2021-03-13 07:00:41 +13:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace Tests\E2E\Services\GraphQL;
|
|
|
|
|
|
|
|
use Tests\E2E\Client;
|
2022-04-09 01:52:20 +12:00
|
|
|
use Tests\E2E\Scopes\ProjectCustom;
|
2021-03-13 07:00:41 +13:00
|
|
|
use Tests\E2E\Scopes\Scope;
|
|
|
|
use Tests\E2E\Scopes\SideServer;
|
|
|
|
|
2021-03-17 02:34:11 +13:00
|
|
|
|
2022-04-09 01:52:20 +12:00
|
|
|
class GraphQLServerTest extends Scope
|
2021-03-13 07:00:41 +13:00
|
|
|
{
|
2022-04-09 01:52:20 +12:00
|
|
|
use ProjectCustom;
|
2021-03-13 07:00:41 +13:00
|
|
|
use SideServer;
|
2021-03-17 03:34:43 +13:00
|
|
|
use GraphQLBase;
|
2021-03-13 07:00:41 +13:00
|
|
|
|
2021-03-13 09:17:29 +13:00
|
|
|
/**
|
2022-04-09 01:52:20 +12:00
|
|
|
* @depends testCreateCollection
|
|
|
|
*/
|
|
|
|
public function testDocumentCreate(array $data)
|
|
|
|
{
|
2021-03-13 09:17:29 +13:00
|
|
|
$projectId = $this->getProject()['$id'];
|
2021-03-17 07:16:33 +13:00
|
|
|
$key = '';
|
2022-04-09 01:52:20 +12:00
|
|
|
$query = $this->getQuery(self::$CREATE_DOCUMENT_REST);
|
2021-03-13 09:17:29 +13:00
|
|
|
|
|
|
|
$variables = [
|
2022-04-09 01:52:20 +12:00
|
|
|
'collectionId' => $data['collectionId'],
|
2021-03-13 09:17:29 +13:00
|
|
|
'data' => [
|
2022-04-09 01:52:20 +12:00
|
|
|
'name' => 'Robert',
|
|
|
|
'ago' => 100,
|
|
|
|
'alive' => true,
|
2021-03-13 09:17:29 +13:00
|
|
|
],
|
2022-04-09 01:52:20 +12:00
|
|
|
'read' => ['role:all'],
|
|
|
|
'write' => ['role:all'],
|
2021-03-13 09:17:29 +13:00
|
|
|
];
|
|
|
|
|
|
|
|
$graphQLPayload = [
|
2022-04-09 01:52:20 +12:00
|
|
|
'query' => $query,
|
|
|
|
'variables' => $variables
|
2021-03-13 09:17:29 +13:00
|
|
|
];
|
|
|
|
|
|
|
|
$document = $this->client->call(Client::METHOD_POST, '/graphql', [
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $projectId,
|
|
|
|
'x-appwrite-key' => $key
|
|
|
|
], $graphQLPayload);
|
|
|
|
|
2022-04-09 01:52:20 +12:00
|
|
|
$errorMessage = 'User (role: guest) missing scope (documents.write)';
|
|
|
|
$this->assertEquals($errorMessage, $document['body']['errors'][0]['message']);
|
2021-03-17 07:16:33 +13:00
|
|
|
$this->assertIsArray($document['body']['data']);
|
2022-04-09 01:52:20 +12:00
|
|
|
$this->assertNull($document['body']['data']['databaseCreateDocument']);
|
2021-03-13 07:00:41 +13:00
|
|
|
|
2022-04-09 01:52:20 +12:00
|
|
|
$key = $this->getNewKey(['documents.write']);
|
2021-03-17 07:16:33 +13:00
|
|
|
$document = $this->client->call(Client::METHOD_POST, '/graphql', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $projectId,
|
|
|
|
'x-appwrite-key' => $key
|
|
|
|
]), $graphQLPayload);
|
2022-04-09 01:52:20 +12:00
|
|
|
|
2021-03-13 09:17:29 +13:00
|
|
|
$this->assertNull($document['body']['errors']);
|
|
|
|
$this->assertIsArray($document['body']['data']);
|
2022-04-09 01:52:20 +12:00
|
|
|
$this->assertIsArray($document['body']['data']['databaseCreateDocument']);
