Allow forbidding certain values from being exported (#2692)

Author: benjie

.changeset/hip-moose-enter.md

@@ -0,0 +1,10 @@
+---
+"graphile-build": patch
+"graphile-utils": patch
+"graphile-export": patch
+"@dataplan/pg": patch
+"tamedevil": patch
+---
+
+Allow forbidding certain objects/functions from being exported, and raise error
+as early as possible.

.changeset/some-dancers-matter.md

@@ -0,0 +1,13 @@
+---
+"graphile-utils": patch
+"postgraphile": patch
+---
+
+Forbid export of 'build', this has required a slight degradation of the
+makeAddPgTableConditionPlugin/addPgTableCondition signature for people using the
+legacy signature - namely the entire build object is no longer available in the
+callback that is the fourth argument. (Only have 3 arguments to your call?
+You're not impacted!) In the unlikely event this causes you any issues, your
+best bet is to move to the `apply()` approach (only use the 3 documented
+arguments), but we can also potentially expand the parts of build that are made
+available.

grafast/dataplan-pg/src/datasource.ts

@@ -60,9 +60,15 @@ export function EXPORTABLE<T, TScope extends any[]>(
   args: [...TScope],
   nameHint?: string,
 ): T {
+  const forbiddenIndex = args.findIndex(isForbidden);
+  if (forbiddenIndex >= 0) {
+    throw new Error(
+      `${nameHint ?? "Anonymous"} EXPORTABLE call's args[${forbiddenIndex}] is not allowed to be exported.`,
+    );
+  }
   const fn: T = factory(...args);
   if (
-    (typeof fn === "function" || (typeof fn === "object" && fn !== null)) &&
+    ((typeof fn === "object" && fn !== null) || typeof fn === "function") &&
     !("$exporter$factory" in fn)
   ) {
     Object.defineProperties(fn, {
@@ -74,6 +80,15 @@ export function EXPORTABLE<T, TScope extends any[]>(
   return fn;
 }
 
+export function isForbidden(thing: unknown): thing is { $$export: false } {
+  return (
+    (typeof thing === "object" || typeof thing === "function") &&
+    thing !== null &&
+    "$$export" in thing &&
+    thing.$$export === false
+  );
+}
+
 /** @deprecated Use DataplanPg.PgResourceUniqueExtensions instead */
 export type PgResourceUniqueExtensions = DataplanPg.PgResourceUniqueExtensions;
 

grafast/dataplan-pg/src/examples/exampleSchema.ts

@@ -132,9 +132,15 @@ export function EXPORTABLE<T, TScope extends any[]>(
   args: [...TScope],
   nameHint?: string,
 ): T {
+  const forbiddenIndex = args.findIndex(isForbidden);
+  if (forbiddenIndex >= 0) {
+    throw new Error(
+      `${nameHint ?? "Anonymous"} EXPORTABLE call's args[${forbiddenIndex}] is not allowed to be exported.`,
+    );
+  }
   const fn: T = factory(...args);
   if (
-    (typeof fn === "function" || (typeof fn === "object" && fn !== null)) &&
+    ((typeof fn === "object" && fn !== null) || typeof fn === "function") &&
     !("$exporter$factory" in fn)
   ) {
     Object.defineProperties(fn, {
@@ -146,6 +152,15 @@ export function EXPORTABLE<T, TScope extends any[]>(
   return fn;
 }
 
+export function isForbidden(thing: unknown): thing is { $$export: false } {
+  return (
+    (typeof thing === "object" || typeof thing === "function") &&
+    thing !== null &&
+    "$$export" in thing &&
+    thing.$$export === false
+  );
+}
+
 // These are what the generics extend from
 
 declare global {

graphile-build/graphile-build/src/makeNewBuild.ts

@@ -123,6 +123,9 @@ export default function makeNewBuild(
   }
 
   const build: GraphileBuild.BuildBase = {
+    // FORBID EXPORTING!
+    ...({ $$export: false } as object),
+
     lib,
 
