hasura/graphql-engine
1
0
Fork 0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-12-15 09:22:43 +03:00
Code Issues Projects Releases Wiki Activity
8b8d7ab96d
graphql-engine/server/tests-py/test_remote_schema_permissions.py
Samir Talwar 8d7c089273 server/tests-py: Start some node.js test services on random ports. 
Where possible, we start the services on random ports, to avoid
port conflicts when parallelizing tests in the future.

When this isn't possible, we explicitly state the port, and wait for the
service to start. This is typically because the GraphQL Engine has already
started with knowledge of the relevant service passed in through an
environment variable.

PR-URL: https://github.com/hasura/graphql-engine-mono/pull/5542
GitOrigin-RevId: b51a095b8710e3ff20d1edb13aa576c5272a5565
2022-09-07 16:26:10 +00:00

176 lines
8.0 KiB
Python
Raw Blame History

#!/usr/bin/env python3
import pytest
from validate import check_query_f
from remote_server import NodeGraphQL
from context import PytestConf
if not PytestConf.config.getoption('--enable-remote-schema-permissions'):
pytest.skip('--enable-remote-schema-permissions is missing, skipping remote schema permissions tests', allow_module_level=True)
@pytest.fixture(scope="module")
def graphql_service_1():
svc = NodeGraphQL(["node", "remote_schemas/nodejs/remote_schema_perms.js"], port=4020)
svc.start()
yield svc
svc.stop()
@pytest.fixture(scope="module")
def graphql_service_2():
svc = NodeGraphQL(["node", "remote_schemas/nodejs/secondary_remote_schema_perms.js"], port=4021)
svc.start()
yield svc
svc.stop()
@pytest.fixture(scope="module")
def graphql_service_3():
svc = NodeGraphQL(["node", "remote_schemas/nodejs/secondary_remote_schema_perms_error.js"], port=4022)
svc.start()
yield svc
svc.stop()
use_test_fixtures = pytest.mark.usefixtures(
"graphql_service_1",
"graphql_service_2",
"graphql_service_3",
"per_method_tests_db_state"
)
@use_test_fixtures
class TestAddRemoteSchemaPermissions:
@classmethod
def dir(cls):
return "queries/remote_schemas/permissions/"
def test_add_permission_with_valid_subset_of_fields(self, hge_ctx):
hge_ctx.v1metadataq_f(self.dir() + 'add_permission_with_valid_subset_of_fields.yaml')
""" Here the schemas are compatible """
def test_update_remote_schema_details_with_permissions_set(self, hge_ctx):
""" Permissions check """
hge_ctx.v1metadataq_f(self.dir() + 'add_permission_with_valid_subset_of_fields.yaml')
hge_ctx.v1metadataq_f(self.dir() + 'update_remote_schema/update_schema.yaml')
""" check the details of remote schema in metadata """
resp = hge_ctx.v1metadataq({"type": "export_metadata", "args": {}})
assert resp['remote_schemas'][0]['definition']['url'] == "{{GRAPHQL_SERVICE_2}}"
assert resp['remote_schemas'][0]['comment'] == 'this is from update query', resp
assert resp['remote_schemas'][0]['definition']['timeout_seconds'] == 120, resp
""" reset the changes to the original config """
hge_ctx.v1metadataq_f(self.dir() + 'update_remote_schema/revert_to_original_config.yaml')
def test_update_remote_schema_details_with_permissions_set_with_error(self, hge_ctx):
hge_ctx.v1metadataq_f(self.dir() + 'add_permission_with_valid_subset_of_fields.yaml')
hge_ctx.v1metadataq_f(self.dir() + 'update_remote_schema/update_schema_error.yaml', expected_status_code = 400)
def test_add_permission_with_valid_subset_of_arguments(self, hge_ctx):
hge_ctx.v1metadataq_f(self.dir() + 'add_permission_with_valid_subset_of_arguments.yaml')
def test_role_based_schema_enums_validation(self, hge_ctx):
check_query_f(hge_ctx, self.dir() + 'role_based_schema_enum_validations.yaml')
def test_role_based_schema_scalars_validation(self, hge_ctx):
check_query_f(hge_ctx, self.dir() + 'role_based_schema_scalar_validation.yaml')
def test_role_based_schema_interface_validation(self, hge_ctx):
check_query_f(hge_ctx, self.dir() + 'role_based_schema_interface_validation.yaml')
def test_role_based_schema_union_validation(self, hge_ctx):
check_query_f(hge_ctx, self.dir() + 'role_based_schema_union_validation.yaml')
def test_role_based_schema_input_object_validation(self, hge_ctx):
check_query_f(hge_ctx, self.dir() + 'role_based_schema_input_object_validation.yaml')
