Skip to content

Commit

Permalink
fix(GraphQL): Fix order and offset in auth queries. (#6221)
Browse files Browse the repository at this point in the history
* Fix order and offset in auth queries.

* Remove order from top-level auth filter.
  • Loading branch information
Arijit Das authored Aug 18, 2020
1 parent 549557b commit a5bfd4a
Show file tree
Hide file tree
Showing 5 changed files with 218 additions and 56 deletions.
163 changes: 163 additions & 0 deletions graphql/e2e/auth/auth_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,18 @@ type Student struct {
Email string `json:"email,omitempty"`
}

type Task struct {
Id string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Occurrences []*TaskOccurrence `json:"occurrences,omitempty"`
}

type TaskOccurrence struct {
Id string `json:"id,omitempty"`
Due string `json:"due,omitempty"`
Comp string `json:"comp,omitempty"`
}

type TestCase struct {
user string
role string
Expand All @@ -136,6 +148,22 @@ type uidResult struct {
}
}

type Tasks []Task
func (tasks Tasks) add(t *testing.T) {
getParams := &common.GraphQLParams{
Query: `
mutation AddTask($tasks : [AddTaskInput!]!) {
addTask(input: $tasks) {
numUids
}
}
`,
Variables: map[string]interface{}{"tasks": tasks},
}
gqlResponse := getParams.ExecuteAsPost(t, graphqlURL)
require.Nil(t, gqlResponse.Errors)
}

func (r *Region) add(t *testing.T, user, role string) {
getParams := &common.GraphQLParams{
Headers: getJWT(t, user, role),
Expand Down Expand Up @@ -401,6 +429,141 @@ func TestAuthRulesWithMissingJWT(t *testing.T) {
}
}

func TestOrderAndOffset(t *testing.T) {
tasks := Tasks{
Task{
Name: "First Task four occurrence",
Occurrences: []*TaskOccurrence{
{Due: "2020-07-19T08:00:00", Comp: "2020-07-19T08:00:00"},
{Due: "2020-07-19T08:00:00", Comp: "2020-07-19T08:00:00"},
{Due: "2020-07-19T08:00:00", Comp: "2020-07-19T08:00:00"},
{Due: "2020-07-19T08:00:00", Comp: "2020-07-19T08:00:00"},
},
},
Task{
Name: "Second Task single occurrence",
Occurrences: []*TaskOccurrence{
{Due: "2020-07-19T08:00:00", Comp: "2020-07-19T08:00:00"},
},
},
Task{
Name: "Third Task no occurrence",
Occurrences: []*TaskOccurrence{},
},
Task{
Name: "Fourth Task two occurrences",
Occurrences: []*TaskOccurrence{
{Due: "2020-07-19T08:00:00", Comp: "2020-07-19T08:00:00"},
{Due: "2020-07-19T08:00:00", Comp: "2020-07-19T08:00:00"},
},
},
}
tasks.add(t)

query := `
query {
queryTask(first: 4, order: {asc : name}) {
name
occurrences(first: 2) {
due
comp
}
}
}
`
testCases := []TestCase{{
user: "user1",
role: "ADMIN",
result: `
{
"queryTask": [
{
"name": "First Task four occurrence",
"occurrences": [
{
"due": "2020-07-19T08:00:00Z",
"comp": "2020-07-19T08:00:00Z"
},
{
"due": "2020-07-19T08:00:00Z",
"comp": "2020-07-19T08:00:00Z"
}
]
},
{
"name": "Fourth Task two occurrences",
"occurrences": [
{
"due": "2020-07-19T08:00:00Z",
"comp": "2020-07-19T08:00:00Z"
},
{
"due": "2020-07-19T08:00:00Z",
"comp": "2020-07-19T08:00:00Z"
}
]
},
{
"name": "Second Task single occurrence",
"occurrences": [
{
"due": "2020-07-19T08:00:00Z",
"comp": "2020-07-19T08:00:00Z"
}
]
},
{
"name": "Third Task no occurrence",
"occurrences": []
}
]
}
`,
}}

for _, tcase := range testCases {
t.Run(tcase.role+tcase.user, func(t *testing.T) {
getUserParams := &common.GraphQLParams{
Headers: getJWT(t, tcase.user, tcase.role),
Query: query,
}

gqlResponse := getUserParams.ExecuteAsPost(t, graphqlURL)
require.Nil(t, gqlResponse.Errors)

require.JSONEq(t, string(gqlResponse.Data), tcase.result)
})
}

// Clean up `Task`
getParams := &common.GraphQLParams{
Query: `
mutation DelTask {
deleteTask(filter: {}) {
numUids
}
}
`,
Variables: map[string]interface{}{"tasks": tasks},
}
gqlResponse := getParams.ExecuteAsPost(t, graphqlURL)
require.Nil(t, gqlResponse.Errors)

// Clean up `TaskOccurrence`
getParams = &common.GraphQLParams{
Query: `
mutation DelTaskOccuerence {
deleteTaskOccurrence(filter: {}) {
numUids
}
}
`,
Variables: map[string]interface{}{"tasks": tasks},
}
gqlResponse = getParams.ExecuteAsPost(t, graphqlURL)
require.Nil(t, gqlResponse.Errors)
}

func TestOrRBACFilter(t *testing.T) {
testCases := []TestCase{{
user: "user1",
Expand Down
29 changes: 15 additions & 14 deletions graphql/e2e/auth/schema.graphql
Original file line number Diff line number Diff line change
Expand Up @@ -537,34 +537,35 @@ type AdminTask @auth(
) {
id: ID!
name: String @search(by: [exact, term, fulltext, regexp])
occurrances: [TaskOccurance] @hasInverse(field: adminTask)
occurrences: [TaskOccurrence] @hasInverse(field: adminTask)
forContact: Contact @hasInverse(field: adminTasks)
}

type Task {
id: ID!
name: String @search(by: [exact, term, fulltext, regexp])
occurrances: [TaskOccurance] @hasInverse(field: task)
occurrences: [TaskOccurrence] @hasInverse(field: task)
forContact: Contact @hasInverse(field: tasks)
}

type TaskOccurance @auth(
query: { and : [
{rule: "{$TaskOccuranceRole: { eq: \"ADMINISTRATOR\"}}"},
{rule: """
query($TaskOccuranceRole: String!) {
queryTaskOccurance(filter: {role: { eq: $TaskOccuranceRole}}) {
__typename
type TaskOccurrence @auth(
query: { or : [ { rule: "{$ROLE: { eq: \"ADMIN\" }}"},
{and : [
{rule: "{$TaskOccuranceRole: { eq: \"ADMINISTRATOR\"}}"},
{rule: """
query($TaskOccuranceRole: String!) {
queryTaskOccurrence(filter: {role: { eq: $TaskOccuranceRole}}) {
__typename
}
}
}
"""}
] }
"""}
] } ] }
) {
id: ID!
due: DateTime @search
comp: DateTime @search
task: Task @hasInverse(field: occurrances)
adminTask: AdminTask @hasInverse(field: occurrances)
task: Task @hasInverse(field: occurrences)
adminTask: AdminTask @hasInverse(field: occurrences)
isPublic: Boolean @search
role: String @search(by: [exact, term, fulltext, regexp])
}
Expand Down
2 changes: 1 addition & 1 deletion graphql/resolve/auth_delete_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -395,7 +395,7 @@
random : Log.random
dgraph.uid : uid
}
Log2 as var(func: uid(Log3), orderasc: Log.logs)
Log2 as var(func: uid(Log3))
Log3 as var(func: uid(x))
}
Expand Down
Loading

0 comments on commit a5bfd4a

Please sign in to comment.