RubyGems - graphql_devise - Versions diffs - 0.12.0 → 0.13.1 - Mend

graphql_devise 0.12.0 → 0.13.1

Files changed (170) hide show

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 # This file should contain all the record creation needed to seed the database with its default values.
 # The data can then be loaded with the rails db:seed command (or created alongside the database with db:setup).
 #

data/spec/factories/admins.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 FactoryBot.define do
   factory :admin do
     email    { Faker::Internet.unique.email }

data/spec/factories/guests.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 FactoryBot.define do
   factory :guest do
     email    { Faker::Internet.unique.email }

data/spec/factories/schema_users.rb ADDED

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+FactoryBot.define do
+  factory :schema_user do
+    name      { Faker::FunnyName.two_word_name }
+    email     { Faker::Internet.unique.email }
+    password  { Faker::Internet.password }
+    trait :confirmed do
+      confirmed_at { Time.zone.now }
+    end
+  end
+end

data/spec/factories/users.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 FactoryBot.define do
   factory :user do
     name      { Faker::FunnyName.two_word_name }

data/spec/factories/users_customers.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 FactoryBot.define do
   factory :users_customer, class: 'Users::Customer' do
     name      { Faker::FunnyName.two_word_name }

data/spec/generators/graphql_devise/install_generator_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 # Generators are not automatically loaded by Rails
 require 'rails_helper'
 require 'generators/graphql_devise/install_generator'
@@ -39,7 +41,7 @@ RSpec.describe GraphqlDevise::InstallGenerator, type: :generator do
     let(:args) { [] }
     it 'creates and updated required files' do
-      assert_file 'config/routes.rb', /^\s{2}mount_graphql_devise_for 'User', at: 'auth'/
+      assert_file 'config/routes.rb', /^\s{2}mount_graphql_devise_for 'User', at: 'graphql_auth'/
       expect(routes_content).not_to match(dta_route)
       assert_file 'config/initializers/devise.rb'

data/spec/graphql_devise/model/with_email_updater_spec.rb ADDED

@@ -0,0 +1,131 @@
+# frozen_string_literal: true
+require 'rails_helper'
+RSpec.describe GraphqlDevise::Model::WithEmailUpdater do
+  describe '#call' do
+    subject(:updater) { described_class.new(resource, attributes).call }
+    context 'when the model does not have an unconfirmed_email column' do
+      let(:resource) { create(:admin, :confirmed) }
+      context 'when attributes contain email' do
+        let(:attributes) { { email: 'new@gmail.com', schema_url: 'http://localhost/test', confirmation_success_url: 'https://google.com' } }
+        it 'does not postpone email update' do
+          expect do
+            updater
+            resource.reload
+          end.to change(resource, :email).from(resource.email).to('new@gmail.com').and(
+            change(resource, :uid).from(resource.uid).to('new@gmail.com')
+          )
+        end
+      end
+    end
+    context 'when the model has an unconfirmed_email column' do
+      let(:resource) { create(:user, :confirmed) }
+      context 'when attributes do not contain email' do
+        let(:attributes) { { name: 'Updated Name', schema_url: 'http://localhost/test', confirmation_success_url: 'https://google.com' } }
+        it 'updates resource, ignores url params' do
+          expect do
+            updater
+            resource.reload
+          end.to change(resource, :name).from(resource.name).to('Updated Name')
+        end
+      end
+      context 'when attributes contain email' do
+        context 'when schema_url is missing' do
+          let(:attributes) { { email: 'new@gmail.com', name: 'Updated Name' } }
+          it 'raises an error' do
+            expect { updater }.to raise_error(
+              GraphqlDevise::Error,
+              'Method `update_with_email` requires attributes `confirmation_success_url` and `schema_url` for email reconfirmation to work'
+            )
+          end
+          context 'when email will not change' do
+            let(:attributes) { { email: resource.email, name: 'changed' } }
+            it 'updates name and does not raise an error' do
+              expect do
+                updater
+                resource.reload
+              end.to change(resource, :name).from(resource.name).to('changed').and(
+                not_change(resource, :email).from(resource.email)
+              ).and(
+                not_change(ActionMailer::Base.deliveries, :count).from(0)
+              )
+            end
+          end
+        end
+        context 'when only confirmation_success_url is missing' do
+          let(:attributes) { { email: 'new@gmail.com', name: 'Updated Name', schema_url: 'http://localhost/test' } }
+          it 'uses DTA default_confirm_success_url on the email' do
+            expect { updater }.to change(ActionMailer::Base.deliveries, :count).by(1)
+            email = ActionMailer::Base.deliveries.first
+            expect(email.body.decoded).to include(CGI.escape('https://google.com'))
+          end
+        end
+        context 'when both required urls are provided' do
+          let(:attributes) { { email: 'new@gmail.com', name: 'Updated Name', schema_url: 'http://localhost/test', confirmation_success_url: 'https://google.com' } }
+          it 'postpones email update' do
+            expect do
+              updater
+              resource.reload
+            end.to not_change(resource, :email).from(resource.email).and(
+              not_change(resource, :uid).from(resource.uid)
+            ).and(
+              change(resource, :unconfirmed_email).from(nil).to('new@gmail.com')
+            ).and(
+              change(resource, :name).from(resource.name).to('Updated Name')
+            )
+          end
+          it 'sends out a confirmation email to the unconfirmed_email' do
+            expect { updater }.to change(ActionMailer::Base.deliveries, :count).by(1)
+            email = ActionMailer::Base.deliveries.first
+            expect(email.to).to contain_exactly('new@gmail.com')
+          end
+          context 'when email value is the same on the DB' do
+            let(:attributes) { { email: resource.email, name: 'changed', schema_url: 'http://localhost/test', confirmation_success_url: 'https://google.com' } }
+            it 'updates attributes and does not send confirmation email' do
+              expect do
+                updater
+                resource.reload
+              end.to change(resource, :name).from(resource.name).to('changed').and(
+                not_change(resource, :email).from(resource.email)
+              ).and(
+                not_change(ActionMailer::Base.deliveries, :count).from(0)
+              )
+            end
+          end
+          context 'when provided params are invalid' do
+            let(:attributes) { { email: 'newgmail.com', name: '', schema_url: 'http://localhost/test', confirmation_success_url: 'https://google.com' } }
+            it 'returns false and adds errors to the model' do
+              expect(updater).to be_falsey
+              expect(resource.errors.full_messages).to contain_exactly(
+                'Email is not an email',
+                "Name can't be blank"
+              )
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/spec/graphql_devise_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 RSpec.describe GraphqlDevise do
   it 'has a version number' do
     expect(GraphqlDevise::VERSION).not_to be_nil

