feat: fix nested rule logic

theodesp · theodesp · commit c77a2bac3fb1 · 2025-08-12T11:57:41.000+01:00
diff --git a/plugins/wpgraphql-debug-extensions/src/Analysis/Rules/NestedQuery.php b/plugins/wpgraphql-debug-extensions/src/Analysis/Rules/NestedQuery.php
@@ -1,7 +1,7 @@
 <?php
 /**
- * Corrected Rule to detect and warn about overly nested GraphQL queries,
- * with proper fragment handling.
+ * Rule to detect and warn about overly nested GraphQL queries,
+ * with proper fragment handling and recursion protection.
  *
  * @package WPGraphQL\Debug\Analysis\Rules
  */
@@ -15,7 +15,6 @@
 use GraphQL\Language\AST\FragmentDefinitionNode;
 use GraphQL\Language\AST\FragmentSpreadNode;
 use GraphQL\Language\AST\InlineFragmentNode;
-use GraphQL\Language\AST\Node;
 use GraphQL\Language\AST\OperationDefinitionNode;
 use GraphQL\Language\AST\SelectionSetNode;
 use GraphQL\Language\Parser;
@@ -25,122 +24,145 @@
 
 class NestedQuery implements AnalyzerItemInterface {
 
-    protected int $maxDepth;
-    protected ?string $message = null;
-
-    /**
-     * @param int $maxDepth The maximum allowed nesting depth.
-     */
-    public function __construct( int $maxDepth = 8 ) {
-        $this->maxDepth = $maxDepth;
-    }
-
-    /**
-     * @inheritDoc
-     */
-    public function analyze( string $query, array $variables = [], ?Schema $schema = null ): array {
-        $triggered = false;
-        $maxDepthReached = 0;
-
-        try {
-            /** @var DocumentNode $ast */
-            $ast = Parser::parse( $query );
-        } catch ( SyntaxError $error ) {
-            $this->message = 'Failed to analyze nesting depth due to GraphQL syntax error: ' . $error->getMessage();
-            return [
-                'triggered' => false,
-                'message'   => $this->message,
-                'details'   => [ 'maxDepthReached' => 0 ],
-            ];
-        }
-
-        // Store fragment definitions in a map for easy lookup
-        $fragments = [];
-        foreach ( $ast->definitions as $definition ) {
-            if ( $definition instanceof FragmentDefinitionNode ) {
-                $fragments[ $definition->name->value ] = $definition;
-            }
-        }
-
-        // Find the operation definition and analyze its depth
-        foreach ( $ast->definitions as $definition ) {
-            if ( $definition instanceof OperationDefinitionNode ) {
-                // Start the recursion with a depth of 1, as the first field is the first level of nesting.
-                $currentDepth = $this->getSelectionSetDepth( $definition->selectionSet, $fragments, 1 );
-                $maxDepthReached = max( $maxDepthReached, $currentDepth );
-            }
-        }
-
-        // Use >= to trigger the rule when the max depth is reached or exceeded.
-        if ( $maxDepthReached >= $this->maxDepth ) {
-            $triggered = true;
-            $this->message = sprintf(
-                'Nested query depth of %d reached or exceeded the configured maximum of %d.',
-                $maxDepthReached,
-                $this->maxDepth
-            );
-        } else {
-            $this->message = sprintf(
-                'Nested query depth of %d is within the allowed limit of %d.',
-                $maxDepthReached,
-                $this->maxDepth
-            );
-        }
-
-        return [
-            'triggered' => $triggered,
-            'message'   => $this->message,
-            'details'   => [
-                'maxDepthReached' => $maxDepthReached,
-                'maxAllowed'      => $this->maxDepth,
-            ],
-        ];
-    }
-
-    /**
-     * Recursively calculates the maximum depth of a SelectionSet, including fragments.
-     *
-     * @param SelectionSetNode $selectionSet The selection set to analyze.
