graphql_devise 0.12.1 → 0.13.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +7 -0
- data/Appraisals +14 -0
- data/CHANGELOG.md +60 -0
- data/Gemfile +2 -0
- data/README.md +125 -82
- data/Rakefile +2 -0
- data/app/controllers/graphql_devise/application_controller.rb +2 -0
- data/app/controllers/graphql_devise/concerns/set_user_by_token.rb +12 -4
- data/app/controllers/graphql_devise/graphql_controller.rb +2 -0
- data/app/helpers/graphql_devise/application_helper.rb +2 -0
- data/app/helpers/graphql_devise/mailer_helper.rb +2 -0
- data/app/models/graphql_devise/concerns/model.rb +10 -0
- data/app/views/graphql_devise/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/graphql_devise/mailer/reset_password_instructions.html.erb +1 -1
- data/config/routes.rb +2 -0
- data/graphql_devise.gemspec +1 -1
- data/lib/generators/graphql_devise/install_generator.rb +3 -1
- data/lib/graphql_devise.rb +2 -0
- data/lib/graphql_devise/concerns/controller_methods.rb +2 -0
- data/lib/graphql_devise/default_operations/mutations.rb +2 -0
- data/lib/graphql_devise/default_operations/resolvers.rb +2 -0
- data/lib/graphql_devise/engine.rb +2 -0
- data/lib/graphql_devise/errors/authentication_error.rb +2 -0
- data/lib/graphql_devise/errors/detailed_user_error.rb +2 -0
- data/lib/graphql_devise/errors/error_codes.rb +2 -0
- data/lib/graphql_devise/errors/execution_error.rb +2 -0
- data/lib/graphql_devise/errors/user_error.rb +2 -0
- data/lib/graphql_devise/model/with_email_updater.rb +74 -0
- data/lib/graphql_devise/mount_method/operation_preparer.rb +2 -0
- data/lib/graphql_devise/mount_method/operation_preparers/custom_operation_preparer.rb +2 -0
- data/lib/graphql_devise/mount_method/operation_preparers/default_operation_preparer.rb +2 -0
- data/lib/graphql_devise/mount_method/operation_preparers/gql_name_setter.rb +2 -0
- data/lib/graphql_devise/mount_method/operation_preparers/mutation_field_setter.rb +2 -0
- data/lib/graphql_devise/mount_method/operation_preparers/resolver_type_setter.rb +2 -0
- data/lib/graphql_devise/mount_method/operation_preparers/resource_name_setter.rb +2 -0
- data/lib/graphql_devise/mount_method/operation_sanitizer.rb +2 -0
- data/lib/graphql_devise/mount_method/option_sanitizer.rb +2 -0
- data/lib/graphql_devise/mount_method/option_sanitizers/array_checker.rb +2 -0
- data/lib/graphql_devise/mount_method/option_sanitizers/class_checker.rb +2 -0
- data/lib/graphql_devise/mount_method/option_sanitizers/hash_checker.rb +2 -0
- data/lib/graphql_devise/mount_method/option_sanitizers/string_checker.rb +2 -0
- data/lib/graphql_devise/mount_method/option_validators/provided_operations_validator.rb +2 -0
- data/lib/graphql_devise/mount_method/option_validators/skip_only_validator.rb +2 -0
- data/lib/graphql_devise/mount_method/option_validators/supported_operations_validator.rb +2 -0
- data/lib/graphql_devise/mount_method/options_validator.rb +2 -0
- data/lib/graphql_devise/mount_method/supported_options.rb +2 -0
- data/lib/graphql_devise/mutations/base.rb +2 -0
- data/lib/graphql_devise/mutations/login.rb +2 -0
- data/lib/graphql_devise/mutations/logout.rb +2 -0
- data/lib/graphql_devise/mutations/resend_confirmation.rb +4 -1
- data/lib/graphql_devise/mutations/send_password_reset.rb +4 -1
- data/lib/graphql_devise/mutations/sign_up.rb +13 -3
- data/lib/graphql_devise/mutations/update_password.rb +2 -0
- data/lib/graphql_devise/rails/routes.rb +2 -0
- data/lib/graphql_devise/resolvers/base.rb +2 -0
- data/lib/graphql_devise/resolvers/check_password_token.rb +2 -0
- data/lib/graphql_devise/resolvers/confirm_account.rb +7 -2
- data/lib/graphql_devise/resolvers/dummy.rb +2 -0
- data/lib/graphql_devise/resource_loader.rb +2 -0
- data/lib/graphql_devise/schema.rb +2 -0
