Merge ee33fc9 into fb42e72

exAspArk · Jun 8, 2020 · 79ee57d · 79ee57d
2 parents fb42e72 + ee33fc9
commit 79ee57d
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 0 deletions.
diff --git a/lib/graphql/guard.rb b/lib/graphql/guard.rb
@@ -95,6 +95,8 @@ def inline_guard(type_or_field)
 GraphQL::ObjectType.accepts_definitions(guard: GraphQL::Define.assign_metadata_key(:guard))
 GraphQL::Field.accepts_definitions(guard: GraphQL::Define.assign_metadata_key(:guard))
 GraphQL::Field.accepts_definitions(mask: GraphQL::Define.assign_metadata_key(:mask))
+GraphQL::Argument.accepts_definitions(mask: GraphQL::Define.assign_metadata_key(:mask))
 GraphQL::Schema::Object.accepts_definition(:guard)
 GraphQL::Schema::Field.accepts_definition(:guard)
 GraphQL::Schema::Field.accepts_definition(:mask)
+GraphQL::Schema::Argument.accepts_definition(:mask)
diff --git a/spec/fixtures/inline_schema.rb b/spec/fixtures/inline_schema.rb
@@ -18,13 +18,25 @@ class QueryType < GraphQL::Schema::Object
       mask ->(ctx) { ctx[:current_user].admin? }
     end
 
+    field :posts_with_argument_mask, [PostType], null: false do
+      argument :user_id, ID, required: true, mask: ->(ctx) { ctx[:current_user].admin? }
+    end
+
     def posts(user_id:)
       Post.where(user_id: user_id)
     end
 
     def posts_with_mask(user_id:)
       Post.where(user_id: user_id)
     end
+
+    def posts_with_argument_mask(user_id: nil)
+      if user_id.nil?
+        Post.all
+      else
+        posts_with_mask(user_id: user_id)
+      end
+    end
   end
 
   class BaseMutationType < GraphQL::Schema::RelayClassicMutation

diff --git a/spec/graphql/guard_spec.rb b/spec/graphql/guard_spec.rb
@@ -79,6 +79,29 @@
       expect(result.to_h).to eq({"data" => {"postsWithMask" => [{"id" => "1"}]}})
     end
 
+    it 'allows to use an argument' do
+      user = User.new(id: '1', role: 'admin')
+      query = "query($userId: ID!) { postsWithArgumentMask(userId: $userId) { id } }"
+
+      result = Inline::Schema.execute(query, variables: {userId: user.id}, context: {current_user: user})
+
+      expect(result.to_h).to eq({"data" => {"postsWithArgumentMask" => [{"id" => "1"}]}})
+    end
+
+    it 'hides an argument' do
+      user = User.new(id: '1', role: 'not_admin')
+      query = "query($userId: ID!) { postsWithArgumentMask(userId: $userId) { id } }"
+
+      result = Inline::Schema.execute(query, variables: {userId: user.id}, context: {current_user: user})
+
+      expect(result['errors']).to include({
+        "message" => "Field 'postsWithArgumentMask' doesn't accept argument 'userId'",
+        "locations" => [{"column"=>45, "line"=>1}],
+        "path" => ["query", "postsWithArgumentMask", "userId"],
+        "extensions" =>  {"argumentName"=>"userId", "code"=>"argumentNotAccepted", "name"=>"postsWithArgumentMask", "typeName"=>"Field"}
+      })
+    end
+
     it 'hides a field' do
       user = User.new(id: '1', role: 'not_admin')
       query = "query($userId: ID!) { postsWithMask(userId: $userId) { id } }"