diff --git a/protection/makeAllPublic/api.graphql b/protection/makeAllPublic/api.graphql index fbe1cbf..70a1a6a 100644 --- a/protection/makeAllPublic/api.graphql +++ b/protection/makeAllPublic/api.graphql @@ -1,21 +1,22 @@ type Customer { - name: String - city: String + name: String + city: String } type Query { - # An ecmascript generator of customer data. - # Of course, in real life you will call an API or a database. You can do that by changing the `endpoint` argument on the `@rest` directive. - # https://stepzen.com/docs/connecting-backends/how-to-connect-a-rest-service - customer (id: ID): Customer - @rest (endpoint: "stepzen:empty" - ecmascript: """ - function transformREST(s) { - var id = get('id') - if (id==1) - return (JSON.stringify({"name":"John Doe","city":"Miami"})) - else - return (JSON.stringify({"name":"Jane Smith","city":"Santa Clara"})) - } - """ + # An ecmascript generator of customer data. + # Of course, in real life you will call an API or a database. You can do that by changing the `endpoint` argument on the `@rest` directive. + # https://stepzen.com/docs/connecting-backends/how-to-connect-a-rest-service + customer(id: ID!): Customer + @rest( + endpoint: "stepzen:empty" + ecmascript: """ + function transformREST(s) { + var id = get('id') + if (id==1) + return (JSON.stringify({"name":"John Doe","city":"Miami"})) + else + return (JSON.stringify({"name":"Jane Smith","city":"Santa Clara"})) + } + """ ) -} \ No newline at end of file +} diff --git a/protection/makeAllPublic/operations.graphql b/protection/makeAllPublic/operations.graphql new file mode 100644 index 0000000..7a85250 --- /dev/null +++ b/protection/makeAllPublic/operations.graphql @@ -0,0 +1,6 @@ +query Customer($id: ID!) { + customer(id: $id) { + name + city + } +} diff --git a/protection/makeAllPublic/tests/Test.js b/protection/makeAllPublic/tests/Test.js index f165dd1..4040f09 100644 --- a/protection/makeAllPublic/tests/Test.js +++ b/protection/makeAllPublic/tests/Test.js @@ -1,3 +1,5 @@ +const fs = require("fs"); +const path = require("node:path"); const { deployAndRun, authTypes, @@ -6,8 +8,42 @@ const { testDescription = getTestDescription("snippets", __dirname); +const requestsFile = path.join(path.dirname(__dirname), "operations.graphql"); +const requests = fs.readFileSync(requestsFile, "utf8").toString(); + describe(testDescription, function () { + // note tests using no authorization since api is public const tests = [ - ] + { + label: "customer-1", + query: requests, + operationName: "Customer", + variables: { + id: 1, + }, + expected: { + customer: { + name: "John Doe", + city: "Miami", + }, + }, + authType: authTypes.noAuth, + }, + { + label: "customer-2", + query: requests, + operationName: "Customer", + variables: { + id: 2, + }, + expected: { + customer: { + name: "Jane Smith", + city: "Santa Clara", + }, + }, + authType: authTypes.noAuth, + }, + ]; return deployAndRun(__dirname, tests); -}); \ No newline at end of file +}); diff --git a/tests/gqltest.js b/tests/gqltest.js index b8d9397..c0048c3 100644 --- a/tests/gqltest.js +++ b/tests/gqltest.js @@ -46,6 +46,7 @@ function deployEndpoint(endpoint, dirname) { // The test will fail if the request does not // have status 200 or has any GraphQL errors. function runGqlOk(authType, endpoint, query, variables, operationName) { + let authValue; switch (authType) { case authTypes.adminKey: authValue = adminKey; @@ -59,12 +60,18 @@ function runGqlOk(authType, endpoint, query, variables, operationName) { default: authValue = ""; } + + let headers = { + "Content-Type": "application/json", + }; + + if (authValue) { + headers.Authorization = authValue; + } + return fetch(endpoint, { method: "POST", - headers: { - "Content-Type": "application/json", - Authorization: authValue, - }, + headers: headers, body: JSON.stringify({ query: query, variables: variables,