Comments (10)
Hi @patric-vinicios,
Thank you for opening the issue. You mentioned that Elixir is not allowing the conversion of a string field to an atom. That should normally not be an issue. Can you provide more context about this?
Regarding your PR, using String.to_atom
can introduce potential risks as it dynamically creates new atoms which aren't garbage-collected. String.to_existing_atom/1
would be the safer alternative here. It would raise an exception if the field doesn't exist as an atom. For that reason, I'm inclined to suggest handling the string-to-atom conversion outside the function. But again, I don't know the context in which you use the function. Could you shed some light on your use case?
from flop.
I created a filter that can recevive all the possibles operators. But the client is allowed to send an operator that does not match with an :integer
type, for example. That's because the managers asked for a dinamycally filter, where the frontend can send any type of filter in any field.
I need to test if the field is allowed to do that operation, but the problem is, We are using GraphQL (Absinthe), and the field name is sent as a string and the validation in the function is an atom. I tried to do the changes directally in my project, and worked fine as I needed.
Thanks for the advice about String.to_atom
. I didn't know about that.
from flop.
The Flop.validate
and Flop.validate_and_run
functions cast the filter field as atom and validate the filter operator. And if you want to validate the operator even before you call the query function, you need to call allowed_operators
directly, in which case you can convert the string field name to an atom before using the function. If you still think it's not possible, I'd need to see some code, because I still don't understand what you are trying to do.
from flop.
def call(entity, params, requested_relationships) do
case validate_filters(entity, params) do
true -> return_data(entity, requested_relationships, params)
false -> {:error, "Operators not allowed for some fields."}
end
end
defp validate_filters(entity, %{filters: filters} = _params) do
result =
Enum.all?(filters, fn filter ->
filter.op in Flop.Filter.allowed_operators(entity, filter.field)
end)
end
The GraphQL query send the field "name" as a string.
query {
listUsersBackoffice(params: {
page: 1
pageSize: 3
filters: [
{
value: "Sherlock"
op: "contains"
field: "name"
}
]
}) {
data {
id
name
}
}
}
The call
function calls validate_filters
. validate_filters compare if the field: "name"
has the op
"contains".
In this line filter.op in Flop.Filter.allowed_operators(entity, filter.field)
, filter.field
is a String, and the function only allows an atom and return an error.
I want to return to the frontend a list with the errors in which field and what are the allowed operators.
from flop.
Then this should be sufficient?
defp validate_filters(entity, %{filters: filters} = _params) do
result =
Enum.all?(filters, fn filter ->
filter.op in Flop.Filter.allowed_operators(entity, String.to_existing_atom(filter.field))
end)
end
Alternatively, you can rely on the errors that Flop would return. For that, you'd need to define an Absinthe middleware that converts the Flop error format (which is a nested keyword list, similar to what you get when you traverse changeset errors) into a supported error format.
from flop.
No, using String.to_existing_atom/1
does not work. It returns an erlang error instead.
Even using the Absinthe middlewares. And the goal is to return a list with the field and its operators allowed, not another error.
from flop.
But then you're PR doesn't help you either. You just move the function call somewhere else. If you don't want an error to be raised when an invalid field is passed, you need to rescue it.
from flop.
This PR resolves my main problem that is: I need to test if the field is allowed to do that operator, for now.
I done it in my deps/flop for a while and I have the error that my team expects for now.
I thought that could be useful to another dev that has the same problem when testing the field and operator using Absinthe.
from flop.
Again, your PR only moves String.to_existing_atom
from your code:
filter.op in Flop.Filter.allowed_operators(entity, String.to_existing_atom(filter.field))
to Flop. And I don't think it belongs there.
from flop.
Using String.to_existing_atom/1
raise an erlang error, for some reason. I will study the case, but for now I will not implement the necessary feature in the company API.
from flop.
Related Issues (20)
- [Bug] Flop compile failed HOT 3
- improve errors
- adapters: disable features
- Adapter.using macro
- Allow setting "no limit" in `validate_and_run` for totals HOT 3
- set filter limit
- Use Flop without @derive HOT 2
- [Question] - Dynamic Ops HOT 6
- Check valid operators for a given field HOT 1
- [Bug] HOT 1
- Allow sortable field to start in descending HOT 2
- Multi-tenancy through setting prefix HOT 1
- [Bug] :empty/:not_empty filters not working for SQLite HOT 1
- Filter groups AND/OR HOT 2
- How to sort by a String field in a case insensitive way? HOT 4
- [Bug] Join ruins pagination HOT 8
- How to have a page_size larger than 1000? HOT 2
- Filters with OR HOT 1
- Page results are incorrect for :desc ordering [Bug] HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from flop.