|
|
|
|
|
|
|
|
$doc = $document['body']['data']['databaseCreateDocument'];
|
2021-03-13 09:17:29 +13:00
|
|
|
$this->assertArrayHasKey('$id', $doc);
|
2022-04-09 01:52:20 +12:00
|
|
|
$this->assertEquals($data['collectionId'], $doc['$collection']);
|
|
|
|
$this->assertEquals($variables['data']['name'], $doc['name']);
|
|
|
|
$this->assertEquals($variables['data']['age'], $doc['age']);
|
|
|
|
$this->assertEquals($variables['read'], $doc['read']);
|
|
|
|
$this->assertEquals($variables['write'], $doc['write']);
|
2021-03-13 09:17:29 +13:00
|
|
|
}
|
|
|
|
|
2022-04-09 01:52:20 +12:00
|
|
|
/**
|
|
|
|
* @throws \Exception
|
|
|
|
*/
|
|
|
|
public function testUserCreate()
|
|
|
|
{
|
2021-03-19 09:17:25 +13:00
|
|
|
/**
|
|
|
|
* Try to create a user without the required scope
|
|
|
|
*/
|
2021-03-13 09:17:29 +13:00
|
|
|
$projectId = $this->getProject()['$id'];
|
2021-03-17 07:16:33 +13:00
|
|
|
$key = '';
|
|
|
|
$query = $this->getQuery(self::$CREATE_USER);
|
2022-04-09 01:52:20 +12:00
|
|
|
|
2021-03-13 09:17:29 +13:00
|
|
|
$variables = [
|
|
|
|
'email' => 'users.service@example.com',
|
|
|
|
'password' => 'password',
|
|
|
|
'name' => 'Project User',
|
|
|
|
];
|
|
|
|
|
|
|
|
$graphQLPayload = [
|
2022-04-09 01:52:20 +12:00
|
|
|
'query' => $query,
|
|
|
|
'variables' => $variables
|
2021-03-13 09:17:29 +13:00
|
|
|
];
|
|
|
|
|
|
|
|
$user = $this->client->call(Client::METHOD_POST, '/graphql', [
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $projectId,
|
|
|
|
'x-appwrite-key' => $key
|
|
|
|
], $graphQLPayload);
|
|
|
|
|
2022-04-09 01:52:20 +12:00
|
|
|
$errorMessage = 'User (role: guest) missing scope (users.write)';
|
|
|
|
$this->assertEquals($errorMessage, $user['body']['errors'][0]['message']);
|
2021-03-17 07:16:33 +13:00
|
|
|
$this->assertIsArray($user['body']['data']);
|
2022-04-09 01:52:20 +12:00
|
|
|
$this->assertNull($user['body']['data']['usersCreate']);
|
2021-03-17 07:16:33 +13:00
|
|
|
|
2021-03-19 09:17:25 +13:00
|
|
|
/**
|
|
|
|
* Create the user with the reqiured scopes
|
|
|
|
*/
|
2022-04-09 01:52:20 +12:00
|
|
|
$key = $this->getNewKey(['users.write']);
|
2021-03-17 07:16:33 +13:00
|
|
|
$user = $this->client->call(Client::METHOD_POST, '/graphql', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $projectId,
|
|
|
|
'x-appwrite-key' => $key
|
|
|
|
]), $graphQLPayload);
|
|
|
|
|
2021-03-13 09:17:29 +13:00
|
|
|
$this->assertNull($user['body']['errors']);
|
|
|
|
$this->assertIsArray($user['body']['data']);
|
2022-04-09 01:52:20 +12:00
|
|
|
$this->assertIsArray($user['body']['data']['usersCreate']);
|
|
|
|
|
|
|
|
$data = $user['body']['data']['usersCreate'];
|
2021-03-13 09:17:29 +13:00
|
|
|
$this->assertArrayHasKey('id', $data);
|
|
|
|
$this->assertArrayHasKey('registration', $data);
|
2021-03-17 07:16:33 +13:00
|
|
|
$this->assertEquals($variables['name'], $data['name']);
|
|
|
|
$this->assertEquals($variables['email'], $data['email']);
|
2021-03-13 09:17:29 +13:00
|
|
|
$this->assertEquals(0, $data['status']);
|
|
|
|
$this->assertEquals(false, $data['emailVerification']);
|
|
|
|
$this->assertEquals([], $data['prefs']);
|
2021-03-19 09:14:18 +13:00
|
|
|
|
2022-04-09 01:52:20 +12:00
|
|
|
return ['userId' => $user['body']['data']['users_create']['id']];
|
2021-03-19 09:14:18 +13:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2022-04-09 01:52:20 +12:00
|
|
|
* @depends testUserCreate
|
|
|
|
*/
|
|
|
|
public function testUserDelete(array $data)
|
|
|
|
{
|
2021-03-19 09:17:25 +13:00
|
|
|
/**
|
|
|
|
* Try to delete a user without the required scope
|
|
|
|
*/
|
2021-03-19 09:14:18 +13:00
|
|
|
$projectId = $this->getProject()['$id'];
|
|
|
|
$key = '';
|
|
|
|
$query = $this->getQuery(self::$DELETE_USER);
|
2022-04-09 01:52:20 +12:00
|
|
|
|
2021-03-19 09:14:18 +13:00
|
|
|
$variables = [
|
|
|
|
'userId' => $data['userId'],
|
|
|
|
];
|
|
|
|
|
|
|
|
$graphQLPayload = [
|
2022-04-09 01:52:20 +12:00
|
|
|
'query' => $query,
|
|
|
|
'variables' => $variables
|
2021-03-19 09:14:18 +13:00
|
|
|
];
|
|
|
|
|
|
|
|
$user = $this->client->call(Client::METHOD_POST, '/graphql', [
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $projectId,
|
|
|
|
'x-appwrite-key' => $key
|
|
|
|
], $graphQLPayload);
|
|
|
|
|
2022-04-09 01:52:20 +12:00
|
|
|
$errorMessage = 'User (role: guest) missing scope (users.write)';
|
|
|
|
$this->assertEquals($errorMessage, $user['body']['errors'][0]['message']);
|
2021-03-19 09:14:18 +13:00
|
|
|
$this->assertIsArray($user['body']['data']);
|
|
|
|
$this->assertNull($user['body']['data']['users_deleteUser']);
|
|
|
|
|
2021-03-19 09:17:25 +13:00
|
|
|
/**
|
|
|
|
* Delete the user with the reqiured scopes
|
|
|
|
*/
|
2022-04-09 01:52:20 +12:00
|
|
|
$key = $this->getNewKey(['users.write']);
|
2021-03-19 09:14:18 +13:00
|
|
|
$user = $this->client->call(Client::METHOD_POST, '/graphql', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $projectId,
|
|
|
|
'x-appwrite-key' => $key
|
|
|
|
]), $graphQLPayload);
|
|
|
|
|
|
|
|
$this->assertNull($user['body']['errors']);
|
|
|
|
$this->assertIsArray($user['body']['data']);
|
2022-04-09 01:52:20 +12:00
|
|
|
$this->assertIsArray($user['body']['data']['usersDeleteUser']);
|
|
|
|
$this->assertEquals([], $user['body']['data']['usersDeleteUser']);
|
2021-03-19 09:14:18 +13:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Try to fetch the user and check that its empty
|
|
|
|
*/
|
|
|
|
$query = $this->getQuery(self::$GET_USER);
|
2022-04-09 01:52:20 +12:00
|
|
|
$key = $this->getNewKey(['users.read']);
|
2021-03-19 09:14:18 +13:00
|
|
|
|
|
|
|
$graphQLPayload = [
|
2022-04-09 01:52:20 +12:00
|
|
|
'query' => $query,
|
|
|
|
'variables' => $variables
|
2021-03-19 09:14:18 +13:00
|
|
|
];
|
|
|
|
|
|
|