data/spec/models/user_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe User do

data/spec/rails_helper.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'spec_helper'
 ENV['RAILS_ENV'] ||= 'test'
@@ -42,4 +44,5 @@ RSpec.configure do |config|
   config.before(:suite) do
     ActionController::Base.allow_forgery_protection = true
   end
+  config.before { ActionMailer::Base.deliveries.clear }
 end

data/spec/requests/graphql_controller_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe GraphqlDevise::GraphqlController do

data/spec/requests/mutations/additional_mutations_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Additional Mutations' do

data/spec/requests/mutations/additional_queries_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Additional Queries' do

data/spec/requests/mutations/login_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Login Requests' do

data/spec/requests/mutations/logout_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Logout Requests' do

data/spec/requests/mutations/resend_confirmation_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Resend confirmation' do
@@ -15,39 +17,58 @@ RSpec.describe 'Resend confirmation' do
           redirectUrl:"#{redirect}"
         ) {
           message
-          authenticatable {
-            id
-            email
-          }
         }
       }
     GRAPHQL
   end
   context 'when params are correct' do
-    it 'sends an email to the user with confirmation url and returns a success message' do
-      expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
-      expect(json_response[:data][:userResendConfirmation]).to include(
-        message:         'You will receive an email with instructions for how to confirm your email address in a few minutes.',
-        authenticatable: {
-          id:    id,
-          email: email
-        }
-      )
+    context 'when using the gem schema' do
+      it 'sends an email to the user with confirmation url and returns a success message' do
+        expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
+        expect(json_response[:data][:userResendConfirmation]).to include(
+          message: 'You will receive an email with instructions for how to confirm your email address in a few minutes.'
+        )
+        email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
+        link  = email.css('a').first
+        confirm_link_msg_text = email.css('p')[1].inner_html
+        confirm_account_link_text = link.inner_html
+        expect(link['href']).to include('/api/v1/graphql_auth?')
+        expect(confirm_link_msg_text).to eq('You can confirm your account email through the link below:')
+        expect(confirm_account_link_text).to eq('Confirm my account')
-      email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
-      link  = email.css('a').first
-      confirm_link_msg_text = email.css('p')[1].inner_html
-      confirm_account_link_text = link.inner_html
+        expect do
+          get link['href']
+          user.reload
+        end.to change(user, :confirmed_at).from(NilClass).to(ActiveSupport::TimeWithZone)
+      end
+    end
+    context 'when using a custom schema' do
+      let(:custom_path) { '/api/v1/graphql' }
+      it 'sends an email to the user with confirmation url and returns a success message' do
+        expect { post_request(custom_path) }.to change(ActionMailer::Base.deliveries, :count).by(1)
+        expect(json_response[:data][:userResendConfirmation]).to include(
+          message: 'You will receive an email with instructions for how to confirm your email address in a few minutes.'
+        )
-      expect(confirm_link_msg_text).to eq('You can confirm your account email through the link below:')
-      expect(confirm_account_link_text).to eq('Confirm my account')
+        email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
+        link  = email.css('a').first
+        confirm_link_msg_text = email.css('p')[1].inner_html
+        confirm_account_link_text = link.inner_html
-      # TODO: Move to feature spec
-      expect do
-        get link['href']
-        user.reload
-      end.to change(user, :confirmed_at).from(NilClass).to(ActiveSupport::TimeWithZone)
+        expect(link['href']).to include("#{custom_path}?")
+        expect(confirm_link_msg_text).to eq('You can confirm your account email through the link below:')
+        expect(confirm_account_link_text).to eq('Confirm my account')
+        expect do
+          get link['href']
+          user.reload
+        end.to change(user, :confirmed_at).from(NilClass).to(ActiveSupport::TimeWithZone)
+      end
     end
     context 'when email address uses different casing' do
@@ -56,11 +77,7 @@ RSpec.describe 'Resend confirmation' do
       it 'honors devise configuration for case insensitive fields' do
         expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
         expect(json_response[:data][:userResendConfirmation]).to include(
-          message:         'You will receive an email with instructions for how to confirm your email address in a few minutes.',
-          authenticatable: {
-            id:    id,
-            email: user.email
-          }
+          message: 'You will receive an email with instructions for how to confirm your email address in a few minutes.'
         )
       end
     end

