Support only option when mounting route

Author: mcelicalderon

lib/graphql_devise/rails/routes.rb

@@ -3,6 +3,11 @@ class Mapper
     def mount_graphql_devise_for(resource, opts = {})
       custom_operations  = opts[:operations] || {}
       skipped_operations = opts.fetch(:skip, [])
+      only_operations    = opts.fetch(:only, [])
+
+      if [skipped_operations, only_operations].all?(&:any?)
+        raise GraphqlDevise::Error, "Can't specify both `skip` and `only` options when mounting the route."
+      end
 
       default_mutations = {
         login:               GraphqlDevise::Mutations::Login,
@@ -20,6 +25,9 @@ def mount_graphql_devise_for(resource, opts = {})
       unless skipped_operations.all? { |skipped| supported_operations.include?(skipped) }
         raise GraphqlDevise::Error, 'Trying to skip a non supported operation. Check for typos.'
       end
+      unless only_operations.all? { |only| supported_operations.include?(only) }
+        raise GraphqlDevise::Error, 'One of the `only` operations is not supported. Check for typos.'
+      end
 
       path         = opts.fetch(:at, '/graphql_auth')
       mapping_name = resource.underscore.tr('/', '_').to_sym
@@ -34,7 +42,12 @@ def mount_graphql_devise_for(resource, opts = {})
                            "Types::#{resource}Type".safe_constantize ||
                            GraphqlDevise::Types::AuthenticableType
 
-      default_mutations.except(*skipped_operations).each do |action, mutation|
+      used_mutations = if only_operations.present?
+        default_mutations.slice(*only_operations)
+      else
+        default_mutations.except(*skipped_operations)
+      end
+      used_mutations.each do |action, mutation|
         used_mutation = if custom_operations[action].present?
           custom_operations[action]
         else
@@ -49,7 +62,12 @@ def mount_graphql_devise_for(resource, opts = {})
         GraphqlDevise::Types::MutationType.field("#{mapping_name}_#{action}", mutation: used_mutation)
       end
 
-      default_queries.except(*skipped_operations).each do |action, query|
+      used_queries = if only_operations.present?
+        default_queries.slice(*only_operations)
+      else
+        default_queries.except(*skipped_operations)
+      end
+      used_queries.each do |action, query|
         used_query = if custom_operations[action].present?
           custom_operations[action]
         else

spec/dummy/app/models/guest.rb

@@ -0,0 +1,9 @@
+class Guest < ApplicationRecord
+  devise :database_authenticatable,
+         :registerable,
+         :recoverable,
+         :validatable,
+         :confirmable
+
+  include GraphqlDevise::Concerns::Model
+end

spec/dummy/config/routes.rb

@@ -11,5 +11,11 @@
     at:                 '/api/v1/admin/graphql_auth'
   )
 
+  mount_graphql_devise_for(
+    'Guest',
+    only: [:login, :logout],
+    at:   '/api/v1/guest/graphql_auth'
+  )
+
   post '/api/v1/graphql', to: 'api/v1/graphql#graphql'
 end

spec/dummy/db/migrate/20191013213045_create_guests.rb

@@ -0,0 +1,36 @@
+class CreateGuests < ActiveRecord::Migration[6.0]
+  def change
+    create_table :guests do |t|
+      ## Required
+      t.string :provider, null: false, default: 'email'
+      t.string :uid, null: false, default: ''
+
+      ## Database authenticatable
+      t.string :encrypted_password, null: false, default: ''
+
+      ## Recoverable
+      t.string   :reset_password_token
+      t.datetime :reset_password_sent_at
+      t.boolean  :allow_password_change, default: false
+
+      ## Confirmable
+      t.string   :confirmation_token
+      t.datetime :confirmed_at
+      t.datetime :confirmation_sent_at
+      t.string   :unconfirmed_email # Only if using reconfirmable
+
+      ## User Info
+      t.string :email
+
+      ## Tokens
+      t.text :tokens
+
+      t.timestamps
+    end
+
+    add_index :guests, :email,                unique: true
+    add_index :guests, [:uid, :provider],     unique: true
+    add_index :guests, :reset_password_token, unique: true
+    add_index :guests, :confirmation_token,   unique: true
+  end
+end

spec/dummy/db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_09_16_012505) do
+ActiveRecord::Schema.define(version: 2019_10_13_213045) do
 
   create_table "admins", force: :cascade do |t|
     t.string "provider", default: "email", null: false
@@ -33,6 +33,27 @@
     t.index ["uid", "provider"], name: "index_admins_on_uid_and_provider", unique: true
   end
 
