RubyGems - graphql_devise - Versions diffs - 0.18.2 → 1.0.0 - Mend

graphql_devise 0.18.2 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (91) hide show

data/spec/requests/queries/check_password_token_spec.rb DELETED Viewed

@@ -1,149 +0,0 @@
-# frozen_string_literal: true
-require 'rails_helper'
-RSpec.describe 'Check Password Token Requests' do
-  include_context 'with graphql query request'
-  let(:user)         { create(:user, :confirmed) }
-  let(:redirect_url) { 'https://google.com' }
-  context 'when using the user model' do
-    let(:query) do
-      <<-GRAPHQL
-        query {
-          userCheckPasswordToken(
-            resetPasswordToken: "#{token}",
-            redirectUrl: "#{redirect_url}"
-          ) {
-            email
-          }
-        }
-      GRAPHQL
-    end
-    context 'when reset password token is valid' do
-      let(:token) { user.send(:set_reset_password_token) }
-      context 'when redirect_url is not provided' do
-        let(:redirect_url) { nil }
-        it 'returns authenticatable and credentials in the headers' do
-          get_request
-          expect(response).to include_auth_headers
-          expect(json_response[:data][:userCheckPasswordToken]).to match(
-            email: user.email
-          )
-        end
-      end
-      context 'when redirect url is provided' do
-        it 'redirects to redirect url' do
-          expect do
-            get_request
-            user.reload
-          end.to change { user.tokens.keys.count }.from(0).to(1).and(
-            change(user, :allow_password_change).from(false).to(true)
-          )
-          expect(response).to      redirect_to %r{\Ahttps://google.com}
-          expect(response.body).to include("client=#{user.reload.tokens.keys.first}")
-          expect(response.body).to include('access-token=')
-          expect(response.body).to include('uid=')
-          expect(response.body).to include('expiry=')
-        end
-        context 'when redirect_url is not whitelisted' do
-          let(:redirect_url) { 'https://not-safe.com' }
-          before { post_request }
-          it 'returns a not whitelisted redirect url error' do
-            expect(json_response[:errors]).to containing_exactly(
-              hash_including(
-                message:    "Redirect to '#{redirect_url}' not allowed.",
-                extensions: { code: 'USER_ERROR' }
-              )
-            )
-          end
-        end
-      end
-      context 'when token has expired' do
-        it 'returns an expired token error' do
-          travel_to 10.hours.ago do
-            token
-          end
-          get_request
-          expect(json_response[:errors]).to contain_exactly(
-            hash_including(message: 'Reset password token is no longer valid.', extensions: { code: 'USER_ERROR' })
-          )
-        end
-      end
-    end
-    context 'when reset password token is not found' do
-      let(:token) { user.send(:set_reset_password_token) + 'invalid' }
-      it 'returns an error message' do
-        get_request
-        expect(json_response[:errors]).to contain_exactly(
-          hash_including(message: 'No user found for the specified reset token.', extensions: { code: 'USER_ERROR' })
-        )
-      end
-    end
-  end
-  context 'when using the admin model' do
-    let(:token) { 'not_important' }
-    let(:query) do
-      <<-GRAPHQL
-        query {
-          adminCheckPasswordToken(
-            resetPasswordToken: "#{token}",
-            redirectUrl: "#{redirect_url}"
-          ) {
-            email
-          }
-        }
-      GRAPHQL
-    end
-    before { post_request }
-    it 'skips the sign up mutation' do
-      expect(json_response[:errors]).to contain_exactly(
-        hash_including(message: "Field 'adminCheckPasswordToken' doesn't exist on type 'Query'")
-      )
-    end
-  end
-  context 'when using the guest model' do
-    let(:token) { 'not_important' }
-    let(:query) do
-      <<-GRAPHQL
-        query {
-          guestCheckPasswordToken(
-            resetPasswordToken: "#{token}",
-            redirectUrl: "#{redirect_url}"
-          ) {
-            email
-          }
-        }
-      GRAPHQL
-    end
-    before { post_request }
-    it 'skips the sign up mutation' do
-      expect(json_response[:errors]).to contain_exactly(
-        hash_including(message: "Field 'guestCheckPasswordToken' doesn't exist on type 'Query'")
-      )
-    end
-  end
-end