-     * @param array $fragments Map of fragment definitions.
-     * @param int $currentDepth The current depth of the traversal.
-     *
-     * @return int The maximum depth found.
-     */
-    protected function getSelectionSetDepth( SelectionSetNode $selectionSet, array $fragments, int $currentDepth = 0 ): int {
-        $maxDepth = $currentDepth;
-
-        foreach ( $selectionSet->selections as $selection ) {
-            $selectionMaxDepth = 0;
-
-            if ( $selection instanceof FieldNode && $selection->selectionSet instanceof SelectionSetNode ) {
-                $selectionMaxDepth = $this->getSelectionSetDepth( $selection->selectionSet, $fragments, $currentDepth + 1 );
-            }
-
-            if ( $selection instanceof FragmentSpreadNode ) {
-                // If a fragment spread is found, get the fragment definition and recurse.
-                if ( isset( $fragments[ $selection->name->value ] ) ) {
-                    /** @var FragmentDefinitionNode $fragmentDefinition */
-                    $fragmentDefinition = $fragments[ $selection->name->value ];
-                    // The depth of the fragment is added to the current depth.
-                    $selectionMaxDepth = $this->getSelectionSetDepth( $fragmentDefinition->selectionSet, $fragments, $currentDepth + 1 );
-                }
-            }
-
-            if ( $selection instanceof InlineFragmentNode && $selection->selectionSet instanceof SelectionSetNode ) {
-                // An inline fragment is also a new selection set, so recurse.
-                $selectionMaxDepth = $this->getSelectionSetDepth( $selection->selectionSet, $fragments, $currentDepth + 1 );
-            }
-
-            $maxDepth = max( $maxDepth, $selectionMaxDepth );
-        }
-
-        return $maxDepth;
-    }
-
-    /**
-     * @inheritDoc
-     */
-    public function getKey(): string {
-        return 'nestedQuery';
-    }
-}
+	protected int $maxDepth;
+	protected ?string $message = null;
+
+	/**
+	 * @param int $maxDepth The maximum allowed nesting depth.
+	 */
+	public function __construct( int $maxDepth = 8 ) {
+		$this->maxDepth = $maxDepth;
+	}
+
+	/**
+	 * @inheritDoc
+	 */
+	public function analyze( string $query, array $variables = [], ?Schema $schema = null ): array {
+		$triggered       = false;
+		$maxDepthReached = 0;
+
+		try {
+			/** @var DocumentNode $ast */
+			$ast = Parser::parse( $query );
+		} catch ( SyntaxError $error ) {
+			$this->message = 'Failed to analyze nesting depth due to GraphQL syntax error: ' . $error->getMessage();
+			return [
+				'triggered' => false,
+				'message'   => $this->message,
+				'details'   => [ 'maxDepthReached' => 0 ],
+			];
+		}
+
+		// Store fragment definitions for lookup
+		$fragments = [];
+		foreach ( $ast->definitions as $definition ) {
+			if ( $definition instanceof FragmentDefinitionNode ) {
+				$fragments[ $definition->name->value ] = $definition;
+			}
+		}
+
+		// Analyze depth for each operation definition
+		foreach ( $ast->definitions as $definition ) {
+			if ( $definition instanceof OperationDefinitionNode ) {
+				// Start depth at 1 because the first field is depth level 1.
+				$currentDepth     = $this->getSelectionSetDepth( $definition->selectionSet, $fragments, 1, [] );
+				$maxDepthReached  = max( $maxDepthReached, $currentDepth );
+			}
+		}
+
+		if ( $maxDepthReached >= $this->maxDepth ) {
+			$triggered     = true;
+			$this->message = sprintf(
+				'Nested query depth of %d reached or exceeded the configured maximum of %d.',
+				$maxDepthReached,
+				$this->maxDepth
+			);
+		} else {
+			$this->message = sprintf(
+				'Nested query depth of %d is within the allowed limit of %d.',
+				$maxDepthReached,
