IT4Change/Ocelot-Social
3
0
Fork 0
mirror of https://github.com/IT4Change/Ocelot-Social.git synced 2025-12-13 07:45:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improve specification of posts resolver

Browse Source 
* only authors are alllowed to update/delete their own posts
* set disabled+deleted to false if not provided
This commit is contained in:
Robert Schäfer 2019-03-04 18:35:02 +01:00
parent 4d0af7688d
commit b2520258a3
1 changed files with 168 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

195
src/resolvers/posts.spec.js
View File

@ -3,6 +3,7 @@ import { GraphQLClient } from 'graphql-request'
import { host, login } from '../jest/helpers' import { host, login } from '../jest/helpers'
const factory = Factory() const factory = Factory()
let client
beforeEach(async () => { beforeEach(async () => {
await factory.create('User', { await factory.create('User', {
@ -16,46 +17,186 @@ afterEach(async () => {
}) })
describe('CreatePost', () => { describe('CreatePost', () => {
const mutation = `
mutation {
CreatePost(title: "I am a title", content: "Some content") {
title
content
slug
disabled
deleted
}
}
`
describe('unauthenticated', () => { describe('unauthenticated', () => {
let client
it('throws authorization error', async () => { it('throws authorization error', async () => {
client = new GraphQLClient(host) client = new GraphQLClient(host)
await expect(client.request(`mutation { await expect(client.request(mutation)).rejects.toThrow('Not Authorised')
CreatePost( })
title: "I am a post", })
content: "Some content"
) { slug } describe('authenticated', () => {
}`)).rejects.toThrow('Not Authorised') let headers
beforeEach(async () => {
headers = await login({ email: 'test@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
}) })
describe('authenticated', () => { it('creates a post', async () => {
let headers const expected = {
let response CreatePost: {
beforeEach(async () => { title: 'I am a title',
headers = await login({ email: 'test@example.org', password: '1234' }) content: 'Some content'
client = new GraphQLClient(host, { headers }) }
response = await client.request(`mutation { }
CreatePost( await expect(client.request(mutation)).resolves.toMatchObject(expected)
title: "A title", })
content: "Some content"
) { title, content }
}`, { headers })
})
it('creates a post', () => { it('assigns the authenticated user as author', async () => {
expect(response).toEqual({ CreatePost: { title: 'A title', content: 'Some content' } }) await client.request(mutation)
}) const { User } = await client.request(`{
it('assigns the authenticated user as author', async () => {
const { User } = await client.request(`{
User(email:"test@example.org") { User(email:"test@example.org") {
contributions { contributions {
title title
} }
} }
}`, { headers }) }`, { headers })
expect(User).toEqual([ { contributions: [ { title: 'A title' } ] } ]) expect(User).toEqual([ { contributions: [ { title: 'I am a title' } ] } ])
})
describe('disabled and deleted', () => {
it('initially false', async () => {
const expected = { CreatePost: { disabled: false, deleted: false } }
await expect(client.request(mutation)).resolves.toMatchObject(expected)
}) })
}) })
}) })
}) })
describe('UpdatePost', () => {
const mutation = `
mutation($id: ID!, $content: String) {
UpdatePost(id: $id, content: $content) {
id
content
}
}
`
let variables = {
id: 'p1',
content: 'New content'
}
beforeEach(async () => {
const asAuthor = Factory()
await asAuthor.create('User', {
email: 'author@example.org',
password: '1234'
})
await asAuthor.authenticateAs({
email: 'author@example.org',
password: '1234'
})
await asAuthor.create('Post', {
id: 'p1',
content: 'Old content'
})
})
describe('unauthenticated', () => {
it('throws authorization error', async () => {
client = new GraphQLClient(host)
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated but not the author', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'test@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('throws authorization error', async () => {
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated as author', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'author@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('updates a post', async () => {
const expected = { UpdatePost: { id: 'p1', content: 'New content' } }
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
})
})
})
describe('DeletePost', () => {
const mutation = `
mutation($id: ID!) {
DeletePost(id: $id) {
id
content
}
}
`
let variables = {
id: 'p1'
}
beforeEach(async () => {
const asAuthor = Factory()
await asAuthor.create('User', {
email: 'author@example.org',
password: '1234'
})
await asAuthor.authenticateAs({
email: 'author@example.org',
password: '1234'
})
await asAuthor.create('Post', {
id: 'p1',
content: 'To be deleted'
})
})
describe('unauthenticated', () => {
it('throws authorization error', async () => {
client = new GraphQLClient(host)
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated but not the author', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'test@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('throws authorization error', async () => {
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated as author', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'author@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('deletes a post', async () => {
const expected = { DeletePost: { id: 'p1', content: 'To be deleted' } }
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
})
})
})