def test_role_based_schema_object_validation(self, hge_ctx):
check_query_f(hge_ctx, self.dir() + 'role_based_schema_object_validation.yaml')
def test_preset_directive_validation(self, hge_ctx):
check_query_f(hge_ctx, self.dir() + 'argument_preset_validation.yaml')
@use_test_fixtures
class TestRemoteSchemaPermissionsExecution:
@classmethod
def dir(cls):
return "queries/remote_schemas/permissions/"
def test_execution_with_subset_of_fields_exposed_to_role(self, hge_ctx):
hge_ctx.v1metadataq_f(self.dir() + 'add_permission_with_valid_subset_of_fields.yaml')
check_query_f(hge_ctx, self.dir() + 'execution_with_partial_fields_exposed_to_role.yaml')
@pytest.mark.skipif(not PytestConf.config.getoption('--redis-url'), reason="Must enable redis")
def test_execution_with_subset_of_fields_exposed_to_role_with_caching(self, hge_ctx):
hge_ctx.v1metadataq_f(self.dir() + 'add_permission_with_valid_subset_of_fields.yaml')
check_query_f(hge_ctx, self.dir() + 'execution_with_partial_fields_exposed_to_role_cached.yaml')
def test_execution_with_subset_of_arguments_exposed_to_role(self, hge_ctx):
hge_ctx.v1metadataq_f(self.dir() + 'add_permission_with_valid_subset_of_arguments.yaml')
check_query_f(hge_ctx, self.dir() + 'execution_with_partial_args_exposed_to_role.yaml')
def test_execution_with_unknown_role(self, hge_ctx):
check_query_f(hge_ctx, self.dir() + 'unknown_role_execution.yaml')
@use_test_fixtures
class TestCustomizedRemoteSchemaPermissionsExecution:
@classmethod
def dir(cls):
return "queries/remote_schemas/permissions/schema_customization/"
def test_execution_with_subset_of_fields_exposed_to_role(self, hge_ctx):
hge_ctx.v1metadataq_f(self.dir() + 'add_permission_with_valid_subset_of_fields.yaml')
check_query_f(hge_ctx, self.dir() + 'execution_with_partial_fields_exposed_to_role.yaml')
def test_execution_with_subset_of_arguments_exposed_to_role(self, hge_ctx):
hge_ctx.v1metadataq_f(self.dir() + 'add_permission_with_valid_subset_of_arguments.yaml')
check_query_f(hge_ctx, self.dir() + 'execution_with_partial_args_exposed_to_role.yaml')
@use_test_fixtures
class TestRemoteSchemaPermissionsArgumentPresets:
@classmethod
def dir(cls):
return "queries/remote_schemas/permissions/argument_presets/"
def test_execution_with_static_argument_preset(self, hge_ctx):
hge_ctx.v1metadataq_f(self.dir() + 'add_permission_with_static_preset_argument.yaml')
check_query_f(hge_ctx, self.dir() + 'execution_with_static_preset_args.yaml')
def test_execution_with_session_argument_preset(self, hge_ctx):
hge_ctx.v1metadataq_f(self.dir() + 'add_permission_with_session_preset_argument.yaml')
check_query_f(hge_ctx, self.dir() + 'execution_with_session_preset_args.yaml')
class TestRemoteRelationshipPermissions:
@classmethod
def dir(cls):
return "queries/remote_schemas/permissions/remote_relationships/"
@pytest.fixture(autouse=True)
def transact(self, hge_ctx):
hge_ctx.v1q_f(self.dir() + 'setup_with_permissions.yaml')
yield
hge_ctx.v1q_f(self.dir() + 'teardown.yaml')
def test_basic_relationship(self, hge_ctx):
hge_ctx.v1q_f(self.dir() + 'setup_remote_rel_basic.yaml')
hge_ctx.v1q_f(self.dir() + 'setup_remote_rel_basic_user.yaml')
check_query_f(hge_ctx, self.dir() + 'basic_remote_relationship_without_remote_schema_permissions_configured.yaml')
check_query_f(hge_ctx, self.dir() + 'basic_remote_relationship_with_remote_schema_permissions_configured.yaml')
# Test queries that combine several remote relationships, nested in
# different ways, variously filtering different bits using permissions.
def test_complex_multiple_joins(self, hge_ctx):
hge_ctx.v1q_f(self.dir() + 'setup_multiple_remote_rel.yaml')
check_query_f(hge_ctx, self.dir() + 'complex_multiple_joins.yaml')
def test_remote_relationship_with_field_containing_preset_argument(self, hge_ctx):
hge_ctx.v1q_f(self.dir() + 'setup_remote_rel_basic.yaml')
check_query_f(hge_ctx, self.dir() + 'derive_remote_relationship_with_joining_field_containing_preset.yaml')
def test_partial_arguments_of_remote_relationship_from_preset(self, hge_ctx):
hge_ctx.v1q_f(self.dir() + 'setup_remote_rel_messages_single_field.yaml')
check_query_f(hge_ctx, self.dir() + 'partial_arguments_from_preset.yaml')
Reference in New Issue View Git Blame Copy Permalink