No type checking for Upload scalar

[N-Maas]

When using strawberry.file_uploads.Upload with asgi, it seems that no type checking at all is performed on the input.

Describe the Bug

Test server:

import strawberry
from strawberry.asgi import GraphQL
from strawberry.file_uploads import Upload

@strawberry.type
class Query:
    @strawberry.field
    def upload(self, file: Upload) -> str:
        return "success"

schema = strawberry.Schema(query=Query)
application = GraphQL(schema)

Start server with uvicorn server:application

The following commands all return "success":

curl "http://127.0.0.1:8000" -F operations='{ "query": "query($file: Upload!){ upload(file: $file) }", "variables": { "file": null } }' -F map='{ "file": ["variables.file"] }' -F file="@testfile"

=> expected

curl "http://127.0.0.1:8000" -F operations='{ "query": "query($file: Upload!){ upload(file: [$file]) }", "variables": { "file": null } }' -F map='{ "file": ["variables.file"] }' -F file="@testfile"

=> this is a list?

curl "http://127.0.0.1:8000" -F operations='{ "query": "query{ upload(file: 1) }" }'

=> ??

System Information

• Operating system: Linux/Debian 11
• Strawberry version: 0.165.1

Upvote & Fund

• We're using Polar.sh so you can upvote and help fund this issue.
• We receive the funding once the issue is completed & confirmed by you.
• Thank you in advance for helping prioritize & fund our backlog.

[N-Maas]

Update: It seems that checks related to query variables are generally handled differently from the case if values are inserted into the query.

Checks for variables seem to be applied during execution instead of the error being directly returned. Specifically, errors related to invalid query variables will be supressed by the MaskErrors extension. (Which is unfortunate, since it causes a 500 in our case.)