- data/lib/graphql_devise/schema_plugin.rb +30 -3
- data/lib/graphql_devise/types/authenticatable_type.rb +2 -0
- data/lib/graphql_devise/types/credential_type.rb +2 -0
- data/lib/graphql_devise/types/mutation_type.rb +2 -0
- data/lib/graphql_devise/types/query_type.rb +2 -0
- data/lib/graphql_devise/version.rb +3 -1
- data/spec/dummy/Rakefile +2 -0
- data/spec/dummy/app/controllers/api/v1/graphql_controller.rb +35 -4
- data/spec/dummy/app/controllers/application_controller.rb +2 -0
- data/spec/dummy/app/graphql/dummy_schema.rb +14 -2
- data/spec/dummy/app/graphql/interpreter_schema.rb +2 -0
- data/spec/dummy/app/graphql/mutations/login.rb +2 -0
- data/spec/dummy/app/graphql/mutations/register_confirmed_user.rb +2 -0
- data/spec/dummy/app/graphql/mutations/sign_up.rb +2 -0
- data/spec/dummy/app/graphql/mutations/update_user.rb +22 -0
- data/spec/dummy/app/graphql/resolvers/public_user.rb +2 -0
- data/spec/dummy/app/graphql/resolvers/user_show.rb +2 -0
- data/spec/dummy/app/graphql/types/base_object.rb +2 -0
- data/spec/dummy/app/graphql/types/custom_admin_type.rb +2 -0
- data/spec/dummy/app/graphql/types/mutation_type.rb +3 -0
- data/spec/dummy/app/graphql/types/query_type.rb +2 -0
- data/spec/dummy/app/graphql/types/user_type.rb +2 -0
- data/spec/dummy/app/jobs/application_job.rb +2 -0
- data/spec/dummy/app/mailers/application_mailer.rb +2 -0
- data/spec/dummy/app/models/admin.rb +2 -0
- data/spec/dummy/app/models/application_record.rb +2 -0
- data/spec/dummy/app/models/guest.rb +2 -0
- data/spec/dummy/app/models/schema_user.rb +13 -0
- data/spec/dummy/app/models/user.rb +2 -0
- data/spec/dummy/app/models/users.rb +2 -0
- data/spec/dummy/app/models/users/customer.rb +2 -0
- data/spec/dummy/config.ru +2 -0
- data/spec/dummy/config/application.rb +2 -0
- data/spec/dummy/config/environment.rb +2 -0
- data/spec/dummy/config/environments/development.rb +2 -0
- data/spec/dummy/config/environments/production.rb +2 -0
- data/spec/dummy/config/environments/test.rb +2 -0
- data/spec/dummy/config/initializers/application_controller_renderer.rb +2 -0
- data/spec/dummy/config/initializers/backtrace_silencers.rb +2 -0
- data/spec/dummy/config/initializers/cors.rb +2 -0
- data/spec/dummy/config/initializers/devise_token_auth.rb +2 -0
- data/spec/dummy/config/initializers/filter_parameter_logging.rb +2 -0
- data/spec/dummy/config/initializers/i18n.rb +2 -0
- data/spec/dummy/config/initializers/inflections.rb +2 -0
- data/spec/dummy/config/initializers/mime_types.rb +2 -0
- data/spec/dummy/config/initializers/wrap_parameters.rb +2 -0
- data/spec/dummy/config/puma.rb +2 -0
- data/spec/dummy/config/routes.rb +4 -0
- data/spec/dummy/config/spring.rb +2 -0
- data/spec/dummy/db/migrate/20190815114303_create_users.rb +2 -0
- data/spec/dummy/db/migrate/20190824215150_add_auth_available_to_users.rb +2 -0
- data/spec/dummy/db/migrate/20190916012505_create_admins.rb +2 -0
- data/spec/dummy/db/migrate/20191013213045_create_guests.rb +2 -0
- data/spec/dummy/db/migrate/20200321121807_create_users_customers.rb +2 -0
- data/spec/dummy/db/migrate/20200621182414_remove_uncofirmed_email_from_admins.rb +7 -0
- data/spec/dummy/db/migrate/20200623003142_create_schema_users.rb +46 -0
- data/spec/dummy/db/schema.rb +30 -2
- data/spec/dummy/db/seeds.rb +2 -0
- data/spec/factories/admins.rb +2 -0
- data/spec/factories/guests.rb +2 -0
- data/spec/factories/schema_users.rb +13 -0
- data/spec/factories/users.rb +2 -0
- data/spec/factories/users_customers.rb +2 -0
- data/spec/generators/graphql_devise/install_generator_spec.rb +3 -1
- data/spec/graphql_devise/model/with_email_updater_spec.rb +131 -0
- data/spec/graphql_devise_spec.rb +2 -0
- data/spec/models/user_spec.rb +2 -0
- data/spec/rails_helper.rb +3 -0
- data/spec/requests/graphql_controller_spec.rb +2 -0