|
$user = $this->client->call(Client::METHOD_POST, '/graphql', [
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $projectId,
|
|
|
|
'x-appwrite-key' => $key
|
|
|
|
], $graphQLPayload);
|
|
|
|
|
2022-04-09 01:52:20 +12:00
|
|
|
$errorMessage = 'User not found';
|
|
|
|
$this->assertEquals($errorMessage, $user['body']['errors'][0]['message']);
|
2021-03-19 09:14:18 +13:00
|
|
|
$this->assertIsArray($user['body']['data']);
|
|
|
|
$this->assertNull($user['body']['data']['users_get']);
|
2021-03-17 02:34:11 +13:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2022-04-09 01:52:20 +12:00
|
|
|
public function testScopeBasedAuth()
|
|
|
|
{
|
|
|
|
$key = $this->getNewKey(['locale.read']);
|
2021-03-17 02:34:11 +13:00
|
|
|
$projectId = $this->getProject()['$id'];
|
2022-04-09 01:52:20 +12:00
|
|
|
|
2021-03-19 09:17:25 +13:00
|
|
|
/**
|
|
|
|
* Check that countries can be fetched
|
|
|
|
*/
|
2021-03-17 07:16:33 +13:00
|
|
|
$query = $this->getQuery(self::$LIST_COUNTRIES);
|
2021-03-17 02:34:11 +13:00
|
|
|
$variables = [];
|
|
|
|
$graphQLPayload = [
|
2022-04-09 01:52:20 +12:00
|
|
|
'query' => $query,
|
|
|
|
'variables' => $variables
|
2021-03-17 02:34:11 +13:00
|
|
|
];
|
|
|
|
$countries = $this->client->call(Client::METHOD_POST, '/graphql', [
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $projectId,
|
|
|
|
'x-appwrite-key' => $key
|
|
|
|
], $graphQLPayload);
|
|
|
|
|
|
|
|
$this->assertNull($countries['body']['errors']);
|
|
|
|
$this->assertIsArray($countries['body']['data']);
|
2022-04-09 01:52:20 +12:00
|
|
|
$this->assertIsArray($countries['body']['data']['localeGetCountries']);
|
|
|
|
|
|
|
|
$data = $countries['body']['data']['localeGetCountries'];
|
2021-03-17 02:34:11 +13:00
|
|
|
$this->assertEquals(194, count($data['countries']));
|
2022-04-09 01:52:20 +12:00
|
|
|
$this->assertEquals(194, $data['total']);
|
2021-03-17 02:34:11 +13:00
|
|
|
|
2021-03-17 07:16:33 +13:00
|
|
|
|
2021-03-19 09:17:25 +13:00
|
|
|
/**
|
|
|
|
* Create a key withouut any scopes
|
|
|
|
*/
|
2022-04-09 01:52:20 +12:00
|
|
|
$key = $this->getNewKey([]);
|
2021-03-17 02:34:11 +13:00
|
|
|
$countries = $this->client->call(Client::METHOD_POST, '/graphql', [
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $projectId,
|
|
|
|
'x-appwrite-key' => $key
|
|
|
|
], $graphQLPayload);
|
|
|
|
|
2022-04-09 01:52:20 +12:00
|
|
|
$errorMessage = 'app.${projectId}@service.localhost (role: application) missing scope (locale.read)';
|
2021-03-17 02:34:11 +13:00
|
|
|
$this->assertEquals($countries['headers']['status-code'], 401);
|
|
|
|
$this->assertEquals($countries['body']['errors'][0]['message'], $errorMessage);
|
|
|
|
$this->assertIsArray($countries['body']['data']);
|
|
|
|
$this->assertNull($countries['body']['data']['locale_getCountries']);
|
2021-03-13 09:17:29 +13:00
|
|
|
}
|
2021-03-13 07:00:41 +13:00
|
|
|
|
|
|
|
}
|