Try to expose bug #106

It does not work as we have PERMISSIONS=disabled also in the server we're trying to test.
2025-12-13 07:45:56 +00:00 · 2019-01-09 18:56:57 +01:00 · 2019-01-09 18:56:57 +01:00 · 0893d3740e
commit 0893d3740e
parent 9262fbb44f
4 changed files with 57 additions and 24 deletions
--- a/src/graphql-schema.spec.js
+++ b/src/graphql-schema.spec.js
@ -1,8 +1,7 @@
 import { request } from 'graphql-request'
 import { create, cleanDatabase } from './seed/factories'
 import jwt from 'jsonwebtoken'
-
-let getHost = () => 'http://127.0.0.1:3123'
+import { host } from './jest/helpers'

 describe('login', () => {
  const mutation = (params) => {
@ -30,7 +29,7 @@ describe('login', () => {
    describe('asking for a `token`', () => {
      describe('with valid email/password combination', () => {
        it('responds with a JWT token', async () => {
-          const data = await request(getHost(), mutation({ email: 'test@example.org', password: '1234' }))
+          const data = await request(host, mutation({ email: 'test@example.org', password: '1234' }))
          const { token } = data.login
          jwt.verify(token, process.env.JWT_SECRET, (err, data) => {
            expect(data.email).toEqual('test@example.org')
@ -42,7 +41,7 @@ describe('login', () => {
      describe('with a valid email but incorrect password', () => {
        it('responds with "Incorrect email address or password."', async () => {
          try {
-            await request(getHost(), mutation({ email: 'test@example.org', password: 'wrong' }))
+            await request(host, mutation({ email: 'test@example.org', password: 'wrong' }))
          } catch (error) {
            expect(error.response.errors[0].message).toEqual('Incorrect email address or password.')
          }
@ -52,7 +51,7 @@ describe('login', () => {
      describe('with a non-existing email', () => {
        it('responds with "Incorrect email address or password."', async () => {
          try {
-            await request(getHost(), mutation({ email: 'non-existent@example.org', password: 'wrong' }))
+            await request(host, mutation({ email: 'non-existent@example.org', password: 'wrong' }))
          } catch (error) {
            expect(error.response.errors[0].message).toEqual('Incorrect email address or password.')
          }
--- a/src/jest/helpers.js
+++ b/src/jest/helpers.js
@ -0,0 +1,15 @@
+import { request } from 'graphql-request'
+
+export const host = 'http://127.0.0.1:3123'
+
+export async function login ({ email, password }) {
+  const mutation = `
+      mutation {
+        login(email:"${email}", password:"${password}"){
+          token
+        }
+      }`
+  const data = await request(host, mutation)
+  const { token } = data.login
+  return token
+}
--- a/src/middleware/permissionsMiddleware.spec.js
+++ b/src/middleware/permissionsMiddleware.spec.js
@ -1,31 +1,50 @@
-import { request } from 'graphql-request'
-import createServer from '../server'
-import mocks from '../mocks'
+import { GraphQLClient } from 'graphql-request'
 import { create, cleanDatabase } from '../seed/factories'
-import generateJwt from '../jwt/generateToken'
+import { host, login } from '../jest/helpers'

 describe('authorization', () => {
-  describe('given an existing user', () => {
+  describe('given two existing users', () => {
+    beforeEach(async () => {
+      await create('user', {
+        email: 'test@example.org',
+        password: '1234'
+      })
+      await create('user', {
+        email: 'someone@example.org',
+        password: 'hello'
+      })
+    })
+
+    afterEach(async () => {
+      await cleanDatabase()
+    })

    describe('logged in', () => {
-      let jwt
-      beforeEach(() => {
-        // jwt = generateJwt(user)
+      let jwt, graphQLClient
+
+      beforeEach(async () => {
+        jwt = await login({ email: 'test@example.org', password: '1234' })
+        graphQLClient = new GraphQLClient(host, {
+          headers: {
+            authorization: `Bearer ${jwt}`
+          }
+        })
      })

-      describe('query own user profile', () => {
-        const mutation = (params) => {
-          const { email, password } = params
+      describe('query email', () => {
+        const query = (params) => {
+          const { email } = params
          return `{
                    User(email: "${email}") {
-                      name
+                      email
                    }
                  }`
        }

-        it('returns the owner\'s email address', async () => {
-          // const data = await request(getHost(), mutation({ email: 'test@example.org' }))
-          console.log('it runs')
+        it('exposes the owner\'s email address', async () => {
+          const data = await graphQLClient.request(query({ email: 'test@example.org' }))
+          console.log(process.env)
+          expect(data).toEqual({ User: [ { email: 'test@example.org' } ] })
        })
      })
    })
--- a/src/seed/factories/index.js
+++ b/src/seed/factories/index.js
@ -29,12 +29,12 @@ const buildMutation = (model, parameters) => {
  return builders[model](parameters)
 }

-const create = async (model, parameters) => {
-  await client.mutate({ mutation: gql(buildMutation(model, parameters)) })
+const create = (model, parameters) => {
+  return client.mutate({ mutation: gql(buildMutation(model, parameters)) })
 }

-const cleanDatabase = async () => {
-  await query('MATCH (n) DETACH DELETE n', session)
+const cleanDatabase = () => {
+  return query('MATCH (n) DETACH DELETE n', session)
 }

 export {