File: graphql_shared_examples.rb

package info (click to toggle)
gitlab 17.6.5-19
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 629,368 kB
  • sloc: ruby: 1,915,304; javascript: 557,307; sql: 60,639; xml: 6,509; sh: 4,567; makefile: 1,239; python: 406
file content (78 lines) | stat: -rw-r--r-- 2,156 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
 
# frozen_string_literal: true

RSpec.shared_examples 'a working graphql query' do
  include GraphqlHelpers

  it 'returns a successful response', :aggregate_failures do
    expect(response).to have_gitlab_http_status(:success)
    expect_graphql_errors_to_be_empty
    expect(json_response.keys).to include('data')
  end
end

RSpec.shared_examples 'a working graphql query that returns no data' do
  include GraphqlHelpers

  it_behaves_like 'a working graphql query'

  it 'contains no data' do
    expect(graphql_data.compact).to be_empty
  end
end

RSpec.shared_examples 'a working graphql query that returns data' do
  include GraphqlHelpers

  it_behaves_like 'a working graphql query'

  it 'contains data' do
    expect(graphql_data.compact).not_to be_empty
  end
end

RSpec.shared_examples 'a working GraphQL mutation' do
  include GraphqlHelpers

  before do
    post_graphql_mutation(mutation, current_user: current_user, token: token)
  end

  shared_examples 'allows access to the mutation' do
    let(:scopes) { ['api'] }

    it_behaves_like 'a working graphql query that returns data'
  end

  shared_examples 'prevents access to the mutation' do
    let(:scopes) { ['read_api'] }

    it 'does not resolve the mutation' do
      expect(graphql_data.compact).to be_empty
      expect(graphql_errors).to be_present
    end
  end

  context 'with a personal access token' do
    let(:token) do
      pat = create(:personal_access_token, user: current_user, scopes: scopes)
      { personal_access_token: pat }
    end

    it_behaves_like 'prevents access to the mutation'
    it_behaves_like 'allows access to the mutation'
  end

  context 'with an OAuth token' do
    let(:token) do
      { oauth_access_token: create(:oauth_access_token, resource_owner: current_user, scopes: scopes.join(' ')) }
    end

    it_behaves_like 'prevents access to the mutation'
    it_behaves_like 'allows access to the mutation'
  end
end

RSpec.shared_examples 'a mutation on an unauthorized resource' do
  it_behaves_like 'a mutation that returns top-level errors',
    errors: [::Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
end