Merge pull request #1471 from aml-org/W-11047878

W-11047878: Add invalid name validation for GraphQL

amf-api-contract/shared/src/main/scala/amf/apicontract/internal/validation/model/AMFRawValidations.scala

@@ -1546,7 +1546,13 @@ object AMFRawValidations {
  }
 
  object GraphQLValidations extends ProfileValidations {
- private lazy val result = Seq()
+ private lazy val result = Seq(
+ AMFValidation(
+ message = "Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system",
+ owlClass = doc("DomainElement"),
+ owlProperty = sh("name"),
+ constraint = shape("invalidIntrospectionName")
+ ))
  override def validations(): Seq[AMFValidation] = result
  }
 

amf-api-contract/shared/src/main/scala/amf/apicontract/internal/validation/shacl/CustomShaclFunctions.scala

@@ -11,19 +11,20 @@ import amf.apicontract.internal.metamodel.domain.security.{
 import amf.apicontract.internal.metamodel.domain.{CallbackModel, CorrelationIdModel, ParameterModel, TemplatedLinkModel}
 import amf.apicontract.internal.validation.runtimeexpression.{AsyncExpressionValidator, Oas3ExpressionValidator}
 import amf.core.client.scala.model.domain._
-import amf.core.client.scala.model.domain.extensions.PropertyShape
+import amf.core.client.scala.model.domain.extensions.{CustomDomainProperty, PropertyShape}
 import amf.core.internal.annotations.SynthesizedField
-import amf.core.internal.metamodel.domain.extensions.PropertyShapeModel
+import amf.core.internal.metamodel.domain.common.NameFieldSchema
+import amf.core.internal.metamodel.domain.extensions.{CustomDomainPropertyModel, PropertyShapeModel}
 import amf.core.internal.utils.RegexConverter
-import amf.shapes.client.scala.model.domain.{FileShape, IriTemplateMapping, NodeShape, ScalarShape}
+import amf.shapes.client.scala.model.domain.operations.ShapeParameter
+import amf.shapes.client.scala.model.domain.{AnyShape, FileShape, IriTemplateMapping, NodeShape, ScalarShape}
 import amf.shapes.internal.domain.metamodel._
-import amf.validation.internal.shacl.custom.CustomShaclValidator
+import amf.shapes.internal.domain.metamodel.operations.ShapeParameterModel
 import amf.validation.internal.shacl.custom.CustomShaclValidator.{
  CustomShaclFunction,
  CustomShaclFunctions,
  ValidationInfo
 }
-
 import java.util.regex.Pattern
 
 object CustomShaclFunctions {
@@ -353,6 +354,19 @@ object CustomShaclFunctions {
  }
  }
  }
+ },
+ new CustomShaclFunction {
+ override val name: String = "invalidIntrospectionName"
+ override def run(element: AmfObject, validate: Option[ValidationInfo] => Unit): Unit = {
+ element match {
+ case d: CustomDomainProperty =>
+ if (hasIntrospectionName(d)) validate(Some(ValidationInfo(CustomDomainPropertyModel.Name)))
+ case t: Shape => if (hasIntrospectionName(t)) validate(Some(ValidationInfo(AnyShapeModel.Name)))
+ case n: NamedDomainElement =>
+ if (hasIntrospectionName(n)) validate(Some(ValidationInfo(NameFieldSchema.Name)))
+ case _ => // ignore
+ }
+ }
  }
  )
 
@@ -395,4 +409,7 @@ object CustomShaclFunctions {
  !name.matches("^[!#$%&'*\\+\\-\\.^\\_\\`\\|\\~0-9a-zA-Z]+$")
 
  private def isRequiredProperty(shape: PropertyShape) = shape.minCount.option().contains(1)
+
+ private def hasIntrospectionName(element: NamedDomainElement): Boolean =
+ element.name.nonNull && element.name.value().startsWith("__")
 }

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-argument-interface.api.report

@@ -0,0 +1,14 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-argument-interface.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 1
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-argument-interface.api.graphql#/declares/shape/Starship/supportedOperation/length/expects/request/parameter/parameter/__unit
+ Property: http://a.ml/vocabularies/core#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-argument-object.api.report

@@ -0,0 +1,14 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-argument-object.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 1
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-argument-object.api.graphql#/declares/shape/Starship/supportedOperation/length/expects/request/parameter/parameter/__unit
+ Property: http://a.ml/vocabularies/core#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-custom-scalar.api.graphql

@@ -0,0 +1,9 @@
+schema {
+ query: Query
+}
+
+type Query {
+ date: __Date
+}
+
+scalar __Date

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-custom-scalar.api.report

@@ -0,0 +1,14 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-custom-scalar.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 1
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-custom-scalar.api.graphql#/declares/scalar/__Date
+ Property: http://www.w3.org/ns/shacl#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-directive-argument.api.graphql

