diff --git a/server/src-lib/Hasura/RQL/DML/Internal.hs b/server/src-lib/Hasura/RQL/DML/Internal.hs index 3e0f475cb84bc..3015230fc0abb 100644 --- a/server/src-lib/Hasura/RQL/DML/Internal.hs +++ b/server/src-lib/Hasura/RQL/DML/Internal.hs @@ -322,6 +322,8 @@ simplifyError txErr = do ("42704", msg) -> return (ConstraintError, msg) -- invalid input values ("22007", msg) -> return (DataException, msg) + -- invalid escape sequence + ("22025", msg) -> return (BadRequest, msg) _ -> Nothing -- validate limit and offset int values diff --git a/server/src-lib/Hasura/RQL/Types/Error.hs b/server/src-lib/Hasura/RQL/Types/Error.hs index c1a835795d06e..16912f90ff403 100644 --- a/server/src-lib/Hasura/RQL/Types/Error.hs +++ b/server/src-lib/Hasura/RQL/Types/Error.hs @@ -72,6 +72,7 @@ data Code | AlreadyInit | ConstraintViolation | DataException + | BadRequest -- Graphql error | NoTables | ValidationFailed @@ -92,6 +93,7 @@ instance Show Code where show = \case NotNullViolation -> "not-null-violation" DataException -> "data-exception" + BadRequest -> "bad-request" ConstraintViolation -> "constraint-violation" PermissionDenied -> "permission-denied" NotExists -> "not-exists" diff --git a/server/tests-py/queries/graphql_query/basic/select_query_invalid_escape_sequence.yaml b/server/tests-py/queries/graphql_query/basic/select_query_invalid_escape_sequence.yaml new file mode 100644 index 0000000000000..3d8760910b73d --- /dev/null +++ b/server/tests-py/queries/graphql_query/basic/select_query_invalid_escape_sequence.yaml @@ -0,0 +1,18 @@ +description: GraphQL query with invalid escape sequence +url: /v1/graphql +status: 200 +response: + errors: + - extensions: + code: bad-request + path: $ + message: |- + LIKE pattern must not end with escape character +query: + query: | + query { + person(where: {name: {_like: "John\\"}}) { + id + name + } + } diff --git a/server/tests-py/queries/graphql_query/basic/setup.yaml b/server/tests-py/queries/graphql_query/basic/setup.yaml index 2d7f8ef8df7bc..0a74ff2bfbc3a 100644 --- a/server/tests-py/queries/graphql_query/basic/setup.yaml +++ b/server/tests-py/queries/graphql_query/basic/setup.yaml @@ -271,6 +271,23 @@ args: - name: User 2 number: '123456780' +- type: run_sql + args: + sql: | + create table person ( + id serial primary key, + name text + ); +- type: track_table + args: + schema: public + name: person +- type: insert + args: + table: person + objects: + - name: "John\\" + #Set timezone - type: run_sql args: diff --git a/server/tests-py/queries/graphql_query/basic/teardown.yaml b/server/tests-py/queries/graphql_query/basic/teardown.yaml index ca2c603b7db49..2357b646ee44c 100644 --- a/server/tests-py/queries/graphql_query/basic/teardown.yaml +++ b/server/tests-py/queries/graphql_query/basic/teardown.yaml @@ -29,6 +29,11 @@ args: sql: | drop table "user" +- type: run_sql + args: + sql: | + drop table person + - type: run_sql args: sql: | diff --git a/server/tests-py/test_graphql_queries.py b/server/tests-py/test_graphql_queries.py index bbaa5f50ba1cb..4ed14de124a05 100644 --- a/server/tests-py/test_graphql_queries.py +++ b/server/tests-py/test_graphql_queries.py @@ -50,6 +50,10 @@ def test_nested_select_with_foreign_key_alter(self, hge_ctx, transport): transport = 'http' check_query_f(hge_ctx, self.dir() + "/nested_select_with_foreign_key_alter.yaml", transport) + def test_select_query_invalid_escape_sequence(self, hge_ctx, transport): + transport = 'http' + check_query_f(hge_ctx, self.dir() + "/select_query_invalid_escape_sequence.yaml", transport) + @classmethod def dir(cls): return 'queries/graphql_query/basic'