- data/spec/requests/mutations/additional_mutations_spec.rb +2 -0
- data/spec/requests/mutations/additional_queries_spec.rb +2 -0
- data/spec/requests/mutations/login_spec.rb +2 -0
- data/spec/requests/mutations/logout_spec.rb +2 -0
- data/spec/requests/mutations/resend_confirmation_spec.rb +45 -16
- data/spec/requests/mutations/send_password_reset_spec.rb +37 -12
- data/spec/requests/mutations/sign_up_spec.rb +15 -2
- data/spec/requests/mutations/update_password_spec.rb +2 -0
- data/spec/requests/queries/check_password_token_spec.rb +2 -0
- data/spec/requests/queries/confirm_account_spec.rb +9 -1
- data/spec/requests/user_controller_spec.rb +65 -7
- data/spec/services/mount_method/operation_preparer_spec.rb +2 -0
- data/spec/services/mount_method/operation_preparers/custom_operation_preparer_spec.rb +2 -0
- data/spec/services/mount_method/operation_preparers/default_operation_preparer_spec.rb +2 -0
- data/spec/services/mount_method/operation_preparers/gql_name_setter_spec.rb +2 -0
- data/spec/services/mount_method/operation_preparers/mutation_field_setter_spec.rb +2 -0
- data/spec/services/mount_method/operation_preparers/resolver_type_setter_spec.rb +2 -0
- data/spec/services/mount_method/operation_preparers/resource_name_setter_spec.rb +2 -0
- data/spec/services/mount_method/operation_sanitizer_spec.rb +2 -0
- data/spec/services/mount_method/option_sanitizer_spec.rb +2 -0
- data/spec/services/mount_method/option_sanitizers/array_checker_spec.rb +2 -0
- data/spec/services/mount_method/option_sanitizers/class_checker_spec.rb +2 -0
- data/spec/services/mount_method/option_sanitizers/hash_checker_spec.rb +2 -0
- data/spec/services/mount_method/option_sanitizers/string_checker_spec.rb +2 -0
- data/spec/services/mount_method/option_validators/provided_operations_validator_spec.rb +2 -0
- data/spec/services/mount_method/option_validators/skip_only_validator_spec.rb +2 -0
- data/spec/services/mount_method/option_validators/supported_operations_validator_spec.rb +2 -0
- data/spec/services/mount_method/options_validator_spec.rb +2 -0
- data/spec/services/resource_loader_spec.rb +2 -0
- data/spec/services/schema_plugin_spec.rb +2 -0
- data/spec/spec_helper.rb +2 -0
- data/spec/support/contexts/graphql_request.rb +2 -0
- data/spec/support/factory_bot.rb +2 -0
- data/spec/support/matchers/auth_headers_matcher.rb +2 -0
- data/spec/support/matchers/not_change_matcher.rb +2 -0
- data/spec/support/requests/auth_helpers.rb +2 -0
- data/spec/support/requests/json_helpers.rb +2 -0
- metadata +17 -4
data/spec/graphql_devise_spec.rb
CHANGED
data/spec/models/user_spec.rb
CHANGED
data/spec/rails_helper.rb
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'spec_helper'
|
|
2
4
|
|
|
3
5
|
ENV['RAILS_ENV'] ||= 'test'
|
|
@@ -42,4 +44,5 @@ RSpec.configure do |config|
|
|
|
42
44
|
config.before(:suite) do
|
|
43
45
|
ActionController::Base.allow_forgery_protection = true
|
|
44
46
|
end
|
|
47
|
+
config.before { ActionMailer::Base.deliveries.clear }
|
|
45
48
|
end
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'rails_helper'
|
|
2
4
|
|
|
3
5
|
RSpec.describe 'Resend confirmation' do
|
|
@@ -21,25 +23,52 @@ RSpec.describe 'Resend confirmation' do
|
|
|
21
23
|
end
|
|
22
24
|
|
|
23
25
|
context 'when params are correct' do
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
26
|
+
context 'when using the gem schema' do
|
|
27
|
+
it 'sends an email to the user with confirmation url and returns a success message' do
|
|
28
|
+
expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
|
|
29
|
+
expect(json_response[:data][:userResendConfirmation]).to include(
|
|
30
|
+
message: 'You will receive an email with instructions for how to confirm your email address in a few minutes.'
