CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-28 19:20:25 +12:00
Code Issues Projects Releases Wiki Activity

Use abuse status instead of dev/prod for graphql abuse check

Browse source
This commit is contained in:
Jake Barnby 2022-10-28 20:12:11 +13:00
parent c23cca950a
commit db49e962f4
No known key found for this signature in database
GPG key ID: C437A8CC85B96E9C
2 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/api/graphql.php
View file

@ -137,7 +137,7 @@ function execute(
$flags = DebugFlag::INCLUDE_DEBUG_MESSAGE | DebugFlag::INCLUDE_TRACE;
$validations = GraphQL::getStandardValidationRules();
if (App::isProduction()) {
if (App::getEnv('_APP_OPTIONS_ABUSE', 'enabled') !== 'disabled') {
$validations[] = new DisableIntrospection();
$validations[] = new QueryComplexity($maxComplexity);
$validations[] = new QueryDepth($maxDepth);

4
tests/e2e/Services/GraphQL/AbuseTest.php
View file

@ -20,8 +20,8 @@ class AbuseTest extends Scope
{
parent::setUp();
if (App::isDevelopment()) {
$this->markTestSkipped('Skipping abuse test in development environment');
if (App::getEnv('_APP_OPTIONS_ABUSE') === 'disabled') {
$this->markTestSkipped('Abuse is not enabled.');
}
}