feat(server): log unsafe errors

src/GraphQL/Execution/Executor.php

@@ -6,15 +6,18 @@
 use Drupal\Core\Cache\CacheableMetadata;
 use Drupal\Core\Cache\CacheBackendInterface;
 use Drupal\Core\Cache\Context\CacheContextsManager;
+use Drupal\Core\Utility\Error as ErrorUtil;
 use Drupal\graphql\Event\OperationEvent;
 use Drupal\graphql\GraphQL\Execution\ExecutionResult as CacheableExecutionResult;
 use Drupal\graphql\GraphQL\Utility\DocumentSerializer;
+use GraphQL\Error\ClientAware;
 use GraphQL\Executor\ExecutionResult;
 use GraphQL\Executor\ExecutorImplementation;
 use GraphQL\Executor\Promise\Promise;
 use GraphQL\Executor\Promise\PromiseAdapter;
 use GraphQL\Executor\ReferenceExecutor;
 use GraphQL\Language\AST\DocumentNode;
+use GraphQL\Server\OperationParams;
 use GraphQL\Type\Schema;
 use GraphQL\Utils\AST;
 use Symfony\Component\DependencyInjection\ContainerInterface;
@@ -280,10 +283,60 @@ protected function doExecuteUncached() {
       $event = new OperationEvent($this->context, $result);
       $this->dispatcher->dispatch(OperationEvent::GRAPHQL_OPERATION_AFTER, $event);
 
+      $this->logUnsafeErrors($this->context->getOperation(), $result);
+
       return $result;
     });
   }
 
+  /**
+   * Logs unsafe errors if any.
+   *
+   * @param \GraphQL\Server\OperationParams $operation
+   * @param \Drupal\graphql\GraphQL\Execution\ExecutionResult $result
+   */
+  protected function logUnsafeErrors(OperationParams $operation, ExecutionResult $result): void {
+    $hasUnsafeErrors = FALSE;
+    $previousErrors = [];
+
+    foreach ($result->errors as $index => $error) {
+      // Don't log errors intended for clients, only log those that
+      // a client would not be able to solve, they'd require work from
+      // a server developer.
+      if ($error instanceof ClientAware && $error->isClientSafe()) {
+        continue;
+      }
+
+      $hasUnsafeErrors = TRUE;
+      // Log the error that cause the error we caught. This makes the error
+      // logs more useful because GraphQL usually wraps the original error.
+      if ($error->getPrevious() instanceof \Throwable) {
+        $previousErrors[] = strtr(
+          "For error #@index: %type: @message in %function (line %line of %file)\n@backtrace_string.",
+          ErrorUtil::decodeException($error->getPrevious()) + ['@index' => $index]
+        );
+      }
+    }
+
+    if ($hasUnsafeErrors) {
+      \Drupal::logger('graphql')->error(
+        "There were errors during a GraphQL execution.\nOperation details:\n<pre>\n{details}\n</pre>\nPrevious errors:\n<pre>\n{previous}\n</pre>",
+        [
+          'details' => json_encode([
+            '$operation' => $operation,
+            // Do not pass $result to json_encode because it implements
+            // JsonSerializable and strips some data out during the
+            // serialization.
+            '$result->data' => $result->data,
+            '$result->errors' => $result->errors,
+            '$result->extensions' => $result->extensions,
+          ], JSON_PRETTY_PRINT),
+          'previous' => implode('\n\n', $previousErrors),
+        ]
+      );
+    }
+  }
+
   /**
    * Calculates the cache prefix from context for the current query.
    *