data/spec/requests/queries/confirm_account_spec.rb DELETED Viewed

@@ -1,137 +0,0 @@
-# frozen_string_literal: true
-require 'rails_helper'
-RSpec.describe 'Account confirmation' do
-  include_context 'with graphql query request'
-  context 'when using the user model' do
-    let(:user)     { create(:user, confirmed_at: nil) }
-    let(:redirect) { 'https://google.com' }
-    let(:query) do
-      <<-GRAPHQL
-        {
-          userConfirmAccount(
-            confirmationToken: "#{token}"
-            redirectUrl:       "#{redirect}"
-          ) {
-            email
-            name
-          }
-        }
-      GRAPHQL
-    end
-    context 'when confirmation token is correct' do
-      let(:token) { user.confirmation_token }
-      before do
-        user.send_confirmation_instructions(
-          template_path: ['graphql_devise/mailer'],
-          controller:    'graphql_devise/graphql',
-          schema_url:    'http://not-using-this-value.com/gql'
-        )
-      end
-      it 'confirms the resource and redirects to the sent url' do
-        expect do
-          get_request
-          user.reload
-        end.to(change(user, :confirmed_at).from(nil))
-        expect(response).to redirect_to("#{redirect}?account_confirmation_success=true")
-        expect(user).to be_active_for_authentication
-      end
-      context 'when redirect_url is not whitelisted' do
-        let(:redirect) { 'https://not-safe.com' }
-        it 'returns a not whitelisted redirect url error' do
-          expect { post_request }.to not_change(ActionMailer::Base.deliveries, :count)
-          expect(json_response[:errors]).to containing_exactly(
-            hash_including(
-              message:    "Redirect to '#{redirect}' not allowed.",
-              extensions: { code: 'USER_ERROR' }
-            )
-          )
-        end
-      end
-      context 'when unconfirmed_email is present' do
-        let(:user) { create(:user, :confirmed, unconfirmed_email: 'vvega@wallaceinc.com') }
-        it 'confirms the unconfirmed email and redirects' do
-          expect do
-            get_request
-            user.reload
-          end.to change(user, :email).from(user.email).to('vvega@wallaceinc.com').and(
-            change(user, :unconfirmed_email).from('vvega@wallaceinc.com').to(nil)
-          )
-          expect(response).to redirect_to("#{redirect}?account_confirmation_success=true")
-        end
-      end
-    end
-    context 'when reset password token is not found' do
-      let(:token) { "#{user.confirmation_token}-invalid" }
-      it 'does *NOT* confirm the user nor does the redirection' do
-        expect do
-          get_request
-          user.reload
-        end.not_to(change(user, :confirmed_at).from(nil))
-        expect(response).not_to be_redirect
-        expect(json_response[:errors]).to contain_exactly(
-          hash_including(
-            message:    'Invalid confirmation token. Please try again',
-            extensions: { code: 'USER_ERROR' }
-          )
-        )
-      end
-    end
-  end
-  context 'when using the admin model' do
-    let(:admin)    { create(:admin, confirmed_at: nil) }
-    let(:redirect) { 'https://google.com' }
-    let(:query) do
-      <<-GRAPHQL
-        {
-          adminConfirmAccount(
-            confirmationToken: "#{token}"
-            redirectUrl:       "#{redirect}"
-          ) {
-            email
-          }
-        }
-      GRAPHQL
-    end
-    context 'when confirmation token is correct' do
-      let(:token) { admin.confirmation_token }
-      before do
-        admin.send_confirmation_instructions(
-          template_path: ['graphql_devise/mailer'],
-          controller:    'graphql_devise/graphql',
-          schema_url:    'http://not-using-this-value.com/gql'
-        )
-      end
-      it 'confirms the resource, persists credentials on the DB and redirects to the sent url' do
-        expect do
-          get_request
-          admin.reload
-        end.to change(admin, :confirmed_at).from(nil).and(
-          change { admin.tokens.keys.count }.from(0).to(1)
-        )
-        expect(response).to redirect_to(/\A#{redirect}.+access\-token=/)
-        expect(admin).to be_active_for_authentication
-      end
-    end
-  end
-end