How to validate InputType fields with dependent rules?

[downace]

Versions:

• graphql-laravel Version: 7.2.0
• Laravel Version: 8.44.0
• PHP Version: 8.0.5

Example

app/GraphQL/Mutations/CreateFoo.php:

class CreateFoo extends Mutation {
    protected $attributes = ['name' => 'createFoo'];

    public function type(): Type {
        return Type::string();
    }

    public function args(): array {
        return [
            'fooArg' => [
                'type' => GraphQL::type('[FooInput]'),
            ],
        ];
    }

    public function resolve($root, $args) {
        return \json_encode($args);
    }
}

app/GraphQL/Inputs/FooInput.php:

class FooInput extends InputType {
    protected $attributes = ['name' => 'FooInput'];

    public function fields(): array {
        return [
            'hasBar' => [
                'type' => Type::boolean(),
            ],
            'bar' => [
                'type' => Type::string(),
                'rules' => [
                    'exclude_if:hasBar,false',
                    'min:10',
                ],
            ],
        ];
    }
}

Query:

mutation Foo {
  createFoo(fooArg: [{
    hasBar: false,
    bar: "foobar",
  }])
}

bar should not be validated, but actual response is:

{
  "errors": [
    {
      "message": "validation",
      "extensions": {
        "category": "validation",
        "validation": {
          "fooArg.0.bar": [
            "The foo arg.0.bar must be at least 10 characters."
          ]
        }
      },
      "locations": [
        {
          "line": 33,
          "column": 3
        }
      ],
      "path": [
        "createFoo"
      ]
    }
  ],
  "data": {
    "createFoo": null
  }
}

To make it work I need to specify full field path for exclude_if rule, so 'exclude_if:hasBar,false' becomes 'exclude_if:fooArg.0.hasBar,false'. But it's not possible because fooArg list has variable size.

As a workaround we can use Laravel Validator directly in mutation's resolve method, or define a rules method:

protected function rules(array $args = []): array {
    return [
        'fooArg.*.bar' => [
            'exclude_if:fooArg.*.hasBar,false',
            'min:10',
        ],
    ];
}

But I don't like this approach, because

• It couples mutation with the input object structure, I think it's not good;
• Using two ways to define validation rules is not good too, consistency is preferred;
• Input object is broken into two pieces, so reusability suffers: to reuse this input object in another mutation we have to reuse validation rules too, separately.

[mfn]

I basically agree and I don't have much of a solution to offer.

I suffer similar things on other ends: I want great GraphQL validation (and that means: not just the types) so I too do also make use of the rules. But GraphQL is just a layer, the business logic is spread over multiple modules, each which have to validate the input anyway again. So I end up trying my best to "share" the validations but that's not always possible with repeatable and dependable fields.

And I agree also in your scenario, it gets less useful if you can't couple the Input in some way and doing it in the query/mutation resolve needs implicit knowledge what the input is.

The ability to have rules directly being validated is definitely a useful idea but also suffers from all the complex combinations the Laravel validations can represent which doesn't always translate that well into the DSL of GraphQL. At least not with much more work on that end.

@crissi did a lot of work to improve the situation, but as with SelectFields, there are certain combinations/cases which are very complex to target. And maybe never will.

TL;DR: doing it in your query/mutation resolve (or rules()) is the best you can do here 😢

[downace]

Thanks for the answer!

I think I'll end up with using rules method, but moving it's insides to some static method of input class.

Something like this (maybe it'll be useful for someone who got here with same question):

protected function rules(array $args = []): array {
    return array_merge([
        // maybe some root mutation rules
    ], FooInput::createRules(attrPrefix: 'fooArg.*'));
}

app/GraphQL/Inputs/FooInput.php:

// ...
public static function createRules(string $attrPath): array {
    return [
        "$attrPath.bar" => [
            "exclude_if:$attrPath.hasBar,false",
            'min:10',
        ],
    ];
}
// ...

More nesting:

class FooInput extends InputType {
    // ...

    public function fields(): array {
        return [
            'baz' => [
                'type' => GraphQL::type('BazInput!'), // another input object
            ],
        ];
    }

    public static function createRules(string $attrPrefix): array {
        return array_merge([
            // some other rules
        ], BazInput::createRules(attrPrefix: "$attrPrefix.baz"));
    }
}

class BazInput extends InputType {
    // ...

    public function fields(): array {
        return [
            'hasBar' => [
                'type' => Type::boolean(),
            ],
            'bar' => [
                'type' => Type::string(),
            ],
        ];
    }

    public static function createRules(string $attrPrefix): array {
        return [
            "$attrPrefix.bar" => [
                "exclude_if:$attrPrefix.hasBar,false",
                'min:10',
            ],
        ];
    }
}

[crissi]

Remember rules can also take a callback which Include params and even parent params

‘rules => function($params, $parentParams) { return []}