|
|
31
|
+
)
|
|
32
|
+
|
|
33
|
+
email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
|
|
34
|
+
link = email.css('a').first
|
|
35
|
+
confirm_link_msg_text = email.css('p')[1].inner_html
|
|
36
|
+
confirm_account_link_text = link.inner_html
|
|
29
37
|
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
confirm_account_link_text = link.inner_html
|
|
38
|
+
expect(link['href']).to include('/api/v1/graphql_auth?')
|
|
39
|
+
expect(confirm_link_msg_text).to eq('You can confirm your account email through the link below:')
|
|
40
|
+
expect(confirm_account_link_text).to eq('Confirm my account')
|
|
34
41
|
|
|
35
|
-
|
|
36
|
-
|
|
42
|
+
expect do
|
|
43
|
+
get link['href']
|
|
44
|
+
user.reload
|
|
45
|
+
end.to change(user, :confirmed_at).from(NilClass).to(ActiveSupport::TimeWithZone)
|
|
46
|
+
end
|
|
47
|
+
end
|
|
37
48
|
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
49
|
+
context 'when using a custom schema' do
|
|
50
|
+
let(:custom_path) { '/api/v1/graphql' }
|
|
51
|
+
|
|
52
|
+
it 'sends an email to the user with confirmation url and returns a success message' do
|
|
53
|
+
expect { post_request(custom_path) }.to change(ActionMailer::Base.deliveries, :count).by(1)
|
|
54
|
+
expect(json_response[:data][:userResendConfirmation]).to include(
|
|
55
|
+
message: 'You will receive an email with instructions for how to confirm your email address in a few minutes.'
|
|
56
|
+
)
|
|
57
|
+
|
|
58
|
+
email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
|
|
59
|
+
link = email.css('a').first
|
|
60
|
+
confirm_link_msg_text = email.css('p')[1].inner_html
|
|
61
|
+
confirm_account_link_text = link.inner_html
|
|
62
|
+
|
|
63
|
+
expect(link['href']).to include("#{custom_path}?")
|
|
64
|
+
expect(confirm_link_msg_text).to eq('You can confirm your account email through the link below:')
|
|
65
|
+
expect(confirm_account_link_text).to eq('Confirm my account')
|
|
66
|
+
|
|
67
|
+
expect do
|
|
68
|
+
get link['href']
|
|
69
|
+
user.reload
|
|
70
|
+
end.to change(user, :confirmed_at).from(NilClass).to(ActiveSupport::TimeWithZone)
|
|
71
|
+
end
|
|
43
72
|
end
|
|
44
73
|
|
|
45
74
|
context 'when email address uses different casing' do
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'rails_helper'
|
|
2
4
|
|
|
3
5
|
RSpec.describe 'Send Password Reset Requests' do
|
|
@@ -20,21 +22,44 @@ RSpec.describe 'Send Password Reset Requests' do
|
|
|
20
22
|
end
|
|
21
23
|
|
|
22
24
|
context 'when params are correct' do
|
|
23
|
-
|
|
24
|
-
|
|
25
|
+
context 'when using the gem schema' do
|
|
26
|
+
it 'sends password reset email' do
|
|
27
|
+
expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
|
|
25
28
|
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
+
expect(json_response[:data][:userSendPasswordReset]).to include(
|
|
30
|
+
message: 'You will receive an email with instructions on how to reset your password in a few minutes.'
