RubyGems - graphql_devise - Versions diffs - 0.12.3 → 0.13.4 - Mend

graphql_devise 0.12.3 → 0.13.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (168) hide show

data/spec/requests/mutations/resend_confirmation_spec.rb CHANGED

@@ -1,12 +1,15 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Resend confirmation' do
   include_context 'with graphql query request'
-  let!(:user)    { create(:user, confirmed_at: nil, email: 'mwallace@wallaceinc.com') }
-  let(:email)    { user.email }
-  let(:id)       { user.id }
-  let(:redirect) { Faker::Internet.url }
+  let(:confirmed_at) { nil }
+  let!(:user)        { create(:user, confirmed_at: nil, email: 'mwallace@wallaceinc.com') }
+  let(:email)        { user.email }
+  let(:id)           { user.id }
+  let(:redirect)     { Faker::Internet.url }
   let(:query) do
     <<-GRAPHQL
       mutation {
@@ -96,6 +99,28 @@ RSpec.describe 'Resend confirmation' do
     end
   end
+  context 'when the email was changed' do
+    let(:confirmed_at) { 2.seconds.ago }
+    let(:email)        { 'new-email@wallaceinc.com' }
+    let(:new_email)    { email }
+    before do
+      user.update_with_email(
+        email:                    new_email,
+        schema_url:               'http://localhost/test',
+        confirmation_success_url: 'https://google.com'
+      )
+    end
+    it 'sends new confirmation email' do
+      expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
+      expect(ActionMailer::Base.deliveries.first.to).to contain_exactly(new_email)
+      expect(json_response[:data][:userResendConfirmation]).to include(
+        message: 'You will receive an email with instructions for how to confirm your email address in a few minutes.'
+      )
+    end
+  end
   context "when the email isn't in the system" do
     let(:email) { 'nothere@gmail.com' }

data/spec/requests/mutations/send_password_reset_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Send Password Reset Requests' do

data/spec/requests/mutations/sign_up_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Sign Up process' do
@@ -19,6 +21,7 @@ RSpec.describe 'Sign Up process' do
             passwordConfirmation: "#{password}"
             confirmSuccessUrl:    "#{redirect}"
           ) {
+            credentials { accessToken }
             user {
               email
               name
@@ -41,7 +44,8 @@ RSpec.describe 'Sign Up process' do
         expect(user.confirmed_at).to be_nil
         expect(user).to be_valid_password(password)
         expect(json_response[:data][:userSignUp]).to include(
-          user: {
+          credentials: nil,
+          user:        {
             email: email,
             name:  name
           }
@@ -124,6 +128,7 @@ RSpec.describe 'Sign Up process' do
             passwordConfirmation: "#{password}"
             confirmSuccessUrl:    "#{redirect}"
           ) {
+            credentials { accessToken client uid }
             authenticatable {
               email
             }
@@ -132,8 +137,16 @@ RSpec.describe 'Sign Up process' do
       GRAPHQL
     end
-    it 'works without the confirmable module' do
+    it 'returns credentials as no confirmation is required' do
       expect { post_request }.to change(Guest, :count).from(0).to(1)
+      expect(json_response[:data][:guestSignUp]).to include(
+        authenticatable: { email: email },
+        credentials:     hash_including(
+          uid:    email,
+          client: Guest.last.tokens.keys.first
+        )
+      )
     end
   end
 end

data/spec/requests/mutations/update_password_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Update Password Requests' do

data/spec/requests/queries/check_password_token_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Check Password Token Requests' do

