Merge pull request #149 from graphql-devise/allow_setting_resources_directly_into_schema_during_tests

00dav00 · web-flow · commit ef45044184e7 · 2021-02-11T07:11:11.000-05:00
Allow setting current resource in tests
diff --git a/lib/graphql_devise/schema_plugin.rb b/lib/graphql_devise/schema_plugin.rb
@@ -24,13 +24,12 @@ def trace(event, trace_data)
       # Authenticate only root level queries
       return yield unless event == 'execute_field' && path(trace_data).count == 1
 
-      field = traced_field(trace_data)
-      provided_value = authenticate_option(field, trace_data)
-      context = set_current_resource(context_from_data(trace_data))
+      field         = traced_field(trace_data)
+      auth_required = authenticate_option(field, trace_data)
+      context       = context_from_data(trace_data)
 
-      if !provided_value.nil?
-        raise_on_missing_resource(context, field) if provided_value
-      elsif @authenticate_default
+      if auth_required
+        context = set_current_resource(context)
         raise_on_missing_resource(context, field)
       end
 
@@ -40,9 +39,10 @@ def trace(event, trace_data)
     private
 
     def set_current_resource(context)
-      controller                 = context[:controller]
-      resource_names             = Array(context[:resource_name])
-      context[:current_resource] = resource_names.find do |resource_name|
+      controller     = context[:controller]
+      resource_names = Array(context[:resource_name])
+
+      context[:current_resource] ||= resource_names.find do |resource_name|
         unless Devise.mappings.key?(resource_name)
           raise(
             GraphqlDevise::Error,
@@ -88,11 +88,13 @@ def traced_field(trace_data)
     end
 
     def authenticate_option(field, trace_data)
-      if trace_data[:context]
+      auth_required = if trace_data[:context]
         field.metadata[:authenticate]
       else
         field.graphql_definition.metadata[:authenticate]
       end
+
+      auth_required.nil? ? @authenticate_default : auth_required
     end
 
     def reconfigure_warden!
diff --git a/spec/graphql/user_queries_spec.rb b/spec/graphql/user_queries_spec.rb
@@ -0,0 +1,118 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Users controller specs' do
+  include_context 'with graphql schema test'
+
+  let(:schema)          { DummySchema }
+  let(:user)            { create(:user, :confirmed) }
+  let(:field)           { 'privateField' }
+  let(:public_message)  { 'Field does not require authentication' }
+  let(:private_message) { 'Field will always require authentication' }
+  let(:private_error) do
+    {
+      message:    "#{field} field requires authentication",
+      extensions: { code: 'AUTHENTICATION_ERROR' }
+    }
+  end
+
+  describe 'publicField' do
+    let(:query) do
+      <<-GRAPHQL
+        query {
+          publicField
+        }
+      GRAPHQL
+    end
+
+    context 'when using a regular schema' do
+      it 'does not require authentication' do
+        expect(response[:data][:publicField]).to eq(public_message)
+      end
+    end
+  end
+
+  describe 'privateField' do
+    let(:query) do
+      <<-GRAPHQL
+        query {
+          privateField
+        }
+      GRAPHQL
+    end
+
+    context 'when using a regular schema' do
+      context 'when user is authenticated' do
+        let(:resource) { user }
+
+        it 'allows to perform the query' do
+          expect(response[:data][:privateField]).to eq(private_message)
+        end
+
+        context 'when using a SchemaUser' do
+          let(:resource) { create(:schema_user, :confirmed) }
+
+          it 'allows to perform the query' do
+            expect(response[:data][:privateField]).to eq(private_message)
+          end
+        end
+      end
+    end
+
+    context 'when using an interpreter schema' do
+      let(:schema) { InterpreterSchema }
+
+      context 'when user is authenticated' do
+        let(:resource) { user }
+
+        it 'allows to perform the query' do
+          expect(response[:data][:privateField]).to eq(private_message)
+        end
+      end
+    end
+  end
+
+  describe 'user' do
+    let(:user_data) { { email: user.email, id: user.id } }
+    let(:query) do
+      <<-GRAPHQL
+        query {
+          user(id: #{user.id}) {
+            id
+            email
+          }
+        }
+      GRAPHQL
+    end
+
+    context 'when using a regular schema' do
+      context 'when user is authenticated' do
+        let(:resource) { user }
+
+        it 'allows to perform the query' do
+          expect(response[:data][:user]).to match(**user_data)
+        end
+      end
+    end
+
+    context 'when using an interpreter schema' do
+      let(:schema) { InterpreterSchema }
+
+      context 'when user is authenticated' do
+        let(:resource) { user }
+
+        it 'allows to perform the query' do
+          expect(response[:data][:user]).to match(**user_data)
+        end
+      end
+
+      context 'when user is not authenticated' do
+        # Interpreter schema fields are public unless specified otherwise (plugin setting)
+        it 'allows to perform the query' do
+          expect(response[:data][:user]).to match(**user_data)
+        end
+      end
+    end
+  end
+end
diff --git a/spec/requests/user_controller_spec.rb b/spec/requests/user_controller_spec.rb
@@ -31,15 +31,6 @@
         expect(json_response[:data][:publicField]).to eq('Field does not require authentication')
       end
     end
-
-    context 'when using the failing route' do
-      it 'raises an invalid resource_name error' do
-        expect { post_request('/api/v1/failing') }.to raise_error(
-          GraphqlDevise::Error,
-          'Invalid resource_name `fail` provided to `graphql_context`. Possible values are: [:user, :admin, :guest, :users_customer, :schema_user].'
-        )
-      end
-    end
   end
 
   describe 'privateField' do
@@ -77,6 +68,15 @@
           )
         end
       end
+
+      context 'when using the failing route' do
+        it 'raises an invalid resource_name error' do
+          expect { post_request('/api/v1/failing') }.to raise_error(
+            GraphqlDevise::Error,
+            'Invalid resource_name `fail` provided to `graphql_context`. Possible values are: [:user, :admin, :guest, :users_customer, :schema_user].'
+          )
+        end
+      end
     end
 
     context 'when using an interpreter schema' do
diff --git a/spec/support/contexts/schema_test.rb b/spec/support/contexts/schema_test.rb
@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+RSpec.shared_context 'with graphql schema test' do
+  let(:variables)      { {} }
+  let(:resource_names) { [:user] }
+  let(:resource)       { nil }
+  let(:controller)     { instance_double(GraphqlDevise::GraphqlController) }
+  let(:context) do
+    { current_resource: resource, controller: controller, resource_name: resource_names }
+  end
+  let(:response) do
+    schema.execute(query, context: context, variables: variables).deep_symbolize_keys
+  end
+end
