-
Notifications
You must be signed in to change notification settings - Fork 816
/
field-auth-argument.test.ts
79 lines (75 loc) · 3.04 KB
/
field-auth-argument.test.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
import { AuthTransformer } from '@aws-amplify/graphql-auth-transformer';
import { ModelTransformer } from '@aws-amplify/graphql-model-transformer';
import { GraphQLTransform } from '@aws-amplify/graphql-transformer-core';
import { ResourceConstants } from 'graphql-transformer-common';
import { AppSyncAuthConfiguration } from '@aws-amplify/graphql-transformer-interfaces';
test('subscriptions are only generated if the respective mutation operation exists', () => {
const validSchema = `
type Salary
@model
@auth(rules: [
{allow: owner},
{allow: groups, groups: ["Moderator"]}
]) {
id: ID!
wage: Int
owner: String
secret: String @auth(rules: [{allow: owner}])
}`;
const authConfig: AppSyncAuthConfiguration = {
defaultAuthentication: {
authenticationType: 'AMAZON_COGNITO_USER_POOLS',
},
additionalAuthenticationProviders: [],
};
const transformer = new GraphQLTransform({
authConfig,
transformers: [
new ModelTransformer(),
new AuthTransformer({
authConfig,
addAwsIamAuthInOutputSchema: false,
}),
],
});
const out = transformer.transform(validSchema);
// expect to generate subscription resolvers for create and update only
expect(out).toBeDefined();
expect(out.rootStack.Resources[ResourceConstants.RESOURCES.GraphQLAPILogicalID].Properties.AuthenticationType).toEqual(
'AMAZON_COGNITO_USER_POOLS',
);
expect(out.pipelineFunctions['Salary.secret.res.vtl']).toContain('#if( $operation == "Mutation" )');
expect(out.pipelineFunctions['Mutation.createSalary.res.vtl']).toContain('$util.qr($ctx.result.put("__operation", "Mutation"))');
expect(out.pipelineFunctions['Mutation.updateSalary.res.vtl']).toContain('$util.qr($ctx.result.put("__operation", "Mutation"))');
expect(out.pipelineFunctions['Mutation.deleteSalary.res.vtl']).toContain('$util.qr($ctx.result.put("__operation", "Mutation"))');
});
test('per-field @auth without @model', () => {
const validSchema = `
type Query {
listContext: String @auth(rules: [{ allow: groups, groups: ["Allowed"] }, { allow: private, provider: iam }])
}`;
const authConfig: AppSyncAuthConfiguration = {
defaultAuthentication: {
authenticationType: 'AMAZON_COGNITO_USER_POOLS',
},
additionalAuthenticationProviders: [{ authenticationType: 'AWS_IAM' }],
};
const transformer = new GraphQLTransform({
authConfig,
transformers: [
new ModelTransformer(),
new AuthTransformer({
authConfig,
addAwsIamAuthInOutputSchema: false,
}),
],
});
const out = transformer.transform(validSchema);
expect(out).toBeDefined();
const resources = out.rootStack.Resources;
const authPolicyIdx = Object.keys(out.rootStack.Resources).find(r => r.includes('AuthRolePolicy'));
expect(resources[authPolicyIdx]).toMatchSnapshot();
expect(out.pipelineFunctions['Query.listContext.req.vtl']).toContain(
'#set( $staticGroupRoles = [{"claim":"cognito:groups","entity":"Allowed"}] )',
);
});