((eq(val(pwd), 1) AND type(User))) {
Just a thought here for later, this query could be optimized to the following
checkUserPassword(func: uid(pwd)) @filter(eq(val(pwd), 1)) {
...
}
Since we already have the uid stored inside pwd from the other query.
There was a problem hiding this comment.
Reviewable status: all files reviewed, 2 unresolved discussions (waiting on @id, @manishrjain, and @pawanrawal)
graphql/resolve/query_test.yaml, line 1157 at r1 (raw file):
Previously, pawanrawal (Pawan Rawal) wrote…
Is there a test which uses an ID as well? If not could we add one and make sure the filter is added for it as well.
Looks like it only works for @id fields at the moment.
graphql/resolve/query_test.yaml, line 1163 at r1 (raw file):
Previously, pawanrawal (Pawan Rawal) wrote…
Just a thought here for later, this query could be optimized to the following
checkUserPassword(func: uid(pwd)) @filter(eq(val(pwd), 1)) { ... }Since we already have the uid stored inside
pwdfrom the other query.
I've put up a card to look into this feature some more. There's the id thing above and some other odd corners.
This reverts commit d9db7c7.
(cherry picked from commit 4687538)
(cherry picked from commit 4687538) Co-authored-by: Michael Compton <[email protected]>
Looks like it's missing type information in the check.
This change is
Docs Preview: