mirror of
https://github.com/hasura/graphql-engine.git
synced 2024-12-25 00:13:11 +03:00
ff6aac31b8
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3173 Co-authored-by: Solomon <24038+solomon-b@users.noreply.github.com> Co-authored-by: Daniel Chambers <1214352+daniel-chambers@users.noreply.github.com> GitOrigin-RevId: 395a5d5854896f866b612895d6f41e29376c2caa
67 lines
2.8 KiB
Python
67 lines
2.8 KiB
Python
import ruamel.yaml as yaml
|
|
import re
|
|
import json
|
|
|
|
class TestConfigAPI():
|
|
def test_config_api_user_role_error(self, hge_ctx):
|
|
admin_secret = hge_ctx.hge_key
|
|
auth_hook = hge_ctx.hge_webhook
|
|
jwt_conf = hge_ctx.hge_jwt_conf
|
|
if jwt_conf is not None:
|
|
jwt_conf_dict = json.loads(hge_ctx.hge_jwt_conf)
|
|
|
|
headers = { 'x-hasura-role': 'user' }
|
|
if admin_secret is not None:
|
|
headers['x-hasura-admin-secret'] = admin_secret
|
|
|
|
resp = hge_ctx.http.get(hge_ctx.hge_url + '/v1alpha1/config', headers=headers)
|
|
|
|
assert resp.status_code == 400, resp
|
|
|
|
def test_config_api(self, hge_ctx):
|
|
admin_secret = hge_ctx.hge_key
|
|
auth_hook = hge_ctx.hge_webhook
|
|
jwt_conf = hge_ctx.hge_jwt_conf
|
|
if jwt_conf is not None:
|
|
jwt_conf_dict = json.loads(hge_ctx.hge_jwt_conf)
|
|
|
|
headers = { 'x-hasura-role': 'admin' }
|
|
if admin_secret is not None:
|
|
headers['x-hasura-admin-secret'] = admin_secret
|
|
|
|
resp = hge_ctx.http.get(hge_ctx.hge_url + '/v1alpha1/config', headers=headers)
|
|
|
|
assert resp.status_code == 200, resp
|
|
|
|
body = resp.json()
|
|
# The tree may be dirty because we're developing tests locally while
|
|
# graphql-engine was built previously when tree was clean. If we're
|
|
# modifying graphql-engine too then both of these will be tagged dirty,
|
|
# since a rebuild would necessarily be forced:
|
|
assert body['version'] in (hge_ctx.version, re.sub('-dirty$', '', hge_ctx.version))
|
|
assert body['is_admin_secret_set'] == (admin_secret is not None)
|
|
assert body['is_auth_hook_set'] == (auth_hook is not None)
|
|
assert body['is_jwt_set'] == (jwt_conf is not None)
|
|
|
|
if jwt_conf is not None:
|
|
claims_format = "json"
|
|
if 'claims_namespace_path' in jwt_conf_dict:
|
|
assert body['jwt']['claims_namespace_path'] == jwt_conf_dict['claims_namespace_path']
|
|
assert body['jwt']['claims_format'] == claims_format
|
|
else:
|
|
claims_namespace = "https://hasura.io/jwt/claims"
|
|
if 'claims_namespace' in jwt_conf_dict:
|
|
claims_namespace = jwt_conf_dict['claims_namespace']
|
|
if 'claims_format' in jwt_conf_dict:
|
|
claims_format = jwt_conf_dict['claims_format']
|
|
assert body['jwt']['claims_namespace'] == claims_namespace
|
|
assert body['jwt']['claims_format'] == claims_format
|
|
else:
|
|
assert body['jwt'] == []
|
|
|
|
# test if the request fails without auth headers if admin secret is set
|
|
if admin_secret is not None:
|
|
resp = hge_ctx.http.get(hge_ctx.hge_url + '/v1alpha1/config')
|
|
body = resp.json()
|
|
assert ((resp.status_code == 401) or (resp.status_code == 400))
|