diff options
| author | John Estabrook <jestabro@vyos.io> | 2022-05-15 13:29:29 -0500 |
|---|---|---|
| committer | John Estabrook <jestabro@vyos.io> | 2022-07-24 08:44:58 -0500 |
| commit | b882e997e18c0d63aa7a4507df9b71c81c1970d1 (patch) | |
| tree | 0cc2f075a1b8728e144eb13b999ae25cac98fdd3 | |
| parent | 02beb3ead3783ce18087c897c4871786449c6bd1 (diff) | |
| download | vyos-1x-b882e997e18c0d63aa7a4507df9b71c81c1970d1.tar.gz vyos-1x-b882e997e18c0d63aa7a4507df9b71c81c1970d1.zip | |
graphql: T3993: disable introspection unless set in CLI
| -rw-r--r-- | interface-definitions/https.xml.in | 13 | ||||
| -rw-r--r-- | python/vyos/defaults.py | 1 | ||||
| -rwxr-xr-x | src/conf_mode/http-api.py | 2 | ||||
| -rwxr-xr-x | src/services/vyos-http-api-server | 7 |
4 files changed, 18 insertions, 5 deletions
diff --git a/interface-definitions/https.xml.in b/interface-definitions/https.xml.in index 775fae122..d096c4ff1 100644 --- a/interface-definitions/https.xml.in +++ b/interface-definitions/https.xml.in @@ -107,12 +107,19 @@ <valueless/> </properties> </leafNode> - <leafNode name="gql"> + <node name="gql"> <properties> <help>GraphQL support</help> - <valueless/> </properties> - </leafNode> + <children> + <leafNode name="introspection"> + <properties> + <help>Schema introspection</help> + <valueless/> + </properties> + </leafNode> + </children> + </node> <node name="cors"> <properties> <help>Set CORS options</help> diff --git a/python/vyos/defaults.py b/python/vyos/defaults.py index fcb6a7fbc..2ac3b7ea3 100644 --- a/python/vyos/defaults.py +++ b/python/vyos/defaults.py @@ -49,6 +49,7 @@ api_data = { 'socket' : False, 'strict' : False, 'gql' : False, + 'introspection' : False, 'debug' : False, 'api_keys' : [ {"id": "testapp", "key": "qwerty"} ] } diff --git a/src/conf_mode/http-api.py b/src/conf_mode/http-api.py index 1ea7b86cd..04113fc09 100755 --- a/src/conf_mode/http-api.py +++ b/src/conf_mode/http-api.py @@ -68,6 +68,8 @@ def get_config(config=None): if conf.exists('gql'): http_api['gql'] = True + if conf.exists('gql introspection'): + http_api['introspection'] = True if conf.exists('socket'): http_api['socket'] = True diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server index e9b904ba8..af8837e1e 100755 --- a/src/services/vyos-http-api-server +++ b/src/services/vyos-http-api-server @@ -654,11 +654,13 @@ def graphql_init(fast_api_app): schema = generate_schema() + in_spec = app.state.vyos_introspection + if app.state.vyos_origins: origins = app.state.vyos_origins - app.add_route('/graphql', CORSMiddleware(GraphQL(schema, debug=True), allow_origins=origins, allow_methods=("GET", "POST", "OPTIONS"))) + app.add_route('/graphql', CORSMiddleware(GraphQL(schema, debug=True, introspection=in_spec), allow_origins=origins, allow_methods=("GET", "POST", "OPTIONS"))) else: - app.add_route('/graphql', GraphQL(schema, debug=True)) + app.add_route('/graphql', GraphQL(schema, debug=True, introspection=in_spec)) ### @@ -684,6 +686,7 @@ if __name__ == '__main__': app.state.vyos_debug = server_config['debug'] app.state.vyos_gql = server_config['gql'] + app.state.vyos_introspection = server_config['introspection'] app.state.vyos_strict = server_config['strict'] app.state.vyos_origins = server_config.get('cors', {}).get('origins', []) |