data/spec/requests/mutations/send_password_reset_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Send Password Reset Requests' do
@@ -13,26 +15,51 @@ RSpec.describe 'Send Password Reset Requests' do
           email:       "#{email}",
           redirectUrl: "#{redirect_url}"
         ) {
-          authenticatable {
-            email
-          }
+          message
         }
       }
     GRAPHQL
   end
   context 'when params are correct' do
-    it 'sends password reset  email' do
-      expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
+    context 'when using the gem schema' do
+      it 'sends password reset  email' do
+        expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
+        expect(json_response[:data][:userSendPasswordReset]).to include(
+          message: 'You will receive an email with instructions on how to reset your password in a few minutes.'
+        )
+        email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
+        link  = email.css('a').first
+        expect(link['href']).to include('/api/v1/graphql_auth?')
+        expect do
+          get link['href']
+          user.reload
+        end.to change(user, :allow_password_change).from(false).to(true)
+      end
+    end
+    context 'when using a custom schema' do
+      let(:custom_path) { '/api/v1/graphql' }
+      it 'sends password reset  email' do
+        expect { post_request(custom_path) }.to change(ActionMailer::Base.deliveries, :count).by(1)
-      email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
-      link  = email.css('a').first
+        expect(json_response[:data][:userSendPasswordReset]).to include(
+          message: 'You will receive an email with instructions on how to reset your password in a few minutes.'
+        )
-      # TODO: Move to feature spec
-      expect do
-        get link['href']
-        user.reload
-      end.to change(user, :allow_password_change).from(false).to(true)
+        email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
+        link  = email.css('a').first
+        expect(link['href']).to include("#{custom_path}?")
+        expect do
+          get link['href']
+          user.reload
+        end.to change(user, :allow_password_change).from(false).to(true)
+      end
     end
   end
@@ -41,6 +68,9 @@ RSpec.describe 'Send Password Reset Requests' do
     it 'honors devise configuration for case insensitive fields' do
       expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
+      expect(json_response[:data][:userSendPasswordReset]).to include(
+        message: 'You will receive an email with instructions on how to reset your password in a few minutes.'
+      )
     end
   end

data/spec/requests/mutations/sign_up_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Sign Up process' do
@@ -19,6 +21,7 @@ RSpec.describe 'Sign Up process' do
             passwordConfirmation: "#{password}"
             confirmSuccessUrl:    "#{redirect}"
           ) {
+            credentials { accessToken }
             user {
               email
               name
@@ -41,7 +44,8 @@ RSpec.describe 'Sign Up process' do
         expect(user.confirmed_at).to be_nil
         expect(user).to be_valid_password(password)
         expect(json_response[:data][:userSignUp]).to include(
-          user: {
+          credentials: nil,
+          user:        {
             email: email,
             name:  name
           }
@@ -124,6 +128,7 @@ RSpec.describe 'Sign Up process' do
             passwordConfirmation: "#{password}"
             confirmSuccessUrl:    "#{redirect}"
           ) {
+            credentials { accessToken client uid }
             authenticatable {
               email
             }
@@ -132,8 +137,16 @@ RSpec.describe 'Sign Up process' do
       GRAPHQL
     end
-    it 'works without the confirmable module' do
+    it 'returns credentials as no confirmation is required' do
       expect { post_request }.to change(Guest, :count).from(0).to(1)
+      expect(json_response[:data][:guestSignUp]).to include(
+        authenticatable: { email: email },
+        credentials:     hash_including(
+          uid:    email,
+          client: Guest.last.tokens.keys.first
+        )
+      )
     end
   end
 end