graphql_devise 0.16.0 → 0.17.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,137 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'rails_helper'
4
+
5
+ RSpec.describe 'Resend confirmation with token' do
6
+ include_context 'with graphql query request'
7
+
8
+ let(:confirmed_at) { nil }
9
+ let!(:user) { create(:user, confirmed_at: nil, email: 'mwallace@wallaceinc.com') }
10
+ let(:email) { user.email }
11
+ let(:id) { user.id }
12
+ let(:confirm_url) { 'https://google.com' }
13
+ let(:query) do
14
+ <<-GRAPHQL
15
+ mutation {
16
+ userResendConfirmationWithToken(
17
+ email:"#{email}",
18
+ confirmUrl:"#{confirm_url}"
19
+ ) {
20
+ message
21
+ }
22
+ }
23
+ GRAPHQL
24
+ end
25
+
26
+ context 'when confirm_url is not whitelisted' do
27
+ let(:confirm_url) { 'https://not-safe.com' }
28
+
29
+ it 'returns a not whitelisted confirm url error' do
30
+ expect { post_request }.to not_change(ActionMailer::Base.deliveries, :count)
31
+
32
+ expect(json_response[:errors]).to containing_exactly(
33
+ hash_including(
34
+ message: "Redirect to '#{confirm_url}' not allowed.",
35
+ extensions: { code: 'USER_ERROR' }
36
+ )
37
+ )
38
+ end
39
+ end
40
+
41
+ context 'when params are correct' do
42
+ context 'when using the gem schema' do
43
+ it 'sends an email to the user with confirmation url and returns a success message' do
44
+ expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
45
+ expect(json_response[:data][:userResendConfirmationWithToken]).to include(
46
+ message: 'You will receive an email with instructions for how to confirm your email address in a few minutes.'
47
+ )
48
+
49
+ email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
50
+ confirm_link = email.css('a').first['href']
51
+ confirm_token = confirm_link.match(/\?confirmationToken\=(?<token>.+)\z/)[:token]
52
+
53
+ expect(User.confirm_by_token(confirm_token)).to eq(user)
54
+ end
55
+ end
56
+
57
+ context 'when using a custom schema' do
58
+ let(:custom_path) { '/api/v1/graphql' }
59
+
60
+ it 'sends an email to the user with confirmation url and returns a success message' do
61
+ expect { post_request(custom_path) }.to change(ActionMailer::Base.deliveries, :count).by(1)
62
+ expect(json_response[:data][:userResendConfirmationWithToken]).to include(
63
+ message: 'You will receive an email with instructions for how to confirm your email address in a few minutes.'
64
+ )
65
+
66
+ email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
67
+ confirm_link = email.css('a').first['href']
68
+ confirm_token = confirm_link.match(/\?confirmationToken\=(?<token>.+)\z/)[:token]
69
+
70
+ expect(User.confirm_by_token(confirm_token)).to eq(user)
71
+ end
72
+ end
73
+
74
+ context 'when email address uses different casing' do
75
+ let(:email) { 'mWallace@wallaceinc.com' }
76
+
77
+ it 'honors devise configuration for case insensitive fields' do
78
+ expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
79
+ expect(json_response[:data][:userResendConfirmationWithToken]).to include(
80
+ message: 'You will receive an email with instructions for how to confirm your email address in a few minutes.'
81
+ )
82
+ end
83
+ end
84
+
85
+ context 'when the user has already been confirmed' do
86
+ before { user.confirm }
87
+
88
+ it 'does *NOT* send an email and raises an error' do
89
+ expect { post_request }.to not_change(ActionMailer::Base.deliveries, :count)
90
+ expect(json_response[:data][:userResendConfirmationWithToken]).to be_nil
91
+ expect(json_response[:errors]).to contain_exactly(
92
+ hash_including(
93
+ message: 'Email was already confirmed, please try signing in',
94
+ extensions: { code: 'USER_ERROR' }
95
+ )
96
+ )
97
+ end
98
+ end
99
+ end
100
+
101
+ context 'when the email was changed' do
102
+ let(:confirmed_at) { 2.seconds.ago }
103
+ let(:email) { 'new-email@wallaceinc.com' }
104
+ let(:new_email) { email }
105
+
106
+ before do
107
+ user.update_with_email(
108
+ email: new_email,
109
+ schema_url: 'http://localhost/test',
110
+ confirmation_success_url: 'https://google.com'
111
+ )
112
+ end
113
+
114
+ it 'sends new confirmation email' do
115
+ expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
116
+ expect(ActionMailer::Base.deliveries.first.to).to contain_exactly(new_email)
117
+ expect(json_response[:data][:userResendConfirmationWithToken]).to include(
118
+ message: 'You will receive an email with instructions for how to confirm your email address in a few minutes.'
119
+ )
120
+ end
121
+ end
122
+
123
+ context "when the email isn't in the system" do
124
+ let(:email) { 'notthere@gmail.com' }
125
+
126
+ it 'does *NOT* send an email and raises an error' do
127
+ expect { post_request }.to not_change(ActionMailer::Base.deliveries, :count)
128
+ expect(json_response[:data][:userResendConfirmationWithToken]).to be_nil
129
+ expect(json_response[:errors]).to contain_exactly(
130
+ hash_including(
131
+ message: "Unable to find user with email '#{email}'.",
132
+ extensions: { code: 'USER_ERROR' }
133
+ )
134
+ )
135
+ end
136
+ end
137
+ end
@@ -13,7 +13,7 @@ RSpec.describe GraphqlDevise::MountMethod::OperationSanitizer do
13
13
  context 'when the operations passed are mutations' do
14
14
  let(:skipped) { [] }
15
15
  let(:only) { [] }
16
- let(:default) { { operation1: op_class1, operation2: op_class2 } }
16
+ let(:default) { { operation1: { klass: op_class1 }, operation2: { klass: op_class2 } } }
17
17
 
