Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
const handler = (request, reply) => {
const data = request.payload || request.query || {};
const { query, variables } = data;
if (accepts(request, 'html') && graphiql) {
return reply(renderGraphiQL({ query, variables }));
}
if (query && query.includes('mutation') && isGet(request)) {
return reply(methodNotAllowed('GraphQL mutation only allowed in POST request.'));
}
let parsedVariables = variables;
try {
parsedVariables = JSON.parse(variables);
} catch (err) {
// ignore
}
return graphql(schema, query, { request }, context, parsedVariables)
.then((result) => {
if (result.errors) {
const message = result.errors.map((error) => error.message).join('\n');
reply(badRequest(message));
return;
}
}
// Only query operations are allowed on GET requests.
if (request.method === 'get') {
// Determine if this GET request will perform a non-query.
const operationAST = getOperationAST(documentAST, operationName);
if (operationAST && operationAST.operation !== 'query') {
// If GraphiQL can be shown, do not perform this query, but
// provide it to GraphiQL so that the requester may perform it
// themselves if desired.
if (showGraphiQL) {
return null;
}
// Otherwise, report a 405: Method Not Allowed error.
throw Boom.methodNotAllowed(
`Can only perform a ${operationAST.operation} operation from a POST request.`
);
}
}
// Perform the execution, reporting any errors creating the context.
let result;
try {
result = await execute(schema, documentAST, rootValue, context, variables, operationName);
} catch (contextError) {
// Return 400: Bad Request if any execution context errors exist.
throw Boom.badRequest('Context error', [contextError]);
}
if (result.errors) {
const code = selectStatusCode(result.errors);
switch (code) {
const requestHandler = (req, res, next) => {
const method = req.method.toLowerCase();
const handler = controller[method];
if (_.isFunction(handler)) {
handler.call(controller, req, res, next); /* eslint-disable-line prefer-reflect */
} else {
next(Boom.methodNotAllowed());
}
};
function translate(cond, query, parentConnector) {
let fieldName = cond.field === 'id' ? '_id' : cond.field;
//We don't support elemMatch fields
if (fieldName.indexOf('*') > -1) {
throw new Boom.methodNotAllowed('Sub-array matches not supported in jollof-data-memory adapter');
}
if (!cond.items) { // if not a nest starter
const condBlock = {};
// construct mini block
if (cond.comp === '=') {
let value = cond.value;
//NEDB is too dumb to deal with foo:null
if (cond.value === null || cond.value === undefined) {
value = {};
value['$exists'] = false;
}
handler: function (req, rep) {
rep(Boom.methodNotAllowed('not authorized'));
}
}
handler: function (request, reply) {
let response;
if (settings.statusCode) {
response = Boom.create(settings.statusCode);
}
else {
response = Boom.methodNotAllowed();
}
response.output.headers[CustomResponseHeader.name] = CustomResponseHeader.value;
return reply(response);
}
};
handler: () => {
const err = boom.methodNotAllowed('GET is not allowed');
err.output.headers.allow = 'POST';
return err;
},
});
handler: () => {
const err = boom.methodNotAllowed('GET is not allowed');
err.output.headers.allow = 'POST';
return err;
},
config: getRouteConfig(),
const subCondBlock = {};
subCondBlock[convertComp(cond.comp)] = cond.value;
//construct block
condBlock[fieldName] = subCondBlock;
}
//how is this block connected to the previous?
const logical = '$' + (cond.connector || parentConnector || 'and');
query[logical] = query[logical] || [];
query[logical].push(condBlock);
}
else if (cond.items) {
throw new Boom.methodNotAllowed('Nested conditions currently unsupported in Jollof Memory Adapter')
}
return cond.connector;
}