IT4Change/Ocelot-Social
3
0
Fork 0
mirror of https://github.com/IT4Change/Ocelot-Social.git synced 2025-12-13 07:45:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improve specification of posts resolver

Browse Source 
* only authors are alllowed to update/delete their own posts
* set disabled+deleted to false if not provided
This commit is contained in:
Robert Schäfer 2019-03-04 18:35:02 +01:00
parent 4d0af7688d
commit b2520258a3
1 changed files with 168 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

175
src/resolvers/posts.spec.js
View File

@ -3,6 +3,7 @@ import { GraphQLClient } from 'graphql-request'
import { host, login } from '../jest/helpers'
const factory = Factory()
let client
beforeEach(async () => {
await factory.create('User', {
@ -16,37 +17,44 @@ afterEach(async () => {
})
describe('CreatePost', () => {
const mutation = `
mutation {
CreatePost(title: "I am a title", content: "Some content") {
title
content
slug
disabled
deleted
}
}
`
describe('unauthenticated', () => {
let client
it('throws authorization error', async () => {
client = new GraphQLClient(host)
await expect(client.request(`mutation {
CreatePost(
title: "I am a post",
content: "Some content"
) { slug }
}`)).rejects.toThrow('Not Authorised')
await expect(client.request(mutation)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated', () => {
let headers
let response
beforeEach(async () => {
headers = await login({ email: 'test@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
response = await client.request(`mutation {
CreatePost(
title: "A title",
content: "Some content"
) { title, content }
}`, { headers })
})
it('creates a post', () => {
expect(response).toEqual({ CreatePost: { title: 'A title', content: 'Some content' } })
it('creates a post', async () => {
const expected = {
CreatePost: {
title: 'I am a title',
content: 'Some content'
}
}
await expect(client.request(mutation)).resolves.toMatchObject(expected)
})
it('assigns the authenticated user as author', async () => {
await client.request(mutation)
const { User } = await client.request(`{
User(email:"test@example.org") {
contributions {
@ -54,8 +62,141 @@ describe('CreatePost', () => {
}
}
}`, { headers })
expect(User).toEqual([ { contributions: [ { title: 'A title' } ] } ])
expect(User).toEqual([ { contributions: [ { title: 'I am a title' } ] } ])
})
describe('disabled and deleted', () => {
it('initially false', async () => {
const expected = { CreatePost: { disabled: false, deleted: false } }
await expect(client.request(mutation)).resolves.toMatchObject(expected)
})
})
})
})
describe('UpdatePost', () => {
const mutation = `
mutation($id: ID!, $content: String) {
UpdatePost(id: $id, content: $content) {
id
content
}
}
`
let variables = {
id: 'p1',
content: 'New content'
}
beforeEach(async () => {
const asAuthor = Factory()
await asAuthor.create('User', {
email: 'author@example.org',
password: '1234'
})
await asAuthor.authenticateAs({
email: 'author@example.org',
password: '1234'
})
await asAuthor.create('Post', {
id: 'p1',
content: 'Old content'
})
})
describe('unauthenticated', () => {
it('throws authorization error', async () => {
client = new GraphQLClient(host)
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated but not the author', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'test@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('throws authorization error', async () => {
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated as author', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'author@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('updates a post', async () => {
const expected = { UpdatePost: { id: 'p1', content: 'New content' } }
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
})
})
})
describe('DeletePost', () => {
const mutation = `
mutation($id: ID!) {
DeletePost(id: $id) {
id
content
}
}
`
let variables = {
id: 'p1'
}
beforeEach(async () => {
const asAuthor = Factory()
await asAuthor.create('User', {
email: 'author@example.org',
password: '1234'
})
await asAuthor.authenticateAs({
email: 'author@example.org',
password: '1234'
})
await asAuthor.create('Post', {
id: 'p1',
content: 'To be deleted'
})
})
describe('unauthenticated', () => {
it('throws authorization error', async () => {
client = new GraphQLClient(host)
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated but not the author', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'test@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('throws authorization error', async () => {
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated as author', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'author@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('deletes a post', async () => {
const expected = { DeletePost: { id: 'p1', content: 'To be deleted' } }
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
})
})
})