When used on object types, dynamic access checks can only be run after the parent field has already been resolved (otherwise there would be no object to pass into the block). Unfortunately, this opens the door for a number of side- channel attacks.
Consider for example the following simplified schema definition:
class QueryRoot < GraphApi::ObjectType| package main | |
| import ( | |
| "fmt" | |
| "log" | |
| "os" | |
| "runtime/pprof" | |
| ) | |
| func main() { |
| package main | |
| import ( | |
| "bufio" | |
| "encoding/json" | |
| "flag" | |
| "fmt" | |
| "net/http" | |
| "net/url" | |
| "os" |
| brokers = [1,2,...] | |
| # ensure exactly 3 replicas per partition | |
| for p in partitions | |
| if len(p) > 3; p = p[0...2] | |
| if len(p) < 3; p += (brokers - p).sample(3 - len(p)) | |
| weights = {} | |
| for p in partitions | |
| for b in p |
| package main | |
| import ( | |
| "fmt" | |
| "log" | |
| "os" | |
| "github.com/Shopify/sarama" | |
| ) |
| " Experimentally integrate YouCompleteMe with vim-multiple-cursors, otherwise | |
| " the numerous Cursor events cause great slowness | |
| " (https://github.com/kristijanhusak/vim-multiple-cursors/issues/4) | |
| function Multiple_cursors_before() | |
| let s:old_ycm_whitelist = g:ycm_filetype_whitelist | |
| let g:ycm_filetype_whitelist = {} | |
| endfunction | |
| function Multiple_cursors_after() |