+  create_table "guests", force: :cascade do |t|
+    t.string "provider", default: "email", null: false
+    t.string "uid", default: "", null: false
+    t.string "encrypted_password", default: "", null: false
+    t.string "reset_password_token"
+    t.datetime "reset_password_sent_at"
+    t.boolean "allow_password_change", default: false
+    t.string "confirmation_token"
+    t.datetime "confirmed_at"
+    t.datetime "confirmation_sent_at"
+    t.string "unconfirmed_email"
+    t.string "email"
+    t.text "tokens"
+    t.datetime "created_at", precision: 6, null: false
+    t.datetime "updated_at", precision: 6, null: false
+    t.index ["confirmation_token"], name: "index_guests_on_confirmation_token", unique: true
+    t.index ["email"], name: "index_guests_on_email", unique: true
+    t.index ["reset_password_token"], name: "index_guests_on_reset_password_token", unique: true
+    t.index ["uid", "provider"], name: "index_guests_on_uid_and_provider", unique: true
+  end
+
   create_table "users", force: :cascade do |t|
     t.string "provider", default: "email", null: false
     t.string "uid", default: "", null: false

spec/factories/guests.rb

@@ -0,0 +1,10 @@
+FactoryBot.define do
+  factory :guest do
+    email    { Faker::Internet.unique.email }
+    password { Faker::Internet.password }
+
+    trait :confirmed do
+      confirmed_at { Time.now }
+    end
+  end
+end

spec/requests/mutations/login_spec.rb

@@ -114,4 +114,28 @@
       )
     end
   end
+
+  context 'when using the guest model' do
+    let(:guest) { create(:guest, :confirmed, password: password) }
+    let(:query) do
+      <<-GRAPHQL
+        mutation {
+          guestLogin(
+            email: "#{guest.email}",
+            password: "#{password}"
+          ) {
+            authenticable { email }
+          }
+        }
+      GRAPHQL
+    end
+
+    before { post_request }
+
+    it 'works alongside the user mount point' do
+      expect(json_response[:data][:guestLogin]).to include(
+        authenticable: { email: guest.email }
+      )
+    end
+  end
 end

spec/requests/mutations/sign_up_spec.rb

@@ -103,4 +103,31 @@
       )
     end
   end
+
+  context 'when using the guest model' do
+    let(:query) do
+      <<-GRAPHQL
+        mutation {
+          guestSignUp(
+            email:                "#{email}"
+            password:             "#{password}"
+            passwordConfirmation: "#{password}"
+            confirmSuccessUrl:    "#{redirect}"
+          ) {
+            authenticable {
+              email
+            }
+          }
+        }
+      GRAPHQL
+    end
+
+    before { post_request }
+
+    it 'skips the sign up mutation' do
+      expect(json_response[:errors]).to contain_exactly(
+        hash_including(message: "Field 'guestSignUp' doesn't exist on type 'Mutation'")
+      )
+    end
+  end
 end

spec/requests/queries/check_password_token_spec.rb

@@ -105,4 +105,28 @@
       )
     end
   end
+
+  context 'when using the guest model' do
+    let(:token) { 'not_important' }
+    let(:query) do
+      <<-GRAPHQL
+        query {
+          guestCheckPasswordToken(
+            resetPasswordToken: "#{token}",
+            redirectUrl: "#{redirect_url}"
+          ) {
+            email
+          }
+        }
+      GRAPHQL
+    end
+
+    before { post_request }
+
+    it 'skips the sign up mutation' do
+      expect(json_response[:errors]).to contain_exactly(
+        hash_including(message: "Field 'guestCheckPasswordToken' doesn't exist on type 'Query'")
+      )
+    end
+  end
 end