18
18
  context 'when no other option besides default is passed' do
19
19
  it { is_expected.to eq(default) }
@@ -22,13 +22,13 @@ RSpec.describe GraphqlDevise::MountMethod::OperationSanitizer do
22
22
  context 'when there are only operations' do
23
23
  let(:only) { [:operation1] }
24
24
 
25
- it { is_expected.to eq(operation1: op_class1) }
25
+ it { is_expected.to eq(operation1: { klass: op_class1 }) }
26
26
  end
27
27
 
28
28
  context 'when there are skipped operations' do
29
29
  let(:skipped) { [:operation2] }
30
30
 
31
- it { is_expected.to eq(operation1: op_class1) }
31
+ it { is_expected.to eq(operation1: { klass: op_class1 }) }
32
32
  end
33
33
  end
34
34
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: graphql_devise
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.16.0
4
+ version: 0.17.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mario Celi
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: exe
11
11
  cert_chain: []
12
- date: 2021-05-20 00:00:00.000000000 Z
12
+ date: 2021-06-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: devise_token_auth
@@ -337,9 +337,12 @@ files:
337
337
  - lib/graphql_devise/mount_method/options_validator.rb
338
338
  - lib/graphql_devise/mount_method/supported_options.rb
339
339
  - lib/graphql_devise/mutations/base.rb
340
+ - lib/graphql_devise/mutations/confirm_registration_with_token.rb
340
341
  - lib/graphql_devise/mutations/login.rb
341
342
  - lib/graphql_devise/mutations/logout.rb
343
+ - lib/graphql_devise/mutations/register.rb
342
344
  - lib/graphql_devise/mutations/resend_confirmation.rb
345
+ - lib/graphql_devise/mutations/resend_confirmation_with_token.rb
343
346
  - lib/graphql_devise/mutations/send_password_reset.rb
344
347
  - lib/graphql_devise/mutations/send_password_reset_with_token.rb
345
348
  - lib/graphql_devise/mutations/sign_up.rb
@@ -366,6 +369,7 @@ files:
366
369
  - spec/dummy/app/graphql/dummy_schema.rb
367
370
  - spec/dummy/app/graphql/interpreter_schema.rb
368
371
  - spec/dummy/app/graphql/mutations/login.rb
372
+ - spec/dummy/app/graphql/mutations/register.rb
369
373
  - spec/dummy/app/graphql/mutations/register_confirmed_user.rb
370
374
  - spec/dummy/app/graphql/mutations/reset_admin_password_with_token.rb
371
375
  - spec/dummy/app/graphql/mutations/sign_up.rb
@@ -443,9 +447,12 @@ files:
443
447
  - spec/requests/graphql_controller_spec.rb
444
448
  - spec/requests/mutations/additional_mutations_spec.rb
445
449
  - spec/requests/mutations/additional_queries_spec.rb
450
+ - spec/requests/mutations/confirm_registration_with_token_spec.rb
446
451
  - spec/requests/mutations/login_spec.rb
447
452
  - spec/requests/mutations/logout_spec.rb
453
+ - spec/requests/mutations/register_spec.rb
448
454
  - spec/requests/mutations/resend_confirmation_spec.rb
455
+ - spec/requests/mutations/resend_confirmation_with_token_spec.rb
449
456
  - spec/requests/mutations/send_password_reset_spec.rb
450
457
  - spec/requests/mutations/send_password_reset_with_token_spec.rb
451
458
  - spec/requests/mutations/sign_up_spec.rb
@@ -503,7 +510,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
503
510
  - !ruby/object:Gem::Version
504
511
  version: '0'
505
512
  requirements: []
506
- rubygems_version: 3.0.3
513
+ rubygems_version: 3.1.4
507
514
  signing_key:
508
515
  specification_version: 4
509
516
  summary: GraphQL queries and mutations on top of devise_token_auth
@@ -516,6 +523,7 @@ test_files:
516
523
  - spec/dummy/app/graphql/dummy_schema.rb
517
524
  - spec/dummy/app/graphql/interpreter_schema.rb
518
525
  - spec/dummy/app/graphql/mutations/login.rb
526
+ - spec/dummy/app/graphql/mutations/register.rb
519
527
  - spec/dummy/app/graphql/mutations/register_confirmed_user.rb
520
528
  - spec/dummy/app/graphql/mutations/reset_admin_password_with_token.rb
521
529
  - spec/dummy/app/graphql/mutations/sign_up.rb
@@ -593,9 +601,12 @@ test_files:
593
601
  - spec/requests/graphql_controller_spec.rb
594
602
  - spec/requests/mutations/additional_mutations_spec.rb
595
603
  - spec/requests/mutations/additional_queries_spec.rb
604
+ - spec/requests/mutations/confirm_registration_with_token_spec.rb
596
605
  - spec/requests/mutations/login_spec.rb
597
606
  - spec/requests/mutations/logout_spec.rb
607
+ - spec/requests/mutations/register_spec.rb
598
608
  - spec/requests/mutations/resend_confirmation_spec.rb
609
+ - spec/requests/mutations/resend_confirmation_with_token_spec.rb
599
610
  - spec/requests/mutations/send_password_reset_spec.rb
600
611
  - spec/requests/mutations/send_password_reset_with_token_spec.rb
601
612
  - spec/requests/mutations/sign_up_spec.rb