     // Legacy support for things from lib

graphile-build/graphile-build/src/utils.ts

@@ -15,9 +15,15 @@ export function EXPORTABLE<T, TScope extends any[]>(
   args: [...TScope],
   nameHint?: string,
 ): T {
+  const forbiddenIndex = args.findIndex(isForbidden);
+  if (forbiddenIndex >= 0) {
+    throw new Error(
+      `${nameHint ?? "Anonymous"} EXPORTABLE call's args[${forbiddenIndex}] is not allowed to be exported.`,
+    );
+  }
   const fn: T = factory(...args);
   if (
-    (typeof fn === "function" || (typeof fn === "object" && fn !== null)) &&
+    ((typeof fn === "object" && fn !== null) || typeof fn === "function") &&
     !("$exporter$factory" in fn)
   ) {
     Object.defineProperties(fn, {
@@ -29,6 +35,15 @@ export function EXPORTABLE<T, TScope extends any[]>(
   return fn;
 }
 
+export function isForbidden(thing: unknown): thing is { $$export: false } {
+  return (
+    (typeof thing === "object" || typeof thing === "function") &&
+    thing !== null &&
+    "$$export" in thing &&
+    thing.$$export === false
+  );
+}
+
 export function EXPORTABLE_OBJECT_CLONE<T extends object>(obj: T): T {
   if (Object.getPrototypeOf(obj) === Object.prototype) {
     const keys = Object.keys(obj);

graphile-build/graphile-utils/src/exportable.ts

@@ -3,9 +3,15 @@ export function EXPORTABLE<T, TScope extends any[]>(
   args: [...TScope],
   nameHint?: string,
 ): T {
+  const forbiddenIndex = args.findIndex(isForbidden);
+  if (forbiddenIndex >= 0) {
+    throw new Error(
+      `${nameHint ?? "Anonymous"} EXPORTABLE call's args[${forbiddenIndex}] is not allowed to be exported.`,
+    );
+  }
   const fn: T = factory(...args);
   if (
-    (typeof fn === "function" || (typeof fn === "object" && fn !== null)) &&
+    ((typeof fn === "object" && fn !== null) || typeof fn === "function") &&
     !("$exporter$factory" in fn)
   ) {
     Object.defineProperties(fn, {
@@ -16,3 +22,12 @@ export function EXPORTABLE<T, TScope extends any[]>(
   }
   return fn;
 }
+
+export function isForbidden(thing: unknown): thing is { $$export: false } {
+  return (
+    (typeof thing === "object" || typeof thing === "function") &&
+    thing !== null &&
+    "$$export" in thing &&
+    thing.$$export === false
+  );
+}

graphile-build/graphile-utils/src/makeAddPgTableConditionPlugin.ts

@@ -11,13 +11,16 @@ export function addPgTableCondition(
   conditionFieldSpecGenerator: (
     build: GraphileBuild.Build,
   ) => GrafastInputFieldConfig,
+  // DEPRECATED! Use `apply` instead.
   conditionGenerator?: (
     value: unknown,
     helpers: {
       sql: typeof sql;
       sqlTableAlias: SQL;
       sqlValueWithCodec: typeof sqlValueWithCodec;
-      build: GraphileBuild.Build;
+      // We can't afford to make the entire of build EXPORTABLE, and people
+      // really ought to move to using the `apply` method, so...
+      build: ReturnType<typeof pruneBuild>;
       /** @internal We might expose this in future if needed */
       condition: PgCondition;
     },
@@ -85,21 +88,23 @@ export function addPgTableCondition(
               );
             }
             // build applyPlan
+            const _build = pruneBuild(build);
             conditionFieldSpec.apply = EXPORTABLE(
-              (build, conditionGenerator, sql, sqlValueWithCodec) =>
+              (_build, conditionGenerator, sql, sqlValueWithCodec) =>
                 function apply(condition: PgCondition, val) {
                   const expression = conditionGenerator!(val, {
                     sql,
                     sqlTableAlias: condition.alias,
                     sqlValueWithCodec,
-                    build,
+                    build: _build,
                     condition,
                   });
                   if (expression) {
                     condition.where(expression);
                   }
                 },
-              [build, conditionGenerator, sql, sqlValueWithCodec],
+              [_build, conditionGenerator, sql, sqlValueWithCodec],
+              "addPgTableCondition_generator",
             );
           }
           const meta = build._pluginMeta[displayName]!;
@@ -125,3 +130,23 @@ export function addPgTableCondition(
 