data/spec/requests/queries/confirm_account_spec.rb CHANGED

@@ -1,62 +1,122 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe 'Account confirmation' do
   include_context 'with graphql query request'
-  let(:user)     { create(:user, confirmed_at: nil) }
-  let(:redirect) { Faker::Internet.url }
-  let(:query) do
-    <<-GRAPHQL
-      {
-        userConfirmAccount(
-          confirmationToken: "#{token}"
-          redirectUrl:       "#{redirect}"
-        ) {
-          email
-          name
+  context 'when using the user model' do
+    let(:user)     { create(:user, confirmed_at: nil) }
+    let(:redirect) { Faker::Internet.url }
+    let(:query) do
+      <<-GRAPHQL
+        {
+          userConfirmAccount(
+            confirmationToken: "#{token}"
+            redirectUrl:       "#{redirect}"
+          ) {
+            email
+            name
+          }
         }
-      }
-    GRAPHQL
-  end
+      GRAPHQL
+    end
+    context 'when confirmation token is correct' do
+      let(:token) { user.confirmation_token }
+      before do
+        user.send_confirmation_instructions(
+          template_path: ['graphql_devise/mailer'],
+          controller:    'graphql_devise/graphql',
+          schema_url:    'http://not-using-this-value.com/gql'
+        )
+      end
+      it 'confirms the resource and redirects to the sent url' do
+        expect do
+          get_request
+          user.reload
+        end.to(change(user, :confirmed_at).from(nil))
+        expect(response).to redirect_to("#{redirect}?account_confirmation_success=true")
+        expect(user).to be_active_for_authentication
+      end
-  context 'when confirmation token is correct' do
-    let(:token) { user.confirmation_token }
+      context 'when unconfirmed_email is present' do
+        let(:user) { create(:user, :confirmed, unconfirmed_email: 'vvega@wallaceinc.com') }
-    before do
-      user.send_confirmation_instructions(
-        template_path: ['graphql_devise/mailer'],
-        controller:    'graphql_devise/graphql',
-        action:        'auth'
-      )
+        it 'confirms the unconfirmed email and redirects' do
+          expect do
+            get_request
+            user.reload
+          end.to change(user, :email).from(user.email).to('vvega@wallaceinc.com').and(
+            change(user, :unconfirmed_email).from('vvega@wallaceinc.com').to(nil)
+          )
+          expect(response).to redirect_to("#{redirect}?account_confirmation_success=true")
+        end
+      end
     end
-    it 'confirms the resource and redirects to the sent url' do
-      expect do
-        get_request
-        user.reload
-      end.to(change(user, :confirmed_at).from(nil))
+    context 'when reset password token is not found' do
+      let(:token) { "#{user.confirmation_token}-invalid" }
+      it 'does *NOT* confirm the user nor does the redirection' do
+        expect do
+          get_request
+          user.reload
+        end.not_to(change(user, :confirmed_at).from(nil))
-      expect(response).to redirect_to "#{redirect}?account_confirmation_success=true"
-      expect(user).to be_active_for_authentication
+        expect(response).not_to be_redirect
+        expect(json_response[:errors]).to contain_exactly(
+          hash_including(
+            message:    'Invalid confirmation token. Please try again',
+            extensions: { code: 'USER_ERROR' }
+          )
+        )
+      end
     end
   end
-  context 'when reset password token is not found' do
-    let(:token) { "#{user.confirmation_token}-invalid" }
+  context 'when using the admin model' do
+    let(:admin)    { create(:admin, confirmed_at: nil) }
+    let(:redirect) { Faker::Internet.url }
+    let(:query) do
+      <<-GRAPHQL
+        {
+          adminConfirmAccount(
+            confirmationToken: "#{token}"
+            redirectUrl:       "#{redirect}"
+          ) {
+            email
+          }
+        }
+      GRAPHQL
+    end
+    context 'when confirmation token is correct' do
+      let(:token) { admin.confirmation_token }
-    it 'does *NOT* confirm the user nor does the redirection' do
-      expect do
-        get_request
-        user.reload
-      end.not_to(change(user, :confirmed_at).from(nil))
+      before do
+        admin.send_confirmation_instructions(
+          template_path: ['graphql_devise/mailer'],
+          controller:    'graphql_devise/graphql',
+          schema_url:    'http://not-using-this-value.com/gql'
+        )
+      end
-      expect(response).not_to be_redirect
-      expect(json_response[:errors]).to contain_exactly(
-        hash_including(
-          message: 'Invalid confirmation token. Please try again',
-          extensions: { code: 'USER_ERROR' }
+      it 'confirms the resource, persists credentials on the DB and redirects to the sent url' do
+        expect do
+          get_request
+          admin.reload
+        end.to change(admin, :confirmed_at).from(nil).and(
+          change { admin.tokens.keys.count }.from(0).to(1)
         )
-      )
+        expect(response).to redirect_to(/\A#{redirect}.+access\-token=/)
+        expect(admin).to be_active_for_authentication
+      end
     end
   end
 end

