From 2e1ca3584d50c8d791ae89f43026bf2d995804b9 Mon Sep 17 00:00:00 2001
From: Lukasz Raczylo <lukasz@raczylo.com>
Date: Fri, 13 Sep 2024 21:41:17 +0100
Subject: [PATCH] further improvements (#18)

* Remove unnecessary mutex

* Update with latest, improved version of graphql client
---
 go.mod     |  4 ++--
 go.sum     |  8 ++++----
 graphql.go | 29 ++++++++++++++---------------
 3 files changed, 20 insertions(+), 21 deletions(-)

diff --git a/go.mod b/go.mod
index a690f7e..8e95d38 100644
--- a/go.mod
+++ b/go.mod
@@ -13,9 +13,9 @@ require (
 	github.com/gookit/goutil v0.6.16
 	github.com/graphql-go/graphql v0.8.1
 	github.com/jackc/pgx/v5 v5.7.1
-	github.com/lukaszraczylo/ask v0.0.0-20230927103145-2ff1123b4415
+	github.com/lukaszraczylo/ask v0.0.0-20240913191002-cd9856eb6d12
 	github.com/lukaszraczylo/go-ratecounter v0.1.12
-	github.com/lukaszraczylo/go-simple-graphql v1.2.23
+	github.com/lukaszraczylo/go-simple-graphql v1.2.25
 	github.com/redis/go-redis/v9 v9.6.1
 	github.com/stretchr/testify v1.9.0
 	github.com/valyala/fasthttp v1.55.0
diff --git a/go.sum b/go.sum
index 31a0511..fe927b0 100644
--- a/go.sum
+++ b/go.sum
@@ -48,12 +48,12 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/lukaszraczylo/ask v0.0.0-20230927103145-2ff1123b4415 h1:lvI8Wlbg4PxkRcg2f10wgoaRpfN19v+YdRek3+dLtlM=
-github.com/lukaszraczylo/ask v0.0.0-20230927103145-2ff1123b4415/go.mod h1:M+UVdyqZs++xtEPrascaVmZdOMhCnxjZ2SgH+xHpR0c=
+github.com/lukaszraczylo/ask v0.0.0-20240913191002-cd9856eb6d12 h1:XLZIwRo/hyOi04eW8G95K4QzJDKVS8QUqEO+HdLWha8=
+github.com/lukaszraczylo/ask v0.0.0-20240913191002-cd9856eb6d12/go.mod h1:M+UVdyqZs++xtEPrascaVmZdOMhCnxjZ2SgH+xHpR0c=
 github.com/lukaszraczylo/go-ratecounter v0.1.12 h1:VO6hHYGw/Jy9JUizXf/bS0AI2QX1ueWWAWckMFVJ/w4=
 github.com/lukaszraczylo/go-ratecounter v0.1.12/go.mod h1:TqXEOCtFJStk1i0tkipprv1kiDHGon1MVUisjSTBSKM=
-github.com/lukaszraczylo/go-simple-graphql v1.2.23 h1:4c7qYokPSrjzLa8qKKYgq/qZln7JHzhooozY6UTRjBc=
-github.com/lukaszraczylo/go-simple-graphql v1.2.23/go.mod h1:coYAAtPYeMgIoNhDblnyVeZwCKBXw5BGMPexpJGE0mg=
+github.com/lukaszraczylo/go-simple-graphql v1.2.25 h1:qufWMftg+DXlZcQZGHRKukLPxJWH3oNK+r2J9wNolFg=
+github.com/lukaszraczylo/go-simple-graphql v1.2.25/go.mod h1:coYAAtPYeMgIoNhDblnyVeZwCKBXw5BGMPexpJGE0mg=
 github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
 github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
diff --git a/graphql.go b/graphql.go
index 0934fd9..22e2bc0 100644
--- a/graphql.go
+++ b/graphql.go
@@ -4,7 +4,6 @@ import (
 	"strconv"
 	"strings"
 	"sync"
-	"unsafe"
 
 	"github.com/goccy/go-json"
 	fiber "github.com/gofiber/fiber/v2"
@@ -25,12 +24,9 @@ var (
 	}
 	introspectionAllowedQueries = make(map[string]struct{})
 	allowedUrls                 = make(map[string]struct{})
-	mu                          sync.RWMutex
 )
 
 func prepareQueriesAndExemptions() {
-	mu.Lock()
-	defer mu.Unlock()
 	for _, q := range cfg.Security.IntrospectionAllowed {
 		introspectionAllowedQueries[strings.ToLower(q)] = struct{}{}
 	}
@@ -78,12 +74,15 @@ func parseGraphQLQuery(c *fiber.Ctx) *parseGraphQLQueryResult {
 	if err := json.Unmarshal(c.Body(), &m); err != nil {
 		cfg.Logger.Error(&libpack_logger.LogMessage{
 			Message: "Can't unmarshal the request",
-			Pairs:   map[string]interface{}{"error": err.Error(), "body": unsafeString(c.Body())},
+			Pairs:   map[string]interface{}{"error": err.Error(), "body": string(c.Body())},
 		})
 		if ifNotInTest() {
 			cfg.Monitoring.Increment(libpack_monitoring.MetricsSkipped, nil)
 		}
-		resultPool.Put(res)
+		if res.shouldBlock {
+			resultPool.Put(res)
+			return res
+		}
 		return res
 	}
 
@@ -185,18 +184,20 @@ func parseGraphQLQuery(c *fiber.Ctx) *parseGraphQLQueryResult {
 	return res
 }
 
-func unsafeString(b []byte) string {
-	return *(*string)(unsafe.Pointer(&b))
-}
-
 func checkSelections(c *fiber.Ctx, selections []ast.Selection) bool {
-	for _, s := range selections {
+	stack := make([]ast.Selection, len(selections))
+	copy(stack, selections)
+
+	for len(stack) > 0 {
+		var s ast.Selection
+		s, stack = stack[len(stack)-1], stack[:len(stack)-1]
+
 		if field, ok := s.(*ast.Field); ok {
 			if checkIfContainsIntrospection(c, field.Name.Value) {
 				return true
 			}
-			if field.SelectionSet != nil && checkSelections(c, field.GetSelectionSet().Selections) {
-				return true
+			if field.SelectionSet != nil {
+				stack = append(stack, field.GetSelectionSet().Selections...)
 			}
 		}
 	}
@@ -205,8 +206,6 @@ func checkSelections(c *fiber.Ctx, selections []ast.Selection) bool {
 
 func checkIfContainsIntrospection(c *fiber.Ctx, whatever string) bool {
 	whateverLower := strings.ToLower(whatever)
-	mu.RLock()
-	defer mu.RUnlock()
 
 	if _, exists := introspectionQueries[whateverLower]; exists {
 		if len(cfg.Security.IntrospectionAllowed) > 0 {