From b882e997e18c0d63aa7a4507df9b71c81c1970d1 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Sun, 15 May 2022 13:29:29 -0500 Subject: graphql: T3993: disable introspection unless set in CLI --- src/conf_mode/http-api.py | 2 ++ src/services/vyos-http-api-server | 7 +++++-- 2 files changed, 7 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/conf_mode/http-api.py b/src/conf_mode/http-api.py index 1ea7b86cd..04113fc09 100755 --- a/src/conf_mode/http-api.py +++ b/src/conf_mode/http-api.py @@ -68,6 +68,8 @@ def get_config(config=None): if conf.exists('gql'): http_api['gql'] = True + if conf.exists('gql introspection'): + http_api['introspection'] = True if conf.exists('socket'): http_api['socket'] = True diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server index e9b904ba8..af8837e1e 100755 --- a/src/services/vyos-http-api-server +++ b/src/services/vyos-http-api-server @@ -654,11 +654,13 @@ def graphql_init(fast_api_app): schema = generate_schema() + in_spec = app.state.vyos_introspection + if app.state.vyos_origins: origins = app.state.vyos_origins - app.add_route('/graphql', CORSMiddleware(GraphQL(schema, debug=True), allow_origins=origins, allow_methods=("GET", "POST", "OPTIONS"))) + app.add_route('/graphql', CORSMiddleware(GraphQL(schema, debug=True, introspection=in_spec), allow_origins=origins, allow_methods=("GET", "POST", "OPTIONS"))) else: - app.add_route('/graphql', GraphQL(schema, debug=True)) + app.add_route('/graphql', GraphQL(schema, debug=True, introspection=in_spec)) ### @@ -684,6 +686,7 @@ if __name__ == '__main__': app.state.vyos_debug = server_config['debug'] app.state.vyos_gql = server_config['gql'] + app.state.vyos_introspection = server_config['introspection'] app.state.vyos_strict = server_config['strict'] app.state.vyos_origins = server_config.get('cors', {}).get('origins', []) -- cgit v1.2.3