Follow @mattwr18 code review 👍

2025-12-13 07:45:56 +00:00 · 2019-07-03 22:22:32 +02:00 · 2019-07-03 22:22:32 +02:00 · ef46f71c0d
commit ef46f71c0d
parent 10ae4abaae
2 changed files with 31 additions and 23 deletions
--- a/backend/src/schema/resolvers/users.spec.js
+++ b/backend/src/schema/resolvers/users.spec.js
@ -12,31 +12,39 @@ afterEach(async () => {

 describe('users', () => {
  describe('User', () => {
-    const query = `query($email: String) { User(email: $email) { id } }`
-    const variables = { email: 'any-email-address@example.org' }
-    beforeEach(() => {
-      client = new GraphQLClient(host)
-    })
-
-    it('is forbidden', async () => {
-      await expect(client.request(query, variables)).rejects.toThrow('Not Authorised')
-    })
-
-    describe('as admin', () => {
+    describe('query by email address', () => {
      beforeEach(async () => {
-        const userParams = {
-          role: 'admin',
-          email: 'admin@example.org',
-          password: '1234',
-        }
-        const factory = Factory()
-        await factory.create('User', userParams)
-        const headers = await login(userParams)
-        client = new GraphQLClient(host, { headers })
+        await factory.create('User', { name: 'Johnny', email: 'any-email-address@example.org' })
      })

-      it('is permitted', async () => {
-        await expect(client.request(query, variables)).resolves.toEqual({ User: [] })
+      const query = `query($email: String) { User(email: $email) { name } }`
+      const variables = { email: 'any-email-address@example.org' }
+      beforeEach(() => {
+        client = new GraphQLClient(host)
+      })
+
+      it('is forbidden', async () => {
+        await expect(client.request(query, variables)).rejects.toThrow('Not Authorised')
+      })
+
+      describe('as admin', () => {
+        beforeEach(async () => {
+          const userParams = {
+            role: 'admin',
+            email: 'admin@example.org',
+            password: '1234',
+          }
+          const factory = Factory()
+          await factory.create('User', userParams)
+          const headers = await login(userParams)
+          client = new GraphQLClient(host, { headers })
+        })
+
+        it('is permitted', async () => {
+          await expect(client.request(query, variables)).resolves.toEqual({
+            User: [{ name: 'Johnny' }],
+          })
+        })
      })
    })
  })
--- a/backend/src/schema/types/type/User.gql
+++ b/backend/src/schema/types/type/User.gql
@ -141,7 +141,7 @@ type Query {
    first: Int
    offset: Int
    orderBy: [_UserOrdering]
-    filter: _UserFilter # adding this would expose email
+    filter: _UserFilter
  ): [User]
 }