2022-07-13 19:38:23 +12:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace Tests\E2E\Services\GraphQL;
|
|
|
|
|
|
|
|
use Tests\E2E\Client;
|
|
|
|
use Tests\E2E\Scopes\ProjectCustom;
|
|
|
|
use Tests\E2E\Scopes\Scope;
|
|
|
|
use Tests\E2E\Scopes\SideClient;
|
|
|
|
use Tests\E2E\Scopes\SideServer;
|
2023-01-16 22:25:40 +13:00
|
|
|
use Utopia\Database\Helpers\ID;
|
2022-07-13 19:38:23 +12:00
|
|
|
|
2022-09-22 20:29:42 +12:00
|
|
|
class ScopeTest extends Scope
|
2022-07-13 19:38:23 +12:00
|
|
|
{
|
|
|
|
use ProjectCustom;
|
|
|
|
use SideServer;
|
2022-09-22 20:29:42 +12:00
|
|
|
use Base;
|
2022-07-13 19:38:23 +12:00
|
|
|
|
|
|
|
public function testInvalidScope()
|
|
|
|
{
|
|
|
|
$projectId = $this->getProject()['$id'];
|
|
|
|
$apiKey = $this->getNewKey(['databases.read']);
|
|
|
|
$query = $this->getQuery(self::$CREATE_DATABASE);
|
|
|
|
$gqlPayload = [
|
|
|
|
'query' => $query,
|
|
|
|
'variables' => [
|
2022-09-22 13:53:41 +12:00
|
|
|
'databaseId' => ID::unique(),
|
2022-07-13 19:38:23 +12:00
|
|
|
'name' => 'Actors',
|
|
|
|
]
|
|
|
|
];
|
|
|
|
|
|
|
|
$database = $this->client->call(Client::METHOD_POST, '/graphql', [
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $projectId,
|
|
|
|
'x-appwrite-key' => $apiKey,
|
|
|
|
], $gqlPayload);
|
|
|
|
|
2024-01-10 16:39:14 +13:00
|
|
|
$message = "app.{$projectId}@service.localhost (role: applications) missing scope (databases.write)";
|
2022-07-13 19:38:23 +12:00
|
|
|
$this->assertArrayHasKey('errors', $database['body']);
|
|
|
|
$this->assertEquals($message, $database['body']['errors'][0]['message']);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testValidScope()
|
|
|
|
{
|
|
|
|
$projectId = $this->getProject()['$id'];
|
|
|
|
$apiKey = $this->getNewKey(['databases.read', 'databases.write']);
|
|
|
|
$query = $this->getQuery(self::$CREATE_DATABASE);
|
|
|
|
$gqlPayload = [
|
|
|
|
'query' => $query,
|
|
|
|
'variables' => [
|
2022-09-22 13:53:41 +12:00
|
|
|
'databaseId' => ID::unique(),
|
2022-07-13 19:38:23 +12:00
|
|
|
'name' => 'Actors',
|
|
|
|
]
|
|
|
|
];
|
|
|
|
|
|
|
|
$database = $this->client->call(Client::METHOD_POST, '/graphql', [
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $projectId,
|
|
|
|
'x-appwrite-key' => $apiKey,
|
|
|
|
], $gqlPayload);
|
|
|
|
|
|
|
|
$this->assertIsArray($database['body']['data']);
|
|
|
|
$this->assertArrayNotHasKey('errors', $database['body']);
|
|
|
|
$database = $database['body']['data']['databasesCreate'];
|
|
|
|
$this->assertEquals('Actors', $database['name']);
|
|
|
|
}
|
|
|
|
}
|