tests/src/Kernel/Framework/LoggerTest.php

@@ -0,0 +1,174 @@
+<?php
+
+namespace Drupal\Tests\graphql\Kernel\Framework;
+
+use Drupal\Core\Logger\RfcLoggerTrait;
+use Drupal\Tests\graphql\Kernel\GraphQLTestBase;
+use Psr\Log\LoggerInterface;
+
+/**
+ * Test error logging.
+ *
+ * @group graphql
+ */
+class LoggerTest extends GraphQLTestBase implements LoggerInterface {
+
+  use RfcLoggerTrait;
+
+  /**
+   * Loggers calls.
+   *
+   * @var array
+   */
+  protected $loggerCalls = [];
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function setUp(): void {
+    parent::setUp();
+
+    $schema = <<<GQL
+      schema {
+        query: Query
+      }
+      type Query {
+        resolvesToNull: String!
+        throwsException: String!
+        takesIntArgument(id: Int!): String
+      }
+GQL;
+
+    $this->setUpSchema($schema);
+
+    $this->mockResolver('Query', 'resolvesToNull', NULL);
+    $this->mockResolver('Query', 'throwsException', function () {
+      throw new \Exception('BOOM!');
+    });
+    $this->mockResolver('Query', 'takesIntArgument');
+
+    $this->container->get('logger.factory')->addLogger($this);
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public function log($level, $message, array $context = []) {
+    $this->loggerCalls[] = [
+      'level' => $level,
+      'message' => $message,
+      'context' => $context,
+    ];
+  }
+
+  /**
+   * Test if invariant violation errors are logged.
+   */
+  public function testInvariantViolationError(): void {
+    $result = $this->query('query { resolvesToNull }');
+    $this->assertSame(200, $result->getStatusCode());
+    // Client should not see the actual error.
+    $this->assertSame([
+      'errors' => [
+        [
+          'message' => 'Internal server error',
+          'extensions' => [
+            'category' => 'internal',
+          ],
+          'locations' => [
+            [
+              'line' => 1,
+              'column' => 9,
+            ],
+          ],
+          'path' => [
+            'resolvesToNull',
+          ],
+        ],
+      ],
+    ], json_decode($result->getContent(), TRUE));
+    // The error should be logged.
+    $this->assertCount(1, $this->loggerCalls);
+    $loggerCall = reset($this->loggerCalls);
+    $details = json_decode($loggerCall['context']['details'], TRUE);
+    $this->assertSame($details['$operation']['query'], 'query { resolvesToNull }');
+    $this->assertSame($details['$operation']['variables'], []);
+    $this->assertCount(1, $details['$result->errors']);
+    $this->assertSame(
+      $details['$result->errors'][0]['message'],
+      'Cannot return null for non-nullable field "Query.resolvesToNull".'
+    );
+    $this->assertStringContainsString(
+      'For error #0: GraphQL\Error\InvariantViolation: Cannot return null for non-nullable field "Query.resolvesToNull".',
+      $loggerCall['context']['previous']
+    );
+  }
+
+  /**
+   * Test if exceptions thrown from resolvers are logged.
+   */
+  public function testException(): void {
+    $result = $this->query('query { throwsException }');
+    $this->assertSame(200, $result->getStatusCode());
+    // Client should not see the actual error.
+    $this->assertSame([
+      'errors' => [
+        [
+          'message' => 'Internal server error',
+          'extensions' => [
+            'category' => 'internal',
+          ],
+          'locations' => [
+            [
+              'line' => 1,
+              'column' => 9,
+            ],
+          ],
+          'path' => [
+            'throwsException',
+          ],
+        ],
+      ],
+    ], json_decode($result->getContent(), TRUE));
+    // The error should be logged.
+    $this->assertCount(1, $this->loggerCalls);
+    $loggerCall = reset($this->loggerCalls);
+    $details = json_decode($loggerCall['context']['details'], TRUE);
+    $this->assertSame($details['$operation']['query'], 'query { throwsException }');
+    $this->assertSame($details['$operation']['variables'], []);
+    $this->assertCount(1, $details['$result->errors']);
+    $this->assertSame($details['$result->errors'][0]['message'], 'BOOM!');
+    $this->assertStringContainsString(
+      'For error #0: Exception: BOOM!',
+      $loggerCall['context']['previous']
+    );
+  }
+
+  /**
+   * Test if client error are not logged.
+   */
+  public function testClientError(): void {
+    $result = $this->query('query { takesIntArgument(id: "boom") }');
+    $this->assertSame(200, $result->getStatusCode());
+    // The error should be reported back to client.
+    $this->assertSame([
+      'errors' => [
+        0 => [
+          'message' => 'Field "takesIntArgument" argument "id" requires type Int!, found "boom".',
+          'extensions' => [
+            'category' => 'graphql',
+          ],
+          'locations' => [
+            0 => [
+              'line' => 1,
+              'column' => 30,
+            ],
+          ],
+        ],
+      ],
+    ], json_decode($result->getContent(), TRUE));
+    // The error should not be logged.
+    $this->assertCount(0, $this->loggerCalls);
+  }
+
+}

tests/src/Kernel/GraphQLTestBase.php

@@ -70,6 +70,7 @@ protected function setUp(): void {
     $this->installEntitySchema('graphql_server');
     $this->installEntitySchema('configurable_language');
     $this->installConfig(['language']);
+    $this->installEntitySchema('menu_link_content');
 
     $this->setUpCurrentUser([], $this->userPermissions());