@@ -0,0 +1,9 @@
+schema {
+ query: Query
+}
+
+type Query {
+ name: String
+}
+
+directive @MyDirective(__text: String) on SCHEMA

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-directive-argument.api.report

@@ -0,0 +1,14 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-directive-argument.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 1
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-directive-argument.api.graphql#/declares/MyDirective/shape/default-node/property/property/__text
+ Property: http://www.w3.org/ns/shacl#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-directive.api.report

@@ -0,0 +1,14 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-directive.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 1
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-directive.api.graphql#/declares/__invalidName
+ Property: http://a.ml/vocabularies/core#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-enum.api.graphql

@@ -0,0 +1,14 @@
+schema {
+ query: Query
+}
+
+type Query {
+ season: __Season
+}
+
+enum __Season {
+ SPRING
+ AUTUMN
+ SUMMER
+ WINTER
+}

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-enum.api.report

@@ -0,0 +1,14 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-enum.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 1
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-enum.api.graphql#/declares/scalar/__Season
+ Property: http://www.w3.org/ns/shacl#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-field-input-type.api.report

@@ -0,0 +1,14 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-field-input-type.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 1
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-field-input-type.api.graphql#/declares/shape/Person/property/property/__name
+ Property: http://www.w3.org/ns/shacl#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-field-interface.api.report

@@ -0,0 +1,14 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-field-interface.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 1
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-field-interface.api.graphql#/declares/shape/Person/property/property/__name
+ Property: http://www.w3.org/ns/shacl#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-field-object.api.report

@@ -0,0 +1,14 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-field-object.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 1
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-field-object.api.graphql#/declares/shape/Person/property/property/__name
+ Property: http://www.w3.org/ns/shacl#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-input-type.api.graphql

@@ -0,0 +1,11 @@
+schema {
+ query: Query
+}
+
+type Query {
+ name: String
+}
+
+input __Person {
+ name: String
+}

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-input-type.api.report

@@ -0,0 +1,14 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-input-type.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 1
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-input-type.api.graphql#/declares/shape/__Person
+ Property: http://www.w3.org/ns/shacl#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-interface.api.graphql

@@ -0,0 +1,11 @@
+schema {
+ query: Query
+}
+
+type Query {
+ person: __Person
+}
+
+interface __Person {
+ name: String
+}

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-interface.api.report

@@ -0,0 +1,14 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-interface.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 1
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-interface.api.graphql#/declares/shape/__Person
+ Property: http://www.w3.org/ns/shacl#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-object.api.graphql

@@ -0,0 +1,11 @@
+schema {
+ query: Query
+}
+
+type Query {
+ person: __Person
+}
+
+type __Person {
+ name: String
+}

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-object.api.report

@@ -0,0 +1,14 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-object.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 1
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-object.api.graphql#/declares/shape/__Person
+ Property: http://www.w3.org/ns/shacl#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-root.api.graphql

@@ -0,0 +1,7 @@
+schema {
+ query: __Query
+}
+
+type __Query {
+ __string(__arg: String): String
+}

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-root.api.report

@@ -0,0 +1,30 @@
+ModelId: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-root.api.graphql
+Profile: GraphQL
+Conforms: false
+Number of results: 3
+
+Level: Violation
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-root.api.graphql#/web-api/endpoint/%2Fquery%2F__string
+ Property: http://a.ml/vocabularies/core#name
+ Range: [(1,0)-(1,0)]
+ Location: 
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-root.api.graphql#/web-api/endpoint/%2Fquery%2F__string/supportedOperation/query/__Query.__string
+ Property: http://a.ml/vocabularies/core#name
+ Range: [(1,0)-(1,0)]
+ Location: 
+
+- Constraint: http://a.ml/vocabularies/amf/parser#DomainElement-name-invalidIntrospectionName
+ Message: Name must not begin with '__' as this is used exclusively by GraphQL’s introspection system
+ Severity: Violation
+ Target: file://amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-root.api.graphql#/web-api/endpoint/%2Fquery%2F__string/supportedOperation/query/__Query.__string/expects/request/parameter/parameter/query/__arg
+ Property: http://a.ml/vocabularies/core#name
+ Range: [(1,0)-(1,0)]
+ Location: 

amf-cli/shared/src/test/resources/graphql/tck/apis/invalid/introspection-union.api.graphql

@@ -0,0 +1,19 @@
+schema {
+ query: Query
+}
+
+type Query {
+ searchResult: __SearchResult
+}
+
+type Person {
+ name: String!
+ surname: String!
+}
+
+type Dog {
+ name: String!
+ breed: String!
+}
+
+union __SearchResult = Person | Dog