feat: support behaviour for resolvers

Closes #2
palkan · Aug 8, 2019 · 9b92fb4 · 9b92fb4
1 parent e39e666
commit 9b92fb4
Show file tree

Hide file tree

Showing 5 changed files with 52 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,10 @@
 ## master (unreleased)
 
+- Add support for resolvers. ([@palkan][])
+
+Now it's possible to `include ActionPolicy::GraphQL::Behaviour` into resolver class to use
+Action Policy helpers there.
+
 ## 0.1.0 (2019-05-20)
 
 - Initial version. ([@palkan][])

diff --git a/README.md b/README.md
@@ -44,6 +44,11 @@ end
 class Types::BaseMutation < GraphQL::Schema::Mutation
   include ActionPolicy::GraphQL::Behaviour
 end
+
+# For using authorization helpers in resolvers
+class Types::BaseResolver < GraphQL::Schema::Resolver
+  include ActionPolicy::GraphQL::Behaviour
+end
 ```
 
 ### `authorize: *`

diff --git a/lib/action_policy/graphql/behaviour.rb b/lib/action_policy/graphql/behaviour.rb
@@ -12,10 +12,12 @@ def self.included(base)
         base.include ActionPolicy::Behaviours::Memoized
         base.include ActionPolicy::Behaviours::Namespaced
 
-        base.field_class.prepend(ActionPolicy::GraphQL::AuthorizedField)
         base.authorize :user, through: :current_user
 
-        base.include ActionPolicy::GraphQL::Fields
+        if base.respond_to?(:field_class)
+          base.field_class.prepend(ActionPolicy::GraphQL::AuthorizedField)
+          base.include ActionPolicy::GraphQL::Fields
+        end
       end
 
       def current_user

diff --git a/spec/action_policy/graphql/authorized_spec.rb b/spec/action_policy/graphql/authorized_spec.rb
@@ -159,5 +159,24 @@
           .with(Me::PostPolicy)
       end
     end
+
+    context "with resolver" do
+      let(:query) do
+        %({
+            resolvedPost {
+              title
+            }
+          })
+      end
+
+      before do
+        allow(Me).to receive(:post) { post }
+      end
+
+      it "is authorized" do
+        expect { subject }.to be_authorized_to(:show?, post)
+          .with(PostPolicy)
+      end
+    end
   end
 end
diff --git a/spec/support/schema.rb b/spec/support/schema.rb
@@ -74,6 +74,14 @@ def current_user
   end
 end
 
+class BaseResolver < ::GraphQL::Schema::Resolver
+  include ActionPolicy::GraphQL::Behaviour
+
+  def current_user
+    context.fetch(:user, :user)
+  end
+end
+
 class PostType < BaseType
   field :title, String, null: false
 
@@ -131,6 +139,16 @@ class << self
     attr_accessor :posts, :post
   end
 
+  class PostResolver < BaseResolver
+    type PostType, null: false
+
+    def resolve
+      Schema.post.tap do |post|
+        authorize! post, to: :show?
+      end
+    end
+  end
+
   query(Class.new(BaseType) do
     def self.name
       "Query"
@@ -139,6 +157,7 @@ def self.name
     field :me, Me::RootType, null: false
 
     field :post, PostType, null: false
+    field :resolved_post, resolver: PostResolver
     field :auth_post, PostType, null: false, authorize: true
     field :non_raising_post, PostType, null: true, authorize: {raise: false}
     field :another_post, PostType, null: false, authorize: {to: :preview?, with: AnotherPostPolicy}