Action ignored, query detected "invalid input syntax for type uuid" #8599
Description
Version Information
Server Version: v2.7.0
Environment
OSS
What is the expected behaviour?
Hasura Action should validate the types declared in its input type.
Keywords
action, type, uuid, invalid input syntax
What is the current behaviour?
Hasura Action does not validate the types declared in its input type.
How to reproduce the issue?
- Create an action:
type Mutation {
custom_insert_user_one(
object: custom_user_insert_input!
): custom_user
}
input custom_user_insert_input {
id: uuid!
name: String
}
type custom_user {
id: uuid!
name: String
}
- Action handler should query some table:
query($id: uuid!) {
some_table(where: {some_id: {_eq: $id}}) {
id
}
}
- Pass the broken UUID value to the action:
mutation($id: uuid!) {
custom_insert_user_one(object: {id: $id, name: "test"}) {name}
}
{"id": "123456789-1234-1234-1234-123456789012"}
- Observe an unexpected error:
{
"errors": [
{
"extensions": {
"path": "$",
"code": "unexpected"
},
"message": "not a valid json response from webhook"
}
]
}
- Check the logs of the action handler
- Find the validation error detected by the
queryabove:
{
"errors": [
{
"extensions": {
"path": "$",
"code": "data-exception"
},
"message": "invalid input syntax for type uuid: \"123456789-1234-1234-1234-123456789012\""
}
]
}
Action handler expects the value to be already validated by Hasura Action,
but Hasura Action does not even try to validate this value,
despite being required to do so with id: uuid! in the input type.
Any possible solutions?
Please validate the values passed to actions in the same way you validate them in table queries/mutations.
If the bug is confirmed, would you be willing to submit a PR?
No