feat: added tests for scope based auth

2024-09-30 01:08:13 +13:00 · 2021-03-16 19:04:11 +05:30 · 2021-03-16 19:04:11 +05:30 · 4c49fb1b05
commit 4c49fb1b05
parent 15558f997d
3 changed files with 98 additions and 2 deletions
--- a/app/controllers/api/graphql.php
+++ b/app/controllers/api/graphql.php
@ -3,6 +3,7 @@
 use GraphQL\GraphQL;
 use GraphQL\Type;
 use Appwrite\Utopia\Response;
+use GraphQL\Error\DebugFlag;
 use GraphQL\Error\Error;
 use GraphQL\Error\FormattedError;
 use Utopia\App;
@ -61,9 +62,10 @@ App::post('/v1/graphql')
        });

        try {
+            $debug = DebugFlag::INCLUDE_DEBUG_MESSAGE | DebugFlag::INCLUDE_TRACE;
            $rootValue = [];
            $result = GraphQL::executeQuery($schema, $query, $rootValue, null, $variables)->setErrorFormatter($myErrorFormatter)->setErrorsHandler($myErrorHandler);
-            $output = $result->toArray();
+            $output = $result->toArray($debug);
        } catch (\Exception $error) {
            $output = [
                'errors' => [
--- a/src/Appwrite/GraphQL/Builder.php
+++ b/src/Appwrite/GraphQL/Builder.php
@ -174,7 +174,7 @@ class Builder {
                $type = Type::string();
                break;
            default:
-                $type = Type::string();
+                $type = self::json();
                break;
        }
    
--- a/tests/e2e/Services/GraphQL/GraphQLServerTest.php
+++ b/tests/e2e/Services/GraphQL/GraphQLServerTest.php
@ -7,6 +7,8 @@ use Tests\E2E\Scopes\ProjectCustom;
 use Tests\E2E\Scopes\Scope;
 use Tests\E2E\Scopes\SideServer;

+use function PHPSTORM_META\type;
+
 class GraphQLServerTest extends Scope 
 {
    use SideServer;
@ -332,7 +334,99 @@ class GraphQLServerTest extends Scope
        $this->assertEquals(0, $data['status']);
        $this->assertEquals(false, $data['emailVerification']);
        $this->assertEquals([], $data['prefs']);
+    }
+
+
+    public function testScopeBasedAuth() {
+        $key = $this->createKey("test", ['locale.read']);
+        $projectId = $this->getProject()['$id'];
+        // Check that locale can be fetched
+        $query = "
+            query listCountries {
+                locale_getCountries{
+                sum
+                countries {
+                    name
+                    code
+                }
+                }
+            }
+        ";
+        
+        $variables = [];
+
+        $graphQLPayload = [
+            "query" => $query,
+            "variables" => $variables
+        ];
+
+        $countries = $this->client->call(Client::METHOD_POST, '/graphql', [
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $projectId,
+            'x-appwrite-key' => $key
+        ], $graphQLPayload);
+
+        $this->assertEquals($countries['headers']['status-code'], 200);
+        $this->assertNull($countries['body']['errors']);
+        $this->assertIsArray($countries['body']['data']);
+        $this->assertIsArray($countries['body']['data']['locale_getCountries']);
+        $data = $countries['body']['data']['locale_getCountries'];
+        $this->assertEquals(194, count($data['countries']));
+        $this->assertEquals(194, $data['sum']);
+
+        // Create a new key with no scopes granted
+        $key = $this->createKey("test", []);
+        $countries = $this->client->call(Client::METHOD_POST, '/graphql', [
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $projectId,
+            'x-appwrite-key' => $key
+        ], $graphQLPayload);
+
+        $errorMessage = "app.${projectId}@service.localhost (role: application) missing scope (locale.read)";
+        $this->assertEquals($countries['headers']['status-code'], 401);
+        $this->assertEquals($countries['body']['errors'][0]['message'], $errorMessage);
+        $this->assertIsArray($countries['body']['data']);
+        $this->assertNull($countries['body']['data']['locale_getCountries']);
+

    }

+    public function createKey(string $name, array $scopes): string {
+        $projectId = $this->getProject()['$id'];
+        $query = "
+            mutation createKey(\$projectId: String!, \$name: String!, \$scopes: [Json]!){
+                projects_createKey (projectId: \$projectId, name: \$name, scopes: \$scopes) {
+                    id
+                    name
+                    scopes
+                    secret
+                }
+            }
+        ";
+        
+        $variables = [
+            "projectId" => $projectId,
+            "name" => $name,
+            "scopes" => $scopes
+        ];
+
+        $graphQLPayload = [
+            "query" => $query,
+            "variables" => $variables
+        ];
+
+        $key = $this->client->call(Client::METHOD_POST, '/graphql', [
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'cookie' => 'a_session_console=' . $this->getRoot()['session'],
+            'x-appwrite-project' => 'console'
+        ], $graphQLPayload);
+
+        $this->assertEquals($key['headers']['status-code'], 201);
+        $this->assertNull($key['body']['errors']);
+        $this->assertIsArray($key['body']['data']);
+        $this->assertIsArray($key['body']['data']['projects_createKey']);
+
+        return $key['body']['data']['projects_createKey']['secret'];
+    }
 }