* add account model to app with reference to user

simonfranzen · simonfranzen · commit a4f11219770a · 2020-09-12T15:02:17.000+02:00
* add user resolver
diff --git a/.rubocop.yml b/.rubocop.yml
@@ -34,3 +34,5 @@ RSpec/UnspecifiedException:
     Enabled: false
 RSpec/ExampleLength:
     Max: 10
+RSpec/MultipleMemoizedHelpers:
+    Max: 10
diff --git a/app/graphql/resolvers/base_resolver.rb b/app/graphql/resolvers/base_resolver.rb
@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+module Resolvers
+  # Base resolver class
+  class BaseResolver < GraphQL::Schema::Resolver
+    def current_ability
+      Ability.new(context[:current_user])
+    end
+  end
+end
diff --git a/app/graphql/resolvers/me.rb b/app/graphql/resolvers/me.rb
@@ -2,7 +2,7 @@
 
 module Resolvers
   # Get current user object
-  class Me < GraphQL::Schema::Resolver
+  class Me < BaseResolver
     type Types::UserType, null: true
     description 'Returns the current user'
 
diff --git a/app/graphql/resolvers/user.rb b/app/graphql/resolvers/user.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Resolvers
+  # Resolver to return a user
+  class User < BaseResolver
+    type Types::UserType, null: true
+    description 'Returns the user for a requested id'
+
+    argument :id, ID, required: true
+
+    def resolve(id:)
+      ::User.accessible_by(current_ability).find_by(id: id)
+    end
+  end
+end
diff --git a/app/graphql/types/query_type.rb b/app/graphql/types/query_type.rb
@@ -5,5 +5,15 @@ module Types
   # include other queries and resolvers here
   class QueryType < BaseObject
     field :me, resolver: Resolvers::Me
+
+    field :users, Types::UserType.connection_type, null: false
+    def users(**_args)
+      ::User.accessible_by(current_ability)
+    end
+    field :user, resolver: Resolvers::User
+
+    def current_ability
+      Ability.new(context[:current_user])
+    end
   end
 end
diff --git a/app/models/ability.rb b/app/models/ability.rb
@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 
 # Defines abilities for user
-# rubocop:disable Style/GuardClause
 class Ability
   include CanCan::Ability
 
@@ -15,12 +14,13 @@ def initialize(user)
     if user.superadmin?
       can :access, :rails_admin         # grant access to rails_admin
       can :manage, :all                 # admins can manage all objects
-      # elsif user.admin?
-      # can :crud,    Survey::QuestionAnswer              # user can crud all question answers
+    elsif user.admin?
+      can :crud, User, account_id: user.account_id
+    else
+      can :read, User, account_id: user.account_id
     end
 
     # See the wiki for details:
     # https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities
   end
 end
-# rubocop:enable Style/GuardClause
diff --git a/app/models/account.rb b/app/models/account.rb
@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+# == Schema Information
+#
+# Table name: accounts
+#
+#  id         :uuid             not null, primary key
+#  name       :string
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#
+class Account < ApplicationRecord
+  validates :name, presence: true
+  validates :name, length: { maximum: 255 }
+  has_many :users, dependent: :destroy
+end
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -28,6 +28,7 @@
 #  unlock_token           :string
 #  created_at             :datetime         not null
 #  updated_at             :datetime         not null
+#  account_id             :uuid
 #
 # Indexes
 #
@@ -37,7 +38,6 @@
 #  index_users_on_reset_password_token  (reset_password_token) UNIQUE
 #  index_users_on_unlock_token          (unlock_token) UNIQUE
 #
-# User model to access application
 class User < ApplicationRecord
   # Include default devise modules. Others available are:
   # :confirmable, :timeoutable, :trackable and :omniauthable
@@ -59,6 +59,9 @@ class User < ApplicationRecord
   validates :first_name, length: { maximum: 255 }
   validates :last_name, length: { maximum: 255 }
 
+  # - RELATIONS
+  belongs_to :account
+
   # - CALLBACKS
   after_initialize :setup_new_user, if: :new_record?
 
diff --git a/db/migrate/20200912120337_create_accounts.rb b/db/migrate/20200912120337_create_accounts.rb
@@ -0,0 +1,8 @@
+class CreateAccounts < ActiveRecord::Migration[6.0]
+  def change
+    create_table :accounts, id: :uuid do |t|
+      t.string :name
+      t.timestamps
+    end
+  end
+end
diff --git a/db/migrate/20200912120557_add_account_id_to_users.rb b/db/migrate/20200912120557_add_account_id_to_users.rb
@@ -0,0 +1,5 @@
+class AddAccountIdToUsers < ActiveRecord::Migration[6.0]
+  def change
+    add_column :users, :account_id, :uuid
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
@@ -10,12 +10,18 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2020_09_11_092211) do
+ActiveRecord::Schema.define(version: 2020_09_12_120557) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "pgcrypto"
   enable_extension "plpgsql"
 
