feat(graphql): Introducing Nested Filtering for Dgraph GraphQL API with Optimized Query Support

graphql/e2e/auth/schema.graphql

@@ -974,3 +974,43 @@ type Home @auth(
     favouriteMember: HomeMember
 }
 # union testing - end
+
+"""
+This types are used to validate nested filting.
+"""
+type Nested_X @auth(
+    query: { rule: """
+    query {
+        queryNested_X(filter: {y: {s: {eq: "y"}}}){
+            __typename
+        }
+    }
+    """}
+) {
+  b: Boolean @search
+  y: Nested_Y @hasInverse(field: x) @search
+}
+
+type Nested_Y implements Nested_Z @auth(
+    query: {
+        or: [
+            { rule: "{ $rbac: { eq: \"positive\" } }" }
+            { and: [
+                { rule: "{ $rbac: { eq: \"uncertain\" } }" }
+                { rule: """
+                    query {
+                        queryNested_Y(filter: {x: {b: true}}){
+                            __typename
+                        }
+                    }
+                    """
+                }
+            ]
+        }]
+    }) {
+  s: String @search(by: [hash])
+}
+
+interface Nested_Z {
+  x: Nested_X @search
+}

graphql/resolve/auth_delete_test.yaml

@@ -880,3 +880,30 @@
       }
     }
 
+- name: "Delete selection by nested filter"
+  gqlquery: |
+    mutation {
+      deleteNested_X(filter: {y: {s: {eq: "-"}}}) {
+        numUids
+      }
+    }
+  variables:
+  jwtvar:
+  dgmutations:
+    - deletejson: |
+        [{
+           "uid": "uid(x)"
+         },{
+           "Nested_Z.x": {"uid": "uid(x)"},
+           "uid": "uid(Nested_Y_3)"
+         }]
+  dgquery: |-
+    query {
+      x as deleteNested_X(func: type(Nested_X)) @filter((uid(deleteNested_X_y))) {
+        uid
+        Nested_Y_3 as Nested_X.y
+      }
+      var(func: type(Nested_Y)) @filter(eq(Nested_Y.s, "-")) {
+        deleteNested_X_y as Nested_Z.x
+      }
+    }

graphql/resolve/auth_query_test.yaml

@@ -2148,3 +2148,112 @@
         Person.id : uid
       }
     }
+
+-
+  name: "Query positive auth rules with nested filter"
+  gqlquery: |
+    query{
+      queryNested_X(filter: {y: {s: {eq: "-"}}}) {
+        b
+        y { s }
+      }
+    }
+  jwtvar:
+    rbac: positive
+  dgquery: |-
+    query {
+      queryNested_X(func: uid(Nested_XRoot)) {
+        Nested_X.b : Nested_X.b
+        Nested_X.y : Nested_X.y @filter(uid(Nested_Y_1)) {
+          Nested_Y.s : Nested_Y.s
+          dgraph.uid : uid
+        }
+        dgraph.uid : uid
+      }
+      var(func: type(Nested_Y)) @filter(eq(Nested_Y.s, "-")) {
+        queryNested_X_y as Nested_Z.x
+      }
+      Nested_XRoot as var(func: uid(Nested_X_3)) @filter(uid(Nested_X_Auth4))
+      Nested_X_3 as var(func: type(Nested_X)) @filter((uid(queryNested_X_y)))
+      Nested_X_Auth4 as var(func: uid(Nested_X_3)) @filter((uid(Nested_X_Auth4_y))) @cascade
+      var(func: type(Nested_Y)) @filter(eq(Nested_Y.s, "y")) {
+        Nested_X_Auth4_y as Nested_Z.x
+      }
+      var(func: uid(Nested_XRoot)) {
+        Nested_Y_2 as Nested_X.y
+      }
+      Nested_Y_1 as var(func: uid(Nested_Y_2))
+    }
+
+-
+  name: "Query negative auth rules with nested filter"
+  gqlquery: |
+    query{
+      queryNested_X(filter: {y: {s: {eq: "-"}}}) {
+        b
+        y { s }
+      }
+    }
+  jwtvar:
+    rbac: negative
+  dgquery: |-
+    query {
+      queryNested_X(func: uid(Nested_XRoot)) {
+        Nested_X.b : Nested_X.b
+        dgraph.uid : uid
+      }
+      queryNested_X_y as var()
+      Nested_XRoot as var(func: uid(Nested_X_3)) @filter(uid(Nested_X_Auth4))
+      Nested_X_3 as var(func: type(Nested_X)) @filter((uid(queryNested_X_y)))
+      Nested_X_Auth4 as var(func: uid(Nested_X_3)) @filter((uid(Nested_X_Auth4_y))) @cascade
+      var(func: type(Nested_Y)) @filter(eq(Nested_Y.s, "y")) {
+        Nested_X_Auth4_y as Nested_Z.x
+      }
+    }
+
+-
+  name: "Query uncertain auth rules with nested filter"
+  gqlquery: |
+    query{
+      queryNested_X(filter: {y: {s: {eq: "-"}}}) {
+        b
+        y { s }
+      }
+    }
+  jwtvar:
+    rbac: uncertain
+  dgquery: |-
+    query {
+      queryNested_X(func: uid(Nested_XRoot)) {
+        Nested_X.b : Nested_X.b
+        Nested_X.y : Nested_X.y @filter(uid(Nested_Y_3)) {
+          Nested_Y.s : Nested_Y.s
+          dgraph.uid : uid
+        }
+        dgraph.uid : uid
+      }
+      var(func: uid(queryNested_X_yRoot)) {
+        queryNested_X_y as Nested_Z.x
+      }
+      queryNested_X_yRoot as var(func: uid(Nested_Y_1)) @filter(uid(Nested_Y_Auth2))
+      Nested_Y_1 as var(func: type(Nested_Y)) @filter(eq(Nested_Y.s, "-"))
+      Nested_Y_Auth2 as var(func: uid(Nested_Y_1)) @filter((uid(Nested_Y_Auth2_x))) @cascade
+      var(func: type(Nested_X)) @filter(eq(Nested_X.b, true)) {
+        Nested_Y_Auth2_x as Nested_X.y
+      }
+      Nested_XRoot as var(func: uid(Nested_X_6)) @filter(uid(Nested_X_Auth7))
+      Nested_X_6 as var(func: type(Nested_X)) @filter((uid(queryNested_X_y)))
+      Nested_X_Auth7 as var(func: uid(Nested_X_6)) @filter((uid(Nested_X_Auth7_y))) @cascade
+      var(func: type(Nested_Y)) @filter(eq(Nested_Y.s, "y")) {
+        Nested_X_Auth7_y as Nested_Z.x
+      }
+      var(func: uid(Nested_XRoot)) {
+        Nested_Y_4 as Nested_X.y
+      }
+      Nested_Y_3 as var(func: uid(Nested_Y_4)) @filter(uid(Nested_Y_Auth5))
+      Nested_Y_Auth5 as var(func: uid(Nested_Y_4)) @filter((uid(Nested_Y_Auth5_x))) @cascade
+      var(func: type(Nested_X)) @filter(eq(Nested_X.b, true)) {
+        Nested_Y_Auth5_x as Nested_X.y
+      }
+    }
+

