graphql-engine/server/tests-hspec/Test/InsertCheckPermissionSpec.hs
Gil Mizrahi 38b1c0d774 server/tests/bigquery: Expose internal error information + handle teardown robustly + retry on jobRateLimitExceeded error
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4810
Co-authored-by: Samir Talwar <47582+SamirTalwar@users.noreply.github.com>
GitOrigin-RevId: e8696491475a668976a0e86322b7a8772ed9f946
2022-06-27 14:33:42 +00:00

252 lines
5.5 KiB
Haskell

{-# LANGUAGE QuasiQuotes #-}
-- | Test insert check permissions
module Test.InsertCheckPermissionSpec (spec) where
import Harness.Backend.Sqlserver qualified as Sqlