Merge d758382 into 71dc649

exAspArk · Jun 29, 2018 · faf6f05 · faf6f05
2 parents 71dc649 + d758382
commit faf6f05
Show file tree

Hide file tree

Showing 10 changed files with 302 additions and 80 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -5,3 +5,9 @@ rvm:
 env:
   - CI=true
 before_install: gem install bundler -v 1.15.2
+matrix:
+  include:
+    - gemfile: graphql-1.7.gemfile
+      env: GRAPHQL_RUBY=1_7
+    - gemfile: graphql-1.8.gemfile
+      env: GRAPHQL_RUBY=1_8
diff --git a/Gemfile b/Gemfile
@@ -1,9 +1,6 @@
 source "https://rubygems.org"
 
-git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
-
 gem "pry"
-gem 'coveralls', require: false
 
 # Specify your gem's dependencies in graphql-guard.gemspec
 gemspec
diff --git a/graphql-1.7.gemfile b/graphql-1.7.gemfile
@@ -0,0 +1,8 @@
+source "https://rubygems.org"
+
+gem "pry"
+gem 'coveralls'
+
+gem "graphql", "~> 1.7.14"
+
+gemspec
diff --git a/graphql-1.8.gemfile b/graphql-1.8.gemfile
@@ -0,0 +1,8 @@
+source "https://rubygems.org"
+
+gem "pry"
+gem 'coveralls'
+
+gem "graphql", "~> 1.8.4"
+
+gemspec
diff --git a/lib/graphql/guard.rb b/lib/graphql/guard.rb
@@ -7,6 +7,22 @@
 GraphQL::Field.accepts_definitions(guard: GraphQL::Define.assign_metadata_key(:guard))
 GraphQL::Field.accepts_definitions(mask: GraphQL::Define.assign_metadata_key(:mask))
 
+module GraphQL
+  class Schema
+    class Object
+      accepts_definition :guard
+      accepts_definition :mask
+
+      field_class(
+        Class.new(GraphQL::Schema::Field) {
+          accepts_definition :guard
+          accepts_definition :mask
+        }
+      )
+    end
+  end
+end
+
 module GraphQL
   class Guard
     ANY_FIELD_NAME = :'*'

diff --git a/lib/graphql/guard/testing.rb b/lib/graphql/guard/testing.rb
@@ -33,4 +33,18 @@ def field_with_guard(field_name, policy_object = nil)
       end
     end
   end
+
+  class Schema
+    class Object
+      def self.field_with_guard(field_name, policy_object = nil)
+        field = fields[field_name]
+        return unless field
+
+        field.to_graphql.clone.tap do |f|
+          f.__policy_object = policy_object
+          f.__guard_type = self.to_graphql
+        end
+      end
+    end
+  end
 end
diff --git a/spec/fixtures/inline_schema.rb b/spec/fixtures/inline_schema.rb
@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 module Inline
+  # Schema in legacy-style API
   PostType = GraphQL::ObjectType.define do
     name "Post"
     guard ->(_post, _args, ctx) { ctx[:current_user].admin? }
@@ -11,15 +12,15 @@ module Inline
   QueryType = GraphQL::ObjectType.define do
     name "Query"
     field :posts, !types[!PostType] do
-      argument :user_id, !types.ID
-      guard ->(_obj, args, ctx) { args[:user_id] == ctx[:current_user].id }
-      resolve ->(_obj, args, _ctx) { Post.where(user_id: args[:user_id]) }
+      argument :userId, !types.ID
+      guard ->(_obj, args, ctx) { args[:userId] == ctx[:current_user].id }
+      resolve ->(_obj, args, _ctx) { Post.where(user_id: args[:userId]) }
     end
 
-    field :posts_with_mask, !types[!PostType] do
-      argument :user_id, !types.ID
+    field :postsWithMask, !types[!PostType] do
+      argument :userId, !types.ID
       mask ->(ctx) { ctx[:current_user].admin? }
-      resolve ->(_obj, args, _ctx) { Post.where(user_id: args[:user_id]) }
+      resolve ->(_obj, args, _ctx) { Post.where(user_id: args[:userId]) }
     end
   end
 
@@ -34,4 +35,43 @@ module Inline
       GraphQL::ExecutionError.new("Not authorized to access #{type}.#{field}")
     })
   end
+
+  # Schema in class-based API
+  class ClassBasedPost < GraphQL::Schema::Object
+    guard ->(_post, _args, ctx) { ctx[:current_user].admin? }
+    field :id, ID, null: false
+    field :title, String, null: true
+  end
+
+  class ClassBasedQuery < GraphQL::Schema::Object
+    field :posts, [ClassBasedPost], null: false do
+      argument :user_id, ID, required: true
+      guard ->(_obj, args, ctx) { args[:userId] == ctx[:current_user].id }
+    end
+
+    def posts(user_id:)
+      Post.where(user_id: user_id)
+    end
+
+    field :posts_with_mask, [ClassBasedPost], null: false do
+      argument :user_id, ID, required: true
+      mask ->(ctx) { ctx[:current_user].admin? }
+    end
+
+    def posts_with_mask(user_id:)
+      Post.where(user_id: user_id)
+    end
+  end
+
+  class ClassBasedSchema < GraphQL::Schema
+    query ClassBasedQuery
+    use GraphQL::Guard.new
+  end
+
+  class ClassBasedSchemaWithoutExceptions < GraphQL::Schema
+    query ClassBasedQuery
+    use GraphQL::Guard.new(not_authorized: ->(type, field) {
+      GraphQL::ExecutionError.new("Not authorized to access #{type}.#{field}")
+    })
+  end
 end
diff --git a/spec/fixtures/policy_object_schema.rb b/spec/fixtures/policy_object_schema.rb
@@ -10,15 +10,15 @@ module PolicyObject
   QueryType = GraphQL::ObjectType.define do
     name "Query"
     field :posts, !types[!PostType] do
-      argument :user_id, !types.ID
-      resolve ->(_obj, args, _ctx) { Post.where(user_id: args[:user_id]) }
+      argument :userId, !types.ID
+      resolve ->(_obj, args, _ctx) { Post.where(user_id: args[:userId]) }
     end
   end
 
   class GraphqlPolicy
     RULES = {
       QueryType => {
-        posts: ->(_obj, args, ctx) { args[:user_id] == ctx[:current_user].id }
+        posts: ->(_obj, args, ctx) { args[:userId] == ctx[:current_user].id }
       },
       PostType => {
         '*': ->(_post, args, ctx) { ctx[:current_user].admin? }