diff --git a/app/controllers/api/graphql.php b/app/controllers/api/graphql.php index 191e8fcfc..893442f45 100644 --- a/app/controllers/api/graphql.php +++ b/app/controllers/api/graphql.php @@ -32,7 +32,7 @@ App::get('/v1/graphql') ->inject('response') ->inject('promiseAdapter') ->inject('schema') - ->action(Closure::fromCallable('graphqlRequest')); + ->action(Closure::fromCallable('executeRequest')); App::post('/v1/graphql') ->desc('GraphQL Endpoint') @@ -52,7 +52,7 @@ App::post('/v1/graphql') ->inject('response') ->inject('promiseAdapter') ->inject('schema') - ->action(Closure::fromCallable('graphqlRequest')); + ->action(Closure::fromCallable('executeRequest')); App::post('/v1/graphql/upload') ->desc('GraphQL Upload Endpoint') @@ -74,7 +74,7 @@ App::post('/v1/graphql/upload') ->inject('response') ->inject('promiseAdapter') ->inject('schema') - ->action(Closure::fromCallable('graphqlRequest')); + ->action(Closure::fromCallable('executeRequest')); /** @@ -88,7 +88,7 @@ App::post('/v1/graphql/upload') * @return void * @throws Exception */ -function graphqlRequest( +function executeRequest( array $query, Appwrite\Utopia\Request $request, Appwrite\Utopia\Response $response, @@ -116,7 +116,7 @@ function graphqlRequest( throw new Exception('Too many queries.', 400, Exception::GRAPHQL_TOO_MANY_QUERIES); } foreach ($query as $item) { - if (!isset($item['query'])) { + if (empty($item['query'])) { throw new Exception('Invalid query.', 400, Exception::GRAPHQL_INVALID_QUERY); } } diff --git a/tests/e2e/Services/GraphQL/GraphQLContentTypeTest.php b/tests/e2e/Services/GraphQL/GraphQLContentTypeTest.php index 4168d22b2..0c2ca8d76 100644 --- a/tests/e2e/Services/GraphQL/GraphQLContentTypeTest.php +++ b/tests/e2e/Services/GraphQL/GraphQLContentTypeTest.php @@ -144,7 +144,7 @@ class GraphQLContentTypeTest extends Scope $this->assertIsArray($file['body']['data']['storageCreateFile']); } - public function testEmptyBody() + public function testPostNoBody() { $projectId = $this->getProject()['$id']; $response = $this->client->call(Client::METHOD_POST, '/graphql', \array_merge([ @@ -155,7 +155,18 @@ class GraphQLContentTypeTest extends Scope $this->assertEquals('No query supplied.', $response['body']['message']); } - public function testRandomBody() + public function testPostEmptyBody() + { + $projectId = $this->getProject()['$id']; + $response = $this->client->call(Client::METHOD_POST, '/graphql', \array_merge([ + 'content-type' => 'application/json', + 'x-appwrite-project' => $projectId, + ], $this->getHeaders()), []); + + $this->assertEquals('No query supplied.', $response['body']['message']); + } + + public function testPostRandomBody() { $projectId = $this->getProject()['$id']; $response = $this->client->call(Client::METHOD_POST, '/graphql', \array_merge([ @@ -165,4 +176,37 @@ class GraphQLContentTypeTest extends Scope $this->assertEquals('Invalid query.', $response['body']['message']); } + + public function testGetNoQuery() + { + $projectId = $this->getProject()['$id']; + $response = $this->client->call(Client::METHOD_GET, '/graphql', \array_merge([ + 'content-type' => 'application/json', + 'x-appwrite-project' => $projectId, + ], $this->getHeaders())); + + $this->assertEquals('No query supplied.', $response['body']['message']); + } + + public function testGetEmptyQuery() + { + $projectId = $this->getProject()['$id']; + $response = $this->client->call(Client::METHOD_GET, '/graphql?query=', \array_merge([ + 'content-type' => 'application/json', + 'x-appwrite-project' => $projectId, + ], $this->getHeaders())); + + $this->assertEquals('Invalid query.', $response['body']['message']); + } + + public function testGetRandomParameters() + { + $projectId = $this->getProject()['$id']; + $response = $this->client->call(Client::METHOD_POST, '/graphql?random=random', \array_merge([ + 'content-type' => 'application/json', + 'x-appwrite-project' => $projectId, + ], $this->getHeaders())); + + $this->assertEquals('No query supplied.', $response['body']['message']); + } }