graphql/resolve/mutation_rewriter.go

@@ -807,7 +807,7 @@ func (arw *AddRewriter) FromMutationResult(
 		return nil, errs
 	}
 	// No errors are thrown while rewriting queries by Ids.
-	return rewriteAsQueryByIds(mutation.QueryField(), uids, authRw), nil
+	return rewriteAsQueryByIds(mutation.QueryField(), uids, authRw, mutation.Alias()), nil
 }
 
 // FromMutationResult rewrites the query part of a GraphQL update mutation into a Dgraph query.
@@ -843,7 +843,7 @@ func (urw *UpdateRewriter) FromMutationResult(
 		parentVarName: mutation.MutatedType().Name() + "Root",
 	}
 	authRw.hasAuthRules = hasAuthRules(mutation.QueryField(), authRw)
-	return rewriteAsQueryByIds(mutation.QueryField(), uids, authRw), nil
+	return rewriteAsQueryByIds(mutation.QueryField(), uids, authRw, mutation.Alias()), nil
 }
 
 func (arw *AddRewriter) MutatedRootUIDs(
@@ -996,7 +996,8 @@ func RewriteUpsertQueryFromMutation(
 			addTypeFunc(dgQuery[0], m.MutatedType().DgraphName())
 		}
 
-		_ = addFilter(dgQuery[0], m.MutatedType(), filter)
+		_, varQry := addFilter(dgQuery[0], m.MutatedType(), filter, authRw, m.Alias())
+		dgQuery = append(dgQuery, varQry...)
 	} else {
 		// It means this is called from upsert with Add mutation.
 		// nodeID will be uid of the node to be upserted. We add UID func
@@ -1113,7 +1114,7 @@ func (drw *deleteRewriter) Rewrite(
 		}
 
 		// these queries are responsible for querying the queryField
-		queryFieldQry := rewriteAsQuery(queryField, queryAuthRw)
+		queryFieldQry := rewriteAsQuery(queryField, queryAuthRw, MutationQueryVar)
 
 		// we don't want the `x` query to show up in GraphQL JSON response while querying the query
 		// field. So, need to make it `var` query and remove any children from it as there can be

graphql/resolve/query.go

@@ -127,7 +127,6 @@ func (qr *queryResolver) rewriteAndExecute(ctx context.Context, query schema.Que
 			query.ResponseName()))
 	}
 	qry := dgraph.AsString(dgQuery)
-
 	queryTimer := newtimer(ctx, &dgraphQueryDuration.OffsetDuration)
 	queryTimer.Start()
 	resp, err := qr.executor.Execute(ctx, &dgoapi.Request{Query: qry, ReadOnly: true}, query)