module GraphQL::Authorization::Analyzer

def call(memo, visit_type, irep_node)

def call(memo, visit_type, irep_node)
  if visit_type == :enter
    field = irep_node.definition
    if field
      schema = memo[:schema]
      ctx = memo[:context]
      next_field_accessible = schema.accessible?(field, ctx)
      if !next_field_accessible
        memo[:inaccessible_nodes] << irep_node
      else
        arg_accessible = true
        irep_node.arguments.argument_values.each do |name, arg_value|
          arg_accessible = schema.accessible?(arg_value.definition, ctx)
          if !arg_accessible
            memo[:inaccessible_nodes] << irep_node
            break
          end
        end
        if arg_accessible
          return_type = field.type.unwrap
          next_type_accessible = schema.accessible?(return_type, ctx)
          if !next_type_accessible
            memo[:inaccessible_nodes] << irep_node
          end
        end
      end
    end
  end
  memo
end

def final_value(memo)

def final_value(memo)
  nodes = memo[:inaccessible_nodes]
  if nodes.any?
    fields = nodes.map do |node|
      field_inst = node.definition
      # Get the "source of truth" for this field
      field_inst.metadata[:type_class] || field_inst
    end
    context = memo[:context]
    err = InaccessibleFieldsError.new(fields: fields, irep_nodes: nodes, context: context)
    context.schema.inaccessible_fields(err)
  else
    nil
  end
end

def initial_value(query)

def initial_value(query)
  {
    schema: query.schema,
    context: query.context,
    inaccessible_nodes: [],
  }
end