data/spec/requests/user_controller_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails_helper'
 RSpec.describe "Integrations with the user's controller" do
@@ -34,7 +36,7 @@ RSpec.describe "Integrations with the user's controller" do
       it 'raises an invalid resource_name error' do
         expect { post_request('/api/v1/failing') }.to raise_error(
           GraphqlDevise::Error,
-          'Invalid resource_name `fail` provided to `graphql_context`. Possible values are: [:user, :admin, :guest, :users_customer].'
+          'Invalid resource_name `fail` provided to `graphql_context`. Possible values are: [:user, :admin, :guest, :users_customer, :schema_user].'
         )
       end
     end
@@ -55,9 +57,17 @@ RSpec.describe "Integrations with the user's controller" do
       context 'when user is authenticated' do
         let(:headers) { user.create_new_auth_token }
-        it 'allow to perform the query' do
+        it 'allows to perform the query' do
           expect(json_response[:data][:privateField]).to eq('Field will always require authentication')
         end
+        context 'when using a SchemaUser' do
+          let(:headers) { create(:schema_user, :confirmed).create_new_auth_token }
+          it 'allows to perform the query' do
+            expect(json_response[:data][:privateField]).to eq('Field will always require authentication')
+          end
+        end
       end
       context 'when user is not authenticated' do
@@ -75,7 +85,7 @@ RSpec.describe "Integrations with the user's controller" do
       context 'when user is authenticated' do
         let(:headers) { user.create_new_auth_token }
-        it 'allow to perform the query' do
+        it 'allows to perform the query' do
           expect(json_response[:data][:privateField]).to eq('Field will always require authentication')
         end
       end
@@ -105,7 +115,7 @@ RSpec.describe "Integrations with the user's controller" do
       context 'when user is authenticated' do
         let(:headers) { user.create_new_auth_token }
-        it 'allow to perform the query' do
+        it 'allows to perform the query' do
           expect(json_response[:data][:dummyMutation]).to eq('Necessary so GraphQL gem does not complain about empty mutation type')
         end
       end
@@ -125,7 +135,7 @@ RSpec.describe "Integrations with the user's controller" do
       context 'when user is authenticated' do
         let(:headers) { user.create_new_auth_token }
-        it 'allow to perform the query' do
+        it 'allows to perform the query' do
           expect(json_response[:data][:dummyMutation]).to eq('Necessary so GraphQL gem does not complain about empty mutation type')
         end
       end
@@ -160,7 +170,7 @@ RSpec.describe "Integrations with the user's controller" do
       context 'when user is authenticated' do
         let(:headers) { user.create_new_auth_token }
-        it 'allow to perform the query' do
+        it 'allows to perform the query' do
           expect(json_response[:data][:user]).to match(
             email: user.email,
             id:    user.id
@@ -183,7 +193,7 @@ RSpec.describe "Integrations with the user's controller" do
       context 'when user is authenticated' do
         let(:headers) { user.create_new_auth_token }
-        it 'allow to perform the query' do
+        it 'allows to perform the query' do
           expect(json_response[:data][:user]).to match(
             email: user.email,
             id:    user.id
@@ -193,7 +203,7 @@ RSpec.describe "Integrations with the user's controller" do
       context 'when user is not authenticated' do
         # Interpreter schema fields are public unless specified otherwise (plugin setting)
-        it 'allow to perform the query' do
+        it 'allows to perform the query' do
           expect(json_response[:data][:user]).to match(
             email: user.email,
             id:    user.id
@@ -202,4 +212,43 @@ RSpec.describe "Integrations with the user's controller" do
       end
     end
   end
+  describe 'updateUser' do
+    let(:headers) { user.create_new_auth_token }
+    let(:query) do
+      <<-GRAPHQL
+        mutation {
+          updateUser(email: "updated@gmail.com", name: "updated name") {
+            user { email name }
+          }
+        }
+      GRAPHQL
+    end
+    it 'requires new email confirmation' do
+      original_email = user.email
+      expect do
+        post_request('/api/v1/graphql?test=value')
+        user.reload
+      end.to not_change(user, :email).from(original_email).and(
+        change(user, :unconfirmed_email).from(nil).to('updated@gmail.com')
+      ).and(
+        not_change(user, :uid).from(original_email)
+      ).and(
+        change(user, :name).from(user.name).to('updated name')
+      )
+      email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
+      link  = email.css('a').first
+      expect(link['href']).to include('/api/v1/graphql')
+      expect do
+        get link['href']
+        user.reload
+      end.to change(user, :email).from(original_email).to('updated@gmail.com').and(
+        change(user, :uid).from(original_email).to('updated@gmail.com')
+      )
+    end
+  end
 end

data/spec/services/mount_method/operation_preparer_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'spec_helper'
 RSpec.describe GraphqlDevise::MountMethod::OperationPreparer do

data/spec/services/mount_method/operation_preparers/custom_operation_preparer_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'spec_helper'
 RSpec.describe GraphqlDevise::MountMethod::OperationPreparers::CustomOperationPreparer do

data/spec/services/mount_method/operation_preparers/default_operation_preparer_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'spec_helper'
 RSpec.describe GraphqlDevise::MountMethod::OperationPreparers::DefaultOperationPreparer do

data/spec/services/mount_method/operation_preparers/gql_name_setter_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'spec_helper'
 RSpec.describe GraphqlDevise::MountMethod::OperationPreparers::GqlNameSetter do

data/spec/services/mount_method/operation_preparers/mutation_field_setter_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'spec_helper'
 RSpec.describe GraphqlDevise::MountMethod::OperationPreparers::MutationFieldSetter do

data/spec/services/mount_method/operation_preparers/resolver_type_setter_spec.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'spec_helper'
 RSpec.describe GraphqlDevise::MountMethod::OperationPreparers::ResolverTypeSetter do