yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-07-07 17:12:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
strapi/packages/strapi-plugin-users-permissions/test/graphql.test.e2e.js

229 lines
5.2 KiB
JavaScript
Raw Normal View History

Add tests on graphql upload and user perm graphql
2019-09-18 12:07:59 +02:00
// Helpers.
const { registerAndLogin } = require('../../../test/helpers/auth');
Fix context issue in custom GraphQL query and mutation (#5532) * fix context issue in custom query and mutation Signed-off-by: harimkims <harimkims@gmail.com> * merge only state-related context Signed-off-by: harimkims <harimkims@gmail.com> * roll back the code, fix the test instead Signed-off-by: harimkims <harimkims@gmail.com>
2020-03-20 22:24:14 +09:00
const { createAuthRequest, createRequest } = require('../../../test/helpers/request');
Add tests on graphql upload and user perm graphql
2019-09-18 12:07:59 +02:00
let authReq;
const data = {};
describe('Test Graphql user service', () => {
beforeAll(async () => {
const token = await registerAndLogin();
authReq = createAuthRequest(token);
}, 60000);
describe('Check createUser authorizations', () => {
test('createUser is forbidden to public', async () => {
const rq = createRequest();
const res = await rq({
url: '/graphql',
method: 'POST',
body: {
query: /* GraphQL */ `
mutation {
Fix context issue in custom GraphQL query and mutation (#5532) * fix context issue in custom query and mutation Signed-off-by: harimkims <harimkims@gmail.com> * merge only state-related context Signed-off-by: harimkims <harimkims@gmail.com> * roll back the code, fix the test instead Signed-off-by: harimkims <harimkims@gmail.com>
2020-03-20 22:24:14 +09:00
createUser(input: { data: { username: "test", email: "test", password: "test" } }) {
Add tests on graphql upload and user perm graphql
2019-09-18 12:07:59 +02:00
user {
id
username
}
}
}
`,
},
});
expect(res.statusCode).toBe(200);
expect(res.body).toMatchObject({
data: {
createUser: null,
},
errors: [
{
message: 'Forbidden',
},
],
});
});
test('createUser is authorized for admins', async () => {
const res = await authReq({
url: '/graphql',
method: 'POST',
body: {
query: /* GraphQL */ `
mutation {
createUser(
Remove email update of admin during test that break next tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com>
2020-05-18 20:39:39 +02:00
input: {
data: { username: "test", email: "test-graphql@strapi.io", password: "test" }
}
Add tests on graphql upload and user perm graphql
2019-09-18 12:07:59 +02:00
) {
user {
id
username
}
}
}
`,
},
});
Fix context issue in custom GraphQL query and mutation (#5532) * fix context issue in custom query and mutation Signed-off-by: harimkims <harimkims@gmail.com> * merge only state-related context Signed-off-by: harimkims <harimkims@gmail.com> * roll back the code, fix the test instead Signed-off-by: harimkims <harimkims@gmail.com>
2020-03-20 22:24:14 +09:00
expect(res.statusCode).toBe(200);
Add tests on graphql upload and user perm graphql
2019-09-18 12:07:59 +02:00
expect(res.body).toMatchObject({
data: {
createUser: {
user: {
id: expect.anything(),
username: 'test',
},
},
},
});
data.user = res.body.data.createUser.user;
});
});
describe('Check updateUser authorizations', () => {
test('updateUser is forbidden to public', async () => {
const rq = createRequest();
const res = await rq({
url: '/graphql',
method: 'POST',
body: {
query: /* GraphQL */ `
mutation {
updateUser(
input: {
where: { id: 1 }
data: { username: "test", email: "test", password: "test" }
}
) {
user {
id
username
}
}
}
`,
},
});
expect(res.statusCode).toBe(200);
expect(res.body).toMatchObject({
data: {
updateUser: null,
},
errors: [
{
message: 'Forbidden',
},
],
});
});
test('updateUser is authorized for admins', async () => {
const res = await authReq({
url: '/graphql',
method: 'POST',
body: {
query: /* GraphQL */ `
mutation updateUser($id: ID!) {
Fix context issue in custom GraphQL query and mutation (#5532) * fix context issue in custom query and mutation Signed-off-by: harimkims <harimkims@gmail.com> * merge only state-related context Signed-off-by: harimkims <harimkims@gmail.com> * roll back the code, fix the test instead Signed-off-by: harimkims <harimkims@gmail.com>
2020-03-20 22:24:14 +09:00
updateUser(input: { where: { id: $id }, data: { username: "newUsername" } }) {
Add tests on graphql upload and user perm graphql
2019-09-18 12:07:59 +02:00
user {
id
username
}
}
}
`,
variables: {
id: data.user.id,
},
},
});
expect(res.statusCode).toBe(200);
expect(res.body).toMatchObject({
data: {
updateUser: {
user: {
id: expect.anything(),
username: 'newUsername',
},
},
},
});
data.user = res.body.data.updateUser.user;
});
});
describe('Check deleteUser authorizations', () => {
test('deleteUser is forbidden to public', async () => {
const rq = createRequest();
const res = await rq({
url: '/graphql',
method: 'POST',
body: {
query: /* GraphQL */ `
mutation deleteUser($id: ID!) {
deleteUser(input: { where: { id: $id } }) {
user {
id
username
}
}
}
`,
variables: {
id: data.user.id,
},
},
});
expect(res.statusCode).toBe(200);
expect(res.body).toMatchObject({
data: {
deleteUser: null,
},
errors: [
{
message: 'Forbidden',
},
],
});
});
test('deleteUser is authorized for admins', async () => {
const res = await authReq({
url: '/graphql',
method: 'POST',
body: {
query: /* GraphQL */ `
mutation deleteUser($id: ID!) {
deleteUser(input: { where: { id: $id } }) {
user {
id
username
}
}
}
`,
variables: {
id: data.user.id,
},
},
});
expect(res.statusCode).toBe(200);
expect(res.body).toMatchObject({
data: {
deleteUser: {
user: data.user,
},
},
});
});
});
});
Reference in New Issue Copy Permalink