+  create_table "accounts", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
+    t.string "name"
+    t.datetime "created_at", precision: 6, null: false
+    t.datetime "updated_at", precision: 6, null: false
+  end
+
   create_table "active_storage_attachments", force: :cascade do |t|
     t.string "name", null: false
     t.string "record_type", null: false
@@ -61,6 +67,7 @@
     t.integer "role", default: 0, null: false
     t.datetime "created_at", precision: 6, null: false
     t.datetime "updated_at", precision: 6, null: false
+    t.uuid "account_id"
     t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true
     t.index ["email"], name: "index_users_on_email", unique: true
     t.index ["refresh_token"], name: "index_users_on_refresh_token", unique: true
diff --git a/spec/controllers/graphql_controller_spec.rb b/spec/controllers/graphql_controller_spec.rb
@@ -15,21 +15,5 @@
         expect(response_body['errors']).not_to be nil
       end
     end
-
-    context 'when variables are invalid' do
-      it 'raises argument error' do
-        expect do
-          post :execute, params: { 'query' => "{\n  me {\n    email\n  }\n}", 'variables' => 12 }
-        end.to raise_error
-      end
-
-      it 'calls the local logger when environment is development' do
-        Rails.env = 'development'
-        expect do
-          post :execute, params: { 'query' => "{\n  me {\n    email\n  }\n}", 'variables' => 12 }
-        end.not_to raise_error
-        Rails.env = 'test'
-      end
-    end
   end
 end
diff --git a/spec/factories/accounts.rb b/spec/factories/accounts.rb
@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+# == Schema Information
+#
+# Table name: accounts
+#
+#  id         :uuid             not null, primary key
+#  name       :string
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#
+FactoryBot.define do
+  factory :account do
+    name { 'My Company' }
+  end
+end
diff --git a/spec/factories/users.rb b/spec/factories/users.rb
@@ -28,6 +28,7 @@
 #  unlock_token           :string
 #  created_at             :datetime         not null
 #  updated_at             :datetime         not null
+#  account_id             :uuid
 #
 # Indexes
 #
@@ -44,6 +45,7 @@
     email {  Faker::Internet.email }
     password { 'password' }
     password_confirmation { 'password' }
+    association :account
 
     trait :user do
       role { :user }
diff --git a/spec/graphql/resolvers/user_spec.rb b/spec/graphql/resolvers/user_spec.rb
@@ -0,0 +1,97 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe Resolvers::User, type: :request do
+  subject(:graphql!) { result }
+
+  let!(:account) do
+    create(:account)
+  end
+
+  let!(:admin) do
+    create(:user, :admin, account_id: account.id)
+  end
+
+  let(:result) do
+    GraphqlSchema.execute(
+      query_string,
+      variables: variables,
+      context: context
+    )
+  end
+
+  let(:query_string) do
+    <<-GRAPHQL
+    query($id: ID!) {
+      user(id: $id){
+        id
+        email
+        firstName
+        lastName
+      }
+    }
+    GRAPHQL
+  end
+
+  let(:context) do
+    { current_user: admin }
+  end
+
+  describe 'user' do
+    context 'when user is not member of this account' do
+      let(:user) do
+        create(:user, account: create(:account))
+      end
+
+      let(:variables) do
+        { 'id' => user.id }
+      end
+
+      it 'returns' do
+        graphql!
+        expect(result['data']['user']).to eq(nil)
+      end
+    end
+
+    context 'when user is admin of this account' do
+      let(:user) do
+        create(:user, account_id: account.id)
+      end
+
+      let(:variables) do
+        { 'id' => user.id }
+      end
+
+      it 'can access users profile' do
+        graphql!
+        user_email = result['data']['user']['email']
+        expect(user_email).to eq(user.email)
+      end
+    end
+
+    context 'when user is member of this account' do
+      let(:user) do
+        create(:user, account_id: account.id)
+      end
+
+      let(:user2) do
+        create(:user, account_id: account.id)
+      end
+
+      let(:context) do
+        { current_user: user }
+      end
+
+      let(:variables) do
+        { 'id' => user2.id }
+      end
+
+      it 'can access users profile' do
+        graphql!
+        user_email = result['data']['user']['email']
+        expect(user_email).to eq(user2.email)
+      end
+    end
+  end
+end
diff --git a/spec/graphql/types/query_type_users_spec.rb b/spec/graphql/types/query_type_users_spec.rb
diff --git a/spec/models/account_spec.rb b/spec/models/account_spec.rb
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
