diff --git a/backend/src/graphql-schema.js b/backend/src/graphql-schema.js index 57b2ffb6c..c17b967d2 100644 --- a/backend/src/graphql-schema.js +++ b/backend/src/graphql-schema.js @@ -7,6 +7,7 @@ import reports from './resolvers/reports.js' import posts from './resolvers/posts.js' import moderation from './resolvers/moderation.js' import rewards from './resolvers/rewards.js' +import notifications from './resolvers/notifications' export const typeDefs = fs .readFileSync( @@ -17,13 +18,15 @@ export const typeDefs = fs export const resolvers = { Query: { ...statistics.Query, - ...userManagement.Query + ...userManagement.Query, + ...notifications.Query }, Mutation: { ...userManagement.Mutation, ...reports.Mutation, ...posts.Mutation, ...moderation.Mutation, - ...rewards.Mutation + ...rewards.Mutation, + ...notifications.Mutation } } diff --git a/backend/src/middleware/index.js b/backend/src/middleware/index.js index 8f86a88e6..8d893a78b 100644 --- a/backend/src/middleware/index.js +++ b/backend/src/middleware/index.js @@ -10,6 +10,7 @@ import permissionsMiddleware from './permissionsMiddleware' import userMiddleware from './userMiddleware' import includedFieldsMiddleware from './includedFieldsMiddleware' import orderByMiddleware from './orderByMiddleware' +import notificationsMiddleware from './notificationsMiddleware' export default schema => { let middleware = [ @@ -19,6 +20,7 @@ export default schema => { excerptMiddleware, xssMiddleware, fixImageUrlsMiddleware, + notificationsMiddleware, softDeleteMiddleware, userMiddleware, includedFieldsMiddleware, diff --git a/backend/src/middleware/notifications/mentions.js b/backend/src/middleware/notifications/mentions.js new file mode 100644 index 000000000..137c23f1c --- /dev/null +++ b/backend/src/middleware/notifications/mentions.js @@ -0,0 +1,10 @@ +const MENTION_REGEX = /\s@([\w_-]+)/g + +export function extractSlugs (content) { + let slugs = [] + let match + while ((match = MENTION_REGEX.exec(content)) != null) { + slugs.push(match[1]) + } + return slugs +} diff --git a/backend/src/middleware/notifications/mentions.spec.js b/backend/src/middleware/notifications/mentions.spec.js new file mode 100644 index 000000000..f12df7f07 --- /dev/null +++ b/backend/src/middleware/notifications/mentions.spec.js @@ -0,0 +1,30 @@ +import { extractSlugs } from './mentions' + +describe('extract', () => { + describe('finds mentions in the form of', () => { + it('@user', () => { + const content = 'Hello @user' + expect(extractSlugs(content)).toEqual(['user']) + }) + + it('@user-with-dash', () => { + const content = 'Hello @user-with-dash' + expect(extractSlugs(content)).toEqual(['user-with-dash']) + }) + + it('@user.', () => { + const content = 'Hello @user.' + expect(extractSlugs(content)).toEqual(['user']) + }) + + it('@user-With-Capital-LETTERS', () => { + const content = 'Hello @user-With-Capital-LETTERS' + expect(extractSlugs(content)).toEqual(['user-With-Capital-LETTERS']) + }) + }) + + it('ignores email addresses', () => { + const content = 'Hello somebody@example.org' + expect(extractSlugs(content)).toEqual([]) + }) +}) diff --git a/backend/src/middleware/notificationsMiddleware.js b/backend/src/middleware/notificationsMiddleware.js new file mode 100644 index 000000000..30205278b --- /dev/null +++ b/backend/src/middleware/notificationsMiddleware.js @@ -0,0 +1,27 @@ +import { extractSlugs } from './notifications/mentions' + +const notify = async (resolve, root, args, context, resolveInfo) => { + const post = await resolve(root, args, context, resolveInfo) + + const session = context.driver.session() + const { content, id: postId } = post + const slugs = extractSlugs(content) + const createdAt = (new Date()).toISOString() + const cypher = ` + match(u:User) where u.slug in $slugs + match(p:Post) where p.id = $postId + create(n:Notification{id: apoc.create.uuid(), read: false, createdAt: $createdAt}) + merge (n)-[:NOTIFIED]->(u) + merge (p)-[:NOTIFIED]->(n) + ` + await session.run(cypher, { slugs, createdAt, postId }) + session.close() + + return post +} + +export default { + Mutation: { + CreatePost: notify + } +} diff --git a/backend/src/middleware/notificationsMiddleware.spec.js b/backend/src/middleware/notificationsMiddleware.spec.js new file mode 100644 index 000000000..e6fc78c52 --- /dev/null +++ b/backend/src/middleware/notificationsMiddleware.spec.js @@ -0,0 +1,85 @@ +import Factory from '../seed/factories' +import { GraphQLClient } from 'graphql-request' +import { host, login } from '../jest/helpers' + +const factory = Factory() +let client + +beforeEach(async () => { + await factory.create('User', { + id: 'you', + name: 'Al Capone', + slug: 'al-capone', + email: 'test@example.org', + password: '1234' + }) +}) + +afterEach(async () => { + await factory.cleanDatabase() +}) + +describe('currentUser { notifications }', () => { + const query = `query($read: Boolean) { + currentUser { + notifications(read: $read, orderBy: createdAt_desc) { + read + post { + content + } + } + } + }` + + describe('authenticated', () => { + let headers + beforeEach(async () => { + headers = await login({ email: 'test@example.org', password: '1234' }) + client = new GraphQLClient(host, { headers }) + }) + + describe('given another user', () => { + let authorClient + let authorParams + let authorHeaders + + beforeEach(async () => { + authorParams = { + email: 'author@example.org', + password: '1234', + id: 'author' + } + await factory.create('User', authorParams) + authorHeaders = await login(authorParams) + }) + + describe('who mentions me in a post', () => { + beforeEach(async () => { + const content = 'Hey @al-capone how do you do?' + const title = 'Mentioning Al Capone' + const createPostMutation = ` + mutation($title: String!, $content: String!) { + CreatePost(title: $title, content: $content) { + title + content + } + } + ` + authorClient = new GraphQLClient(host, { headers: authorHeaders }) + await authorClient.request(createPostMutation, { title, content }) + }) + + it('sends you a notification', async () => { + const expected = { + currentUser: { + notifications: [ + { read: false, post: { content: 'Hey @al-capone how do you do?' } } + ] + } + } + await expect(client.request(query, { read: false })).resolves.toEqual(expected) + }) + }) + }) + }) +}) diff --git a/backend/src/middleware/permissionsMiddleware.js b/backend/src/middleware/permissionsMiddleware.js index 495bc9145..4ff334806 100644 --- a/backend/src/middleware/permissionsMiddleware.js +++ b/backend/src/middleware/permissionsMiddleware.js @@ -20,6 +20,21 @@ const isMyOwn = rule({ cache: 'no_cache' })(async (parent, args, context, info) return context.user.id === parent.id }) +const belongsToMe = rule({ cache: 'no_cache' })(async (_, args, context) => { + const { driver, user: { id: userId } } = context + const { id: notificationId } = args + const session = driver.session() + const result = await session.run(` + MATCH (u:User {id: $userId})<-[:NOTIFIED]-(n:Notification {id: $notificationId}) + RETURN n + `, { userId, notificationId }) + const [notification] = result.records.map((record) => { + return record.get('n') + }) + session.close() + return Boolean(notification) +}) + const onlyEnabledContent = rule({ cache: 'strict' })(async (parent, args, ctx, info) => { const { disabled, deleted } = args return !