|
|
31
|
+
)
|
|
32
|
+
|
|
33
|
+
email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
|
|
34
|
+
link = email.css('a').first
|
|
35
|
+
expect(link['href']).to include('/api/v1/graphql_auth?')
|
|
36
|
+
|
|
37
|
+
expect do
|
|
38
|
+
get link['href']
|
|
39
|
+
user.reload
|
|
40
|
+
end.to change(user, :allow_password_change).from(false).to(true)
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
context 'when using a custom schema' do
|
|
45
|
+
let(:custom_path) { '/api/v1/graphql' }
|
|
46
|
+
|
|
47
|
+
it 'sends password reset email' do
|
|
48
|
+
expect { post_request(custom_path) }.to change(ActionMailer::Base.deliveries, :count).by(1)
|
|
49
|
+
|
|
50
|
+
expect(json_response[:data][:userSendPasswordReset]).to include(
|
|
51
|
+
message: 'You will receive an email with instructions on how to reset your password in a few minutes.'
|
|
52
|
+
)
|
|
29
53
|
|
|
30
|
-
|
|
31
|
-
|
|
54
|
+
email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
|
|
55
|
+
link = email.css('a').first
|
|
56
|
+
expect(link['href']).to include("#{custom_path}?")
|
|
32
57
|
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
user.
|
|
37
|
-
end
|
|
58
|
+
expect do
|
|
59
|
+
get link['href']
|
|
60
|
+
user.reload
|
|
61
|
+
end.to change(user, :allow_password_change).from(false).to(true)
|
|
62
|
+
end
|
|
38
63
|
end
|
|
39
64
|
end
|
|
40
65
|
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'rails_helper'
|
|
2
4
|
|
|
3
5
|
RSpec.describe 'Sign Up process' do
|
|
@@ -19,6 +21,7 @@ RSpec.describe 'Sign Up process' do
|
|
|
19
21
|
passwordConfirmation: "#{password}"
|
|
20
22
|
confirmSuccessUrl: "#{redirect}"
|
|
21
23
|
) {
|
|
24
|
+
credentials { accessToken }
|
|
22
25
|
user {
|
|
23
26
|
email
|
|
24
27
|
name
|
|
@@ -41,7 +44,8 @@ RSpec.describe 'Sign Up process' do
|
|
|
41
44
|
expect(user.confirmed_at).to be_nil
|
|
42
45
|
expect(user).to be_valid_password(password)
|
|
43
46
|
expect(json_response[:data][:userSignUp]).to include(
|
|
44
|
-
|
|
47
|
+
credentials: nil,
|
|
48
|
+
user: {
|
|
45
49
|
email: email,
|
|
46
50
|
name: name
|
|
47
51
|
}
|
|
@@ -124,6 +128,7 @@ RSpec.describe 'Sign Up process' do
|
|
|
124
128
|
passwordConfirmation: "#{password}"
|
|
125
129
|
confirmSuccessUrl: "#{redirect}"
|
|
126
130
|
) {
|
|
131
|
+
credentials { accessToken client uid }
|
|
127
132
|
authenticatable {
|
|
128
133
|
email
|
|
129
134
|
}
|
|
@@ -132,8 +137,16 @@ RSpec.describe 'Sign Up process' do
|
|
|
132
137
|
GRAPHQL
|
|
133
138
|
end
|
|
134
139
|
|
|
135
|
-
it '
|
|
140
|
+
it 'returns credentials as no confirmation is required' do
|
|
136
141
|
expect { post_request }.to change(Guest, :count).from(0).to(1)
|
|
142
|
+
|
|
143
|
+
expect(json_response[:data][:guestSignUp]).to include(
|
|
144
|
+
authenticatable: { email: email },
|
|
145
|
+
credentials: hash_including(
|
|
146
|
+
uid: email,
|
|
147
|
+
client: Guest.last.tokens.keys.first
|
|
148
|
+
)
|
|
149
|
+
)
|
|
137
150
|
end
|
|
138
151
|
end
|
|
139
152
|
end
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'rails_helper'
|
|
2
4
|
|
|
3
5
|
RSpec.describe 'Account confirmation' do
|
|
