Add support for validation rules

[kiendang]

Close #1472 Close #1342

[kiendang]

@firaskafri should we release another patch version (v3.1.6) before merging this? I think this deserves a minor bump to v3.2.0 but there were a couple of small bug fixing PRs merged since v3.1.5 so I think it's a good idea to have another patch version for v3.1.

[kiendang]

This looks good to me, testing it locally with another approach I used to have

@pmcarlos Would you be able to share your current method? This PR is to be merged eventually but there's someone in Graphene Discord asking if there's another way to disable introspection.

[lee-pai-long]

Hi guys, any idea when this PR will be merged ?

[kiendang]

Hi guys, any idea when this PR will be merged ?

This would be part of the 3.2.0 release. The plan is to release another patch version 3.1.6 with the current main branch, then we'll merge this PR and do a 3.2.0 later. @firaskafri is there any roadblock on making a 3.1.6 release?

[firaskafri]

Hi guys, any idea when this PR will be merged ?

This would be part of the 3.2.0 release. The plan is to release another patch version 3.1.6 with the current main branch, then we'll merge this PR and do a 3.2.0 later. @firaskafri is there any roadblock on making a 3.1.6 release?

Hello @kiendang not at all. I just released 3.1.6 and merging this to main now.

[kiendang]

Hi guys, any idea when this PR will be merged ?

This would be part of the 3.2.0 release. The plan is to release another patch version 3.1.6 with the current main branch, then we'll merge this PR and do a 3.2.0 later. @firaskafri is there any roadblock on making a 3.1.6 release?

Hello @kiendang not at all. I just released 3.1.6 and merging this to main now.

@firaskafri Awesome. Thanks! We're good to go for 3.2.0 as well.

[lee-pai-long]

Hi @kiendang any example on how to implement both rules ? I tried to follow the graphene documentation:

from graphene import Schema
from .auto import schema_operations_builder
from graphql import validate, parse
from graphene.validation import depth_limit_validator, DisableIntrospection

schema = Schema(query=ALL_QUERIES, mutation=ALL_MUTATIONS)

validation_errors = validate(
    schema=schema.graphql_schema,
    document_ast=parse('THE QUERY'),
    rules=(
        depth_limit_validator(max_depth=10),
        DisableIntrospection
    )
)

But I get an error ModuleNotFoundError: No module named 'graphene.validation'

[kiendang]

@lee-pai-long hmm that's weird. It comes with Graphene. We have a test for it in this repo and it works fine. You can try taking a look at your installed packages? Alternatively the introspection disabling rule is also implemented in graphql-core. You can do

from graphql.validation.rules.custom.no_schema_introspection import NoSchemaIntrospectionCustomRule

NoSchemaIntrospectionCustomRule is the same as graphene.validation.DisableIntrospection. However depth_limit_validator is only available in Graphene though.

[lee-pai-long]

Hi @kiendang thanks for you help, actually my error was that I didn't have the right version of graphene, after upgrading it and the other dependencies I can import the validation module.