datasette-graphql/datasette_graphql/__init__.py
from click import ClickExceptionfrom datasette import hookimplfrom datasette.utils.asgi import Response, NotFound, Forbiddenfrom graphql import graphql, print_schemaimport jsonfrom .utils import schema_for_database_via_cacheimport pathlibimport timeimport urllibDEFAULT_TIME_LIMIT_MS = 1000DEFAULT_NUM_QUERIES_LIMIT = 100async def post_body(request):body = b""more_body = Truewhile more_body:message = await request.receive()assert message["type"] == "http.request", messagebody += message.get("body", b"")more_body = message.get("more_body", False)return bodyasync def view_graphql_schema(request, datasette):database = request.url_vars.get("database")try:db = datasette.get_database(database)except KeyError:raise NotFound("Database does not exist")await check_permissions(request, datasette, db.name)schema = await schema_for_database_via_cache(datasette, database=database)return Response.text(print_schema(schema.schema.graphql_schema))CORS_HEADERS = {"Access-Control-Allow-Headers": "content-type","Access-Control-Allow-Method": "POST","Access-Control-Allow-Origin": "*","Vary": "accept",}async def view_graphql(request, datasette):if request.method == "OPTIONS":return Response.text("ok", headers=CORS_HEADERS if datasette.cors else {})body = await post_body(request)database = request.url_vars.get("database")try:db = datasette.get_database(database)except KeyError:raise NotFound("Database does not exist")await check_permissions(request, datasette, db.name)if not body and "text/html" in request.headers.get("accept", ""):static = pathlib.Path(__file__).parent / "static"js_filenames = [p.name for p in static.glob("*.js")]# These need to be sorted so react loads firstorder = "react", "react-dom", "graphiql"js_filenames.sort(key=lambda filename: order.index(filename.split(".")[0]))return Response.html(await datasette.render_template("graphiql.html",{"database": database,"graphiql_css": [p.name for p in static.glob("*.css")],"graphiql_js": js_filenames,},request=request,),headers=CORS_HEADERS if datasette.cors else {},)schema = (await schema_for_database_via_cache(datasette, database=database)).schemaif request.args.get("schema"):return Response.text(print_schema(schema.graphql_schema))incoming = {}if body:incoming = json.loads(body)query = incoming.get("query")variables = incoming.get("variables")operation_name = incoming.get("operationName")else:query = request.args.get("query")variables = request.args.get("variables", "")if variables:variables = json.loads(variables)operation_name = request.args.get("operationName")if not query:return Response.json({"error": "Missing query"},status=400,headers=CORS_HEADERS if datasette.cors else {},)config = datasette.plugin_config("datasette-graphql") or {}context = {"time_started": time.monotonic(),"time_limit_ms": config.get("time_limit_ms") or DEFAULT_TIME_LIMIT_MS,"num_queries_executed": 0,"num_queries_limit": config.get("num_queries_limit")or DEFAULT_NUM_QUERIES_LIMIT,}result = await schema.execute_async(query,operation_name=operation_name,variable_values=variables or {},context_value=context,)response = {"data": result.data}if result.errors:response["errors"] = [error.formatted for error in result.errors]return Response.json(response,status=200 if not result.errors else 500,headers=CORS_HEADERS if datasette.cors else {},)async def check_permissions(request, datasette, database):# First check database permissionok = await datasette.permission_allowed(request.actor,"view-database",resource=database,default=None,)if ok is not None:if ok:returnelse:raise Forbidden("view-database")# Fall back to checking instance permissionok2 = await datasette.permission_allowed(request.actor,"view-instance",default=None,)if ok2 is False:raise Forbidden("view-instance")@hookimpldef menu_links(datasette, actor):return [{"href": datasette.urls.path("/graphql"), "label": "GraphQL API"},]@hookimpldef register_routes():return [(r"^/graphql/(?P<database>[^/]+)\.graphql$", view_graphql_schema),(r"^/graphql/(?P<database>[^/]+)$", view_graphql),(r"^/graphql$", view_graphql),]@hookimpldef extra_template_vars(datasette):async def graphql_template_tag(query, database=None, variables=None):schema = (await schema_for_database_via_cache(datasette, database=database)).schemaresult = await schema.execute_async(query,variable_values=variables or {},)if result.errors:raise Exception(result.errors)else:return result.datareturn {"graphql": graphql_template_tag,}@hookimpldef startup(datasette):# Validate configurationconfig = datasette.plugin_config("datasette-graphql") or {}if "databases" in config:for database_name in config["databases"].keys():try:datasette.get_database(database_name)except KeyError:raise ClickException("datasette-graphql config error: '{}' is not a connected database".format(database_name))@hookimpldef table_actions(datasette, actor, database, table):async def inner():graphql_path = datasette.urls.path("/graphql/{}".format(database))db_schema = await schema_for_database_via_cache(datasette, database=database)example_query = await db_schema.table_classes[table].example_query()return [{"href": "{}?query={}".format(graphql_path, urllib.parse.quote(example_query)),"label": "GraphQL API for {}".format(table),}]return inner@hookimpldef database_actions(datasette, actor, database):if len(datasette.databases) > 1:return [{"href": datasette.urls.path("/graphql/{}".format(database)),"label": "GraphQL API for {}".format(database),}]else:return [{"href": datasette.urls.path("/graphql"),"label": "GraphQL API",}]