 /** @deprecated renamed to addPgTableCondition */
 export const makeAddPgTableConditionPlugin = addPgTableCondition;
+
+function pruneBuild(build: GraphileBuild.Build) {
+  const {
+    sql,
+    grafast,
+    graphql,
+    dataplanPg,
+    input: { pgRegistry },
+  } = build;
+  return EXPORTABLE(
+    (dataplanPg, grafast, graphql, pgRegistry, sql) => ({
+      sql,
+      grafast,
+      graphql,
+      dataplanPg,
+      input: { pgRegistry },
+    }),
+    [dataplanPg, grafast, graphql, pgRegistry, sql],
+  );
+}

utils/graphile-export/src/exportSchema.ts

@@ -47,9 +47,11 @@ import {
 import type { GraphQLSchemaNormalizedConfig } from "graphql/type/schema";
 import type { PgSQL, SQL } from "pg-sql2";
 
+import { isForbidden } from "./helpers.js";
 import type { ExportOptions } from "./interfaces.js";
 import { optimize } from "./optimize/index.js";
 import { reservedWords } from "./reservedWords.js";
+import { isImportable, isNotNullish } from "./utils.js";
 import { wellKnown } from "./wellKnown.js";
 
 // Cannot import sql because it's optional
@@ -174,20 +176,6 @@ const templateOptions: TemplateBuilderOptions = {
   plugins: ["typescript"],
 };
 
-export function isNotNullish<T>(input: T | null | undefined): input is T {
-  return input != null;
-}
-
-function isImportable(
-  thing: unknown,
-): thing is { $$export: { moduleName: string; exportName: string } } {
-  return (
-    (typeof thing === "object" || typeof thing === "function") &&
-    thing !== null &&
-    "$$export" in (thing as object | AnyFunction)
-  );
-}
-
 type AnyFunction = {
   (...args: any[]): any;
   displayName?: string;
@@ -974,6 +962,11 @@ function _convertToAST(
   depth: number,
   reference: t.Expression,
 ): t.Expression {
+  if (isForbidden(thing)) {
+    throw new Error(
+      `The value at ${locationHint} is forbidden from being exported; please be more specific in your EXPORTABLE factories!`,
+    );
+  }
   const handleSubvalue = (
     value: any,
     tKey: t.Expression,

utils/graphile-export/src/helpers.ts

@@ -3,6 +3,12 @@ export function EXPORTABLE<T, TScope extends any[]>(
   args: [...TScope],
   nameHint?: string,
 ): T {
+  const forbiddenIndex = args.findIndex(isForbidden);
+  if (forbiddenIndex >= 0) {
+    throw new Error(
+      `${nameHint ?? "Anonymous"} EXPORTABLE call's args[${forbiddenIndex}] is not allowed to be exported.`,
+    );
+  }
   const fn: T = factory(...args);
   if (
     ((typeof fn === "object" && fn !== null) || typeof fn === "function") &&
@@ -16,3 +22,12 @@ export function EXPORTABLE<T, TScope extends any[]>(
   }
   return fn;
 }
+
+export function isForbidden(thing: unknown): thing is { $$export: false } {
+  return (
+    (typeof thing === "object" || typeof thing === "function") &&
+    thing !== null &&
+    "$$export" in thing &&
+    thing.$$export === false
+  );
+}