@@ -22,7 +24,13 @@ RSpec.describe 'Account confirmation' do
|
|
|
22
24
|
context 'when confirmation token is correct' do
|
|
23
25
|
let(:token) { user.confirmation_token }
|
|
24
26
|
|
|
25
|
-
before
|
|
27
|
+
before do
|
|
28
|
+
user.send_confirmation_instructions(
|
|
29
|
+
template_path: ['graphql_devise/mailer'],
|
|
30
|
+
controller: 'graphql_devise/graphql',
|
|
31
|
+
schema_url: 'http://not-using-this-value.com/gql'
|
|
32
|
+
)
|
|
33
|
+
end
|
|
26
34
|
|
|
27
35
|
it 'confirms the resource and redirects to the sent url' do
|
|
28
36
|
expect do
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'rails_helper'
|
|
2
4
|
|
|
3
5
|
RSpec.describe "Integrations with the user's controller" do
|
|
@@ -29,6 +31,15 @@ RSpec.describe "Integrations with the user's controller" do
|
|
|
29
31
|
expect(json_response[:data][:publicField]).to eq('Field does not require authentication')
|
|
30
32
|
end
|
|
31
33
|
end
|
|
34
|
+
|
|
35
|
+
context 'when using the failing route' do
|
|
36
|
+
it 'raises an invalid resource_name error' do
|
|
37
|
+
expect { post_request('/api/v1/failing') }.to raise_error(
|
|
38
|
+
GraphqlDevise::Error,
|
|
39
|
+
'Invalid resource_name `fail` provided to `graphql_context`. Possible values are: [:user, :admin, :guest, :users_customer, :schema_user].'
|
|
40
|
+
)
|
|
41
|
+
end
|
|
42
|
+
end
|
|
32
43
|
end
|
|
33
44
|
|
|
34
45
|
describe 'privateField' do
|
|
@@ -46,9 +57,17 @@ RSpec.describe "Integrations with the user's controller" do
|
|
|
46
57
|
context 'when user is authenticated' do
|
|
47
58
|
let(:headers) { user.create_new_auth_token }
|
|
48
59
|
|
|
49
|
-
it '
|
|
60
|
+
it 'allows to perform the query' do
|
|
50
61
|
expect(json_response[:data][:privateField]).to eq('Field will always require authentication')
|
|
51
62
|
end
|
|
63
|
+
|
|
64
|
+
context 'when using a SchemaUser' do
|
|
65
|
+
let(:headers) { create(:schema_user, :confirmed).create_new_auth_token }
|
|
66
|
+
|
|
67
|
+
it 'allows to perform the query' do
|
|
68
|
+
expect(json_response[:data][:privateField]).to eq('Field will always require authentication')
|
|
69
|
+
end
|
|
70
|
+
end
|
|
52
71
|
end
|
|
53
72
|
|
|
54
73
|
context 'when user is not authenticated' do
|
|
@@ -66,7 +85,7 @@ RSpec.describe "Integrations with the user's controller" do
|
|
|
66
85
|
context 'when user is authenticated' do
|
|
67
86
|
let(:headers) { user.create_new_auth_token }
|
|
68
87
|
|
|
69
|
-
it '
|
|
88
|
+
it 'allows to perform the query' do
|
|
70
89
|
expect(json_response[:data][:privateField]).to eq('Field will always require authentication')
|
|
71
90
|
end
|
|
72
91
|
end
|
|
@@ -96,7 +115,7 @@ RSpec.describe "Integrations with the user's controller" do
|
|
|
96
115
|
context 'when user is authenticated' do
|
|
97
116
|
let(:headers) { user.create_new_auth_token }
|
|
98
117
|
|
|
99
|
-
it '
|
|
118
|
+
it 'allows to perform the query' do
|
|
100
119
|
expect(json_response[:data][:dummyMutation]).to eq('Necessary so GraphQL gem does not complain about empty mutation type')
|
|
101
120
|
end
|
|
102
121
|
end
|
|
@@ -116,7 +135,7 @@ RSpec.describe "Integrations with the user's controller" do