(disabled || deleted) @@ -50,6 +65,7 @@ const permissions = shield({ Post: or(onlyEnabledContent, isModerator) }, Mutation: { + UpdateNotification: belongsToMe, CreatePost: isAuthenticated, UpdatePost: isAuthor, DeletePost: isAuthor, diff --git a/backend/src/resolvers/notifications.js b/backend/src/resolvers/notifications.js new file mode 100644 index 000000000..bc3da0acf --- /dev/null +++ b/backend/src/resolvers/notifications.js @@ -0,0 +1,14 @@ +import { neo4jgraphql } from 'neo4j-graphql-js' + +export default { + Query: { + Notification: (object, params, context, resolveInfo) => { + return neo4jgraphql(object, params, context, resolveInfo, false) + } + }, + Mutation: { + UpdateNotification: (object, params, context, resolveInfo) => { + return neo4jgraphql(object, params, context, resolveInfo, false) + } + } +} diff --git a/backend/src/resolvers/notifications.spec.js b/backend/src/resolvers/notifications.spec.js index 50ded7bc4..799bc1594 100644 --- a/backend/src/resolvers/notifications.spec.js +++ b/backend/src/resolvers/notifications.spec.js @@ -5,13 +5,14 @@ import { host, login } from '../jest/helpers' const factory = Factory() let client +let userParams = { + id: 'you', + email: 'test@example.org', + password: '1234' +} beforeEach(async () => { - await factory.create('User', { - id: 'you', - email: 'test@example.org', - password: '1234' - }) + await factory.create('User', userParams) }) afterEach(async () => { @@ -118,3 +119,63 @@ describe('currentUser { notifications }', () => { }) }) }) + +describe('UpdateNotification', () => { + const mutation = `mutation($id: ID!, $read: Boolean){ + UpdateNotification(id: $id, read: $read) { + id read + } + }` + const variables = { id: 'to-be-updated', read: true } + + describe('given a notifications', () => { + let headers + + beforeEach(async () => { + const mentionedParams = { + id: 'mentioned-1', + email: 'mentioned@example.org', + password: '1234', + slug: 'mentioned' + } + await factory.create('User', mentionedParams) + await factory.create('Notification', { id: 'to-be-updated' }) + await factory.authenticateAs(userParams) + await factory.create('Post', { id: 'p1' }) + await Promise.all([ + factory.relate('Notification', 'User', { from: 'to-be-updated', to: 'mentioned-1' }), + factory.relate('Notification', 'Post', { from: 'p1', to: 'to-be-updated' }) + ]) + }) + + describe('unauthenticated', () => { + it('throws authorization error', async () => { + client = new GraphQLClient(host) + await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised') + }) + }) + + describe('authenticated', () => { + beforeEach(async () => { + headers = await login({ email: 'test@example.org', password: '1234' }) + client = new GraphQLClient(host, { headers }) + }) + + it('throws authorization error', async () => { + await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised') + }) + + describe('and owner', () => { + beforeEach(async () => { + headers = await login({ email: 'mentioned@example.org', password: '1234' }) + client = new GraphQLClient(host, { headers }) + }) + + it('updates notification', async () => { + const expected = { UpdateNotification: { id: 'to-be-updated', read: true } } + await expect(client.request(mutation, variables)).resolves.toEqual(expected) + }) + }) + }) + }) +}) diff --git a/backend/src/server.js b/backend/src/server.js index efa9a17c0..fe0d4ee1d 100644 --- a/backend/src/server.js +++ b/backend/src/server.js @@ -28,10 +28,10 @@ let schema = makeAugmentedSchema({ resolvers, config: { query: { - exclude: ['Statistics', 'LoggedInUser'] + exclude: ['Notfication', 'Statistics', 'LoggedInUser'] }, mutation: { - exclude: ['Statistics', 'LoggedInUser'] + exclude: ['Notfication', 'Statistics', 'LoggedInUser'] }, debug: debug }