allow formatErrorMessage callback (#3)

* allow onCost callback for logging

* formatErrorMessage

* include cost in default message

* fix test

* bring onCost back

* update readme

* address feedback

* update package-lock

* Clean things up a bit

Author: chirag04

.babelrc

@@ -1,5 +1,8 @@
 {
   "presets": [
     ["env", { "loose": true }]
+  ],
+  "plugins": [
+    "transform-object-rest-spread"
   ]
 }

README.md

@@ -13,7 +13,7 @@ const ComplexityLimitRule = createComplexityLimitRule(1000);
 // Then use this rule with validate().
 ```
 
-You can also provide custom costs for scalars and objects, and a custom cost factor for lists.
+You can provide a configuration object with custom costs for scalars and objects as `scalarCost` and `objectCost` respectively, and a custom cost factor for lists as `listFactor`.
 
 ```js
 const ComplexityLimitRule = createComplexityLimitRule(1000, {
@@ -23,6 +23,19 @@ const ComplexityLimitRule = createComplexityLimitRule(1000, {
 });
 ```
 
+The configuration object also supports an `onCost` callback for logging query costs and a `formatErrorMessage` callback for customizing error messages. `onCost` will be called for every query with its cost. `formatErrorMessage` will be called with the cost whenever a query exceeds the complexity limit, and should return a string containing the error message.
+
+```js
+const ComplexityLimitRule = createComplexityLimitRule(1000, {
+  onCost: (cost) => {
+    console.log('query cost:', cost);
+  },
+  formatErrorMessage: cost => (
+    `query with cost ${cost} exceeds complexity limit`
+  ),
+});
+```
+
 [build-badge]: https://img.shields.io/travis/4Catalyzer/graphql-validation-complexity/master.svg
 [build]: https://travis-ci.org/4Catalyzer/graphql-validation-complexity
 

package-lock.json

@@ -41,6 +41,7 @@
     "babel-cli": "^6.24.1",
     "babel-eslint": "^7.2.3",
     "babel-jest": "^20.0.3",
+    "babel-plugin-transform-object-rest-spread": "^6.23.0",
     "babel-preset-env": "^1.5.2",
     "codecov": "^2.2.0",
     "eslint": "^3.19.0",

package.json

@@ -130,7 +130,20 @@ export class ComplexityVisitor {
   }
 }
 
-export function createComplexityLimitRule(maxCost, options = {}) {
+function complexityLimitExceededErrorMessage() {
+  // By default, don't respond with the cost to avoid leaking information about
+  // the cost scheme to a potentially malicious client.
+  return 'query exceeds complexity limit';
+}
+
+export function createComplexityLimitRule(
+  maxCost,
+  {
+    onCost,
+    formatErrorMessage = complexityLimitExceededErrorMessage,
+    ...options
+  } = {},
+) {
   return function ComplexityLimit(context) {
     const visitor = new ComplexityVisitor(context, options);
 
@@ -149,9 +162,15 @@ export function createComplexityLimitRule(maxCost, options = {}) {
         }
 
         if (node.kind === 'Document') {
-          if (visitor.getCost() > maxCost) {
+          const cost = visitor.getCost();
+
+          if (onCost) {
+            onCost(cost);
+          }
+
+          if (cost > maxCost) {
             context.reportError(new GraphQLError(
-              'query exceeds complexity limit', [node],
+              formatErrorMessage(cost), [node],
             ));
           }
         }

src/index.js

@@ -15,10 +15,11 @@ describe('createComplexityLimitRule', () => {
     `);
 
     const errors = validate(schema, ast, [createComplexityLimitRule(9)]);
+
     expect(errors).toHaveLength(0);
   });
 
-  it('should not report error on an invalid query', () => {
+  it('should report error on an invalid query', () => {
     const ast = parse(`
       query {
         list {
@@ -28,9 +29,69 @@ describe('createComplexityLimitRule', () => {
     `);
 
     const errors = validate(schema, ast, [createComplexityLimitRule(9)]);
+
     expect(errors).toHaveLength(1);
     expect(errors[0]).toMatchObject({
       message: 'query exceeds complexity limit',
     });
   });
+
+  it('should call onCost with complexity score', () => {
+    const ast = parse(`
+      query {
+        item {
+          name
+        }
+      }
+    `);
+
+    const onCostSpy = jest.fn();
+
+    const errors = validate(schema, ast, [
+      createComplexityLimitRule(9, { onCost: onCostSpy }),
+    ]);
+
+    expect(errors).toHaveLength(0);
+    expect(onCostSpy).toHaveBeenCalledWith(1);
+  });
+
+  it('should call onCost with cost when there are errors', () => {
+    const ast = parse(`
+      query {
+        list {
+          name
+        }
+      }
+    `);
+
+    const onCostSpy = jest.fn();
+
+    const errors = validate(schema, ast, [
+      createComplexityLimitRule(9, { onCost: onCostSpy }),
+    ]);
+
+    expect(errors).toHaveLength(1);
+    expect(onCostSpy).toHaveBeenCalledWith(10);
+  });
+
+  it('should call formatErrorMessage with cost', () => {
+    const ast = parse(`
+      query {
+        list {
+          name
+        }
+      }
+    `);
+
+    const errors = validate(schema, ast, [
+      createComplexityLimitRule(9, {
+        formatErrorMessage: cost => `custom error, cost ${cost}`,
+      }),
+    ]);
+
+    expect(errors).toHaveLength(1);
+    expect(errors[0]).toMatchObject({
+      message: 'custom error, cost 10',
+    });
+  });
 });