Can't access cypherParams from @authorization rule

[jbhurruth]

Describe the bug

I'm trying to do a node property comparison with a DateTime that is passed as a cypherParams field inside an @authorization.filter rule. The cypherParam doesn't seem to be injected into the query correctly, being interpolated as a reference to a string parameter named param1 instead of the DateTime parameter named yesterday. The param1 string is itself the string "$yesterday" so it almost worked but wrapped the reference in an unnecessary layer.

Type definitions

type User @authorization(
  filter: [{
    where: { node: { timestamp_GT: "$yesterday"} }
  }]
) {
  id: ID! @id @unique
  timestamp: DateTime! @timestamp
}

const apolloMiddleware = expressMiddleware(apolloServer, {
  context: async ({ req }) => {
    return {
      cypherParams: {
        yesterday: new Date(Date.now() - 1000 * 60 * 60 * 24),
      },
    };
  },
});

To Reproduce

Run the following mutation and query

mutation {
  createUsers(input: [{}]) {
    users {
      id
      timestamp
    }
    info {
      nodesCreated
    }
  }
}

query {
  users {
    id
    timestamp
  }
}

The result is an empty list.

The generated cypher for the query shows the issue

MATCH (this:User)
WITH *
WHERE ($isAuthenticated = true AND ($param1 IS NOT NULL AND this.timestamp > $param1))
RETURN this { .id, timestamp: apoc.date.convertFormat(toString(this.timestamp), "iso_zoned_date_time", "iso_offset_date_time") } AS this

cypher params: {
  isAuthenticated: false,
  param1: '$yesterday',
  yesterday: 2024-01-31T15:48:37.318Z
}

Expected behavior
The query should return any node that was not created more than 24 hours ago.

System:

• OS: macOS 13.0
• Version: @neo4j/[email protected]
• Node.js version: v21.4.0

[neo4j-team-graphql]

Many thanks for raising this bug report @jbhurruth. 🐛 We will now attempt to reproduce the bug based on the steps you have provided.

Please ensure that you've provided the necessary information for a minimal reproduction, including but not limited to:

• Type definitions
• Resolvers
• Query and/or Mutation (or multiple) needed to reproduce

If you have a support agreement with Neo4j, please link this GitHub issue to a new or existing Zendesk ticket.

Thanks again! 🙏

[darrellwarde]

I've relabelled this as a feature request - this is not a feature we claim to support so we will have to look into adding support for this.

[darrellwarde]

I think a workaround here is to put yesterday directly into the context and refer to it using $context.yesterday.

[jbhurruth]

Amazing, thanks! Unfortunately the workaround doesn't work for me. There was a bug in my repro where isAuthenticated: false but even after fixing this the comparison still fails. Everything looks like it should be fine but I guess the param type is ambiguous from the debug logging so I'll dig a bit deeper to confirm that its comparing two DateTimes.

[neo4j-team-graphql]

Many thanks for raising this bug report @jbhurruth. 🐛 We will now attempt to reproduce the bug based on the steps you have provided.

Please ensure that you've provided the necessary information for a minimal reproduction, including but not limited to:

• Type definitions
• Resolvers
• Query and/or Mutation (or multiple) needed to reproduce

If you have a support agreement with Neo4j, please link this GitHub issue to a new or existing Zendesk ticket.

Thanks again! 🙏

[neo4j-team-graphql]

We've been able to confirm this bug using the steps to reproduce that you provided - many thanks @jbhurruth! 🙏 We will now prioritise the bug and address it appropriately.

[darrellwarde]

Amazing, thanks! Unfortunately the workaround doesn't work for me. There was a bug in my repro where isAuthenticated: false but even after fixing this the comparison still fails. Everything looks like it should be fine but I guess the param type is ambiguous from the debug logging so I'll dig a bit deeper to confirm that its comparing two DateTimes.

So doing a final investigation on this, the feature does work as it should. Your issue seems to be with the fact that it is a DateTime type. When passing the value into cypherParams, you should look into parsing it into a Neo4j type using the driver, for example: https://github.com/neo4j/graphql/blob/dev/packages/graphql/src/graphql/scalars/DateTime.ts#L41

I hope that helps!

[jbhurruth]

@darrellwarde Thanks for that! I forgot to update that I figured it out shortly after my last comment. I didn't expect it to get turned back into a bug ticket based on my overshare of "not your problem" info 😅 It was a bit tricky to debug due to how the debug logging prints JS Dates and neo4j DateTime objects similarly, but all good now.