+				$this->maxDepth
+			);
+		}
+
+		return [
+			'triggered' => $triggered,
+			'message'   => $this->message,
+			'details'   => [
+				'maxDepthReached' => $maxDepthReached,
+				'maxAllowed'      => $this->maxDepth,
+			],
+		];
+	}
+
+	/**
+	 * Recursively calculates the maximum depth of a SelectionSet, including fragments.
+	 *
+	 * @param SelectionSetNode $selectionSet       The selection set to analyze.
+	 * @param array            $fragments          Map of fragment definitions.
+	 * @param int              $currentDepth       The current depth of traversal.
+	 * @param array            $visitedFragments   Names of fragments already visited.
+	 *
+	 * @return int The maximum depth found.
+	 */
+	protected function getSelectionSetDepth(
+		SelectionSetNode $selectionSet,
+		array $fragments,
+		int $currentDepth = 0,
+		array $visitedFragments = []
+	): int {
+		$maxDepth = $currentDepth;
+
+		foreach ( $selectionSet->selections as $selection ) {
+			$selectionMaxDepth = $currentDepth;
+
+			// Field node
+			if ( $selection instanceof FieldNode && $selection->selectionSet instanceof SelectionSetNode ) {
+				$selectionMaxDepth = $this->getSelectionSetDepth(
+					$selection->selectionSet,
+					$fragments,
+					$currentDepth + 1,
+					$visitedFragments
+				);
+			}
+
+			// Fragment spread
+			if ( $selection instanceof FragmentSpreadNode ) {
+				$fragName = $selection->name->value;
+				if ( isset( $fragments[ $fragName ] ) && ! in_array( $fragName, $visitedFragments, true ) ) {
+					$visitedFragments[] = $fragName;
+					/** @var FragmentDefinitionNode $fragmentDefinition */
+					$fragmentDefinition = $fragments[ $fragName ];
+					// Inline fragment's selections at the current depth (no +1 here)
+					$selectionMaxDepth = $this->getSelectionSetDepth(
+						$fragmentDefinition->selectionSet,
+						$fragments,
+						$currentDepth,
+						$visitedFragments
+					);
+				}
+			}
+
+			// Inline fragment
+			if ( $selection instanceof InlineFragmentNode && $selection->selectionSet instanceof SelectionSetNode ) {
+				$selectionMaxDepth = $this->getSelectionSetDepth(
+					$selection->selectionSet,
+					$fragments,
+					$currentDepth + 1,
+					$visitedFragments
+				);
+			}
+
+			$maxDepth = max( $maxDepth, $selectionMaxDepth );
+		}
+
+		return $maxDepth;
+	}
+
+	/**
+	 * @inheritDoc
+	 */
+	public function getKey(): string {
+		return 'nestedQuery';
+	}
+}
diff --git a/plugins/wpgraphql-debug-extensions/src/Plugin.php b/plugins/wpgraphql-debug-extensions/src/Plugin.php
@@ -82,23 +82,17 @@ private function setup(): void {
 				if ( $query_analyzer_instance instanceof OriginalQueryAnalyzer ) {
 					$debug_analyzer = new QueryAnalyzer( $query_analyzer_instance );
 
-					// Define a structured list of rules to register.
-					// The value is an array containing the class name and its constructor arguments.
 					$analyzer_items = [ 
 						'complexity' => [ 'class' => Complexity::class, 'args' => [] ],
 						'unfiltered_lists' => [ 'class' => UnfilteredLists::class, 'args' => [] ],
 						'nested_query' => [ 'class' => NestedQuery::class, 'args' => [ ] ],
 					];
-
-					// Apply a filter to allow other plugins to add, remove, or modify this list.
 					$analyzer_items = apply_filters( 'graphql_debug_extensions_analyzer_items', $analyzer_items );
 
-					// Loop through the filtered list and instantiate each class.
 					foreach ( $analyzer_items as $item_config ) {
 						$class_name = $item_config['class'];
 						$args = $item_config['args'] ?? [];
-
-						// Instantiate the class with its constructor arguments using the spread operator.
+						
 						$instance = new $class_name( ...$args );
 						$debug_analyzer->addAnalyzerItem( $instance );
 					}
