Skip to content

Commit 56bedcf

Browse files
angrykoalaangrykoala
authored
Merge pull request #6535 from neo4j/authorization-mutation-tests
Increase testing coverage for create authorization
2 parents 9a23d47 + aa6e245 commit 56bedcf

12 files changed

+2401
-0
lines changed

packages/graphql/tests/integration/mutations/create/authorization/filter/create-authorization-filter.int.test.ts

Lines changed: 227 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,227 @@
1+
/*
2+
* Copyright (c) "Neo4j"
3+
* Neo4j Sweden AB [http://neo4j.com]
4+
*
5+
* This file is part of Neo4j.
6+
*
7+
* Licensed under the Apache License, Version 2.0 (the "License");
8+
* you may not use this file except in compliance with the License.
9+
* You may obtain a copy of the License at
10+
*
11+
* http://www.apache.org/licenses/LICENSE-2.0
12+
*
13+
* Unless required by applicable law or agreed to in writing, software
14+
* distributed under the License is distributed on an "AS IS" BASIS,
15+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16+
* See the License for the specific language governing permissions and
17+
* limitations under the License.
18+
*/
19+
20+
import type { UniqueType } from "../../../../../utils/graphql-types";
21+
import { TestHelper } from "../../../../../utils/tests-helper";
22+
23+
describe("create with authorization filter", () => {
24+
const testHelper = new TestHelper();
25+
let User: UniqueType;
26+
let Post: UniqueType;
27+
let Link: UniqueType;
28+
const secret = "secret";
29+
30+
beforeEach(async () => {
31+
User = testHelper.createUniqueType("User");
32+
Post = testHelper.createUniqueType("Post");
33+
Link = testHelper.createUniqueType("Link");
34+
35+
const typeDefs = /* GraphQL */ `
36+
type ${User} @node {
37+
id: ID
38+
name: String
39+
content: [${Post}!]! @relationship(type: "HAS_CONTENT", direction: OUT)
40+
}
41+
42+
type ${Post}
43+
@node
44+
@authorization(
45+
filter: [{ operations: [CREATE_RELATIONSHIP], where: { node: { creatorId: { eq: "$jwt.sub" } } } }]
46+
) {
47+
creatorId: ID
48+
content: String
49+
creator: [${User}!]! @relationship(type: "HAS_CONTENT", direction: IN)
50+
links: [${Link}!]! @relationship(type: "HAS_LINK", direction: OUT)
51+
}
52+
53+
type ${Link}
54+
@node
55+
@authorization( filter: [{ operations: [CREATE_RELATIONSHIP], where: { node: { public: { eq: true } } } }]) {
56+
url: String
57+
public: Boolean
58+
}
59+
60+
extend type ${User}
61+
@authorization(filter: [{ operations: [CREATE_RELATIONSHIP], where: { node: { id: { eq: "$jwt.sub" } } } }])
62+
`;
63+
64+
await testHelper.initNeo4jGraphQL({
65+
typeDefs,
66+
features: {
67+
authorization: {
68+
key: secret,
69+
},
70+
},
71+
});
72+
});
73+
74+
afterEach(async () => {
75+
await testHelper.close();
76+
});
77+
78+
test("create and connect with authorization filter", async () => {
79+
const id = "123";
80+
const query = /* GraphQL */ `
81+
mutation ($id: ID!) {
82+
${User.operations.create}(input: [{ id: $id, name: "Bob", content: {connect: {
83+
where: {
84+
node: {
85+
content: {eq: "dont panic"}
86+
}
87+
}
88+
}} }]) {
89+
${User.plural} {
90+
id
91+
content {
92+
creatorId,
93+
content
94+
}
95+
}
96+
}
97+
}
98+
`;
99+
100+
const token = testHelper.createBearerToken(secret, { sub: id });
101+
102+
await testHelper.executeCypher(`
103+
CREATE(:${Post} {creatorId: "${id}", content: "dont panic"})
104+
CREATE(:${Post} {creatorId: "another-id", content: "dont panic"})
105+
`);
106+
const gqlResult = await testHelper.executeGraphQLWithToken(query, token, {
107+
variableValues: { id },
108+
});
109+
110+
expect(gqlResult.errors).toBeFalsy();
111+
112+
expect(gqlResult.data).toEqual({
113+
[User.operations.create]: {
114+
[User.plural]: [
115+
{
116+
id,
117+
content: [
118+
{
119+
creatorId: id,
120+
content: "dont panic",
121+
},
122+
],
123+
},
124+
],
125+
},
126+
});
127+
128+
await testHelper.expectRelationship(User, Post, "HAS_CONTENT").toEqual([
129+
{
130+
from: {
131+
id,
132+
name: "Bob",
133+
},
134+
to: {
135+
creatorId: id,
136+
content: "dont panic",
137+
},
138+
relationship: {},
139+
},
140+
]);
141+
});
142+
143+
test("create -> connect -> connect with authorization filter", async () => {
144+
const id = "123";
145+
const query = /* GraphQL */ `
146+
mutation ($id: ID!) {
147+
${User.operations.create}(input: [{ id: $id, name: "Bob", content: {connect: {
148+
where: {
149+
node: {
150+
content: {eq: "dont panic"}
151+
}
152+
},
153+
connect: {
154+
links: {}
155+
}
156+
}} }]) {
157+
${User.plural} {
158+
id
159+
content {
160+
creatorId,
161+
content
162+
}
163+
}
164+
}
165+
}
166+
`;
167+
168+
const token = testHelper.createBearerToken(secret, { sub: id });
169+
170+
await testHelper.executeCypher(`
171+
CREATE(:${Post} {creatorId: "${id}", content: "dont panic"})
172+
CREATE(:${Post} {creatorId: "another-id", content: "dont panic"})
173+
174+
CREATE(:${Link} {url: "url-1", public: true})
175+
CREATE(:${Link} {url: "url-2", public: false})
176+
`);
177+
const gqlResult = await testHelper.executeGraphQLWithToken(query, token, {
178+
variableValues: { id },
179+
});
180+
181+
expect(gqlResult.errors).toBeFalsy();
182+
183+
expect(gqlResult.data).toEqual({
184+
[User.operations.create]: {
185+
[User.plural]: [
186+
{
187+
id,
188+
content: [
189+
{
190+
creatorId: id,
191+
content: "dont panic",
192+
},
193+
],
194+
},
195+
],
196+
},
197+
});
198+
199+
await testHelper.expectRelationship(User, Post, "HAS_CONTENT").toEqual([
200+
{
201+
from: {
202+
id,
203+
name: "Bob",
204+
},
205+
to: {
206+
creatorId: id,
207+
content: "dont panic",
208+
},
209+
relationship: {},
210+
},
211+
]);
212+
213+
await testHelper.expectRelationship(Post, Link, "HAS_LINK").toEqual([
214+
{
215+
to: {
216+
url: "url-1",
217+
public: true,
218+
},
219+
from: {
220+
creatorId: id,
221+
content: "dont panic",
222+
},
223+
relationship: {},
224+
},
225+
]);
226+
});
227+
});

0 commit comments

Comments
 (0)