|
|
|
116
135
|
context 'when user is authenticated' do
|
|
117
136
|
let(:headers) { user.create_new_auth_token }
|
|
118
137
|
|
|
119
|
-
it '
|
|
138
|
+
it 'allows to perform the query' do
|
|
120
139
|
expect(json_response[:data][:dummyMutation]).to eq('Necessary so GraphQL gem does not complain about empty mutation type')
|
|
121
140
|
end
|
|
122
141
|
end
|
|
@@ -151,7 +170,7 @@ RSpec.describe "Integrations with the user's controller" do
|
|
|
151
170
|
context 'when user is authenticated' do
|
|
152
171
|
let(:headers) { user.create_new_auth_token }
|
|
153
172
|
|
|
154
|
-
it '
|
|
173
|
+
it 'allows to perform the query' do
|
|
155
174
|
expect(json_response[:data][:user]).to match(
|
|
156
175
|
email: user.email,
|
|
157
176
|
id: user.id
|
|
@@ -174,7 +193,7 @@ RSpec.describe "Integrations with the user's controller" do
|
|
|
174
193
|
context 'when user is authenticated' do
|
|
175
194
|
let(:headers) { user.create_new_auth_token }
|
|
176
195
|
|
|
177
|
-
it '
|
|
196
|
+
it 'allows to perform the query' do
|
|
178
197
|
expect(json_response[:data][:user]).to match(
|
|
179
198
|
email: user.email,
|
|
180
199
|
id: user.id
|
|
@@ -184,7 +203,7 @@ RSpec.describe "Integrations with the user's controller" do
|
|
|
184
203
|
|
|
185
204
|
context 'when user is not authenticated' do
|
|
186
205
|
# Interpreter schema fields are public unless specified otherwise (plugin setting)
|
|
187
|
-
it '
|
|
206
|
+
it 'allows to perform the query' do
|
|
188
207
|
expect(json_response[:data][:user]).to match(
|
|
189
208
|
email: user.email,
|
|
190
209
|
id: user.id
|
|
@@ -193,4 +212,43 @@ RSpec.describe "Integrations with the user's controller" do
|
|
|
193
212
|
end
|
|
194
213
|
end
|
|
195
214
|
end
|
|
215
|
+
|
|
216
|
+
describe 'updateUser' do
|
|
217
|
+
let(:headers) { user.create_new_auth_token }
|
|
218
|
+
let(:query) do
|
|
219
|
+
<<-GRAPHQL
|
|
220
|
+
mutation {
|
|
221
|
+
updateUser(email: "updated@gmail.com", name: "updated name") {
|
|
222
|
+
user { email name }
|
|
223
|
+
}
|
|
224
|
+
}
|
|
225
|
+
GRAPHQL
|
|
226
|
+
end
|
|
227
|
+
|
|
228
|
+
it 'requires new email confirmation' do
|
|
229
|
+
original_email = user.email
|
|
230
|
+
|
|
231
|
+
expect do
|
|
232
|
+
post_request('/api/v1/graphql?test=value')
|
|
233
|
+
user.reload
|
|
234
|
+
end.to not_change(user, :email).from(original_email).and(
|
|
235
|
+
change(user, :unconfirmed_email).from(nil).to('updated@gmail.com')
|
|
236
|
+
).and(
|
|
237
|
+
not_change(user, :uid).from(original_email)
|
|
238
|
+
).and(
|
|
239
|
+
change(user, :name).from(user.name).to('updated name')
|
|
240
|
+
)
|
|
241
|
+
|
|
242
|
+
email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
|
|
243
|
+
link = email.css('a').first
|
|
244
|
+
expect(link['href']).to include('/api/v1/graphql')
|
|
245
|
+
|
|
246
|
+
expect do
|
|
247
|
+
get link['href']
|
|
248
|
+
user.reload
|
|
249
|
+
end.to change(user, :email).from(original_email).to('updated@gmail.com').and(
|
|
250
|
+
change(user, :uid).from(original_email).to('updated@gmail.com')
|
|
251
|
+
)
|
|
252
|
+
end
|
|
253
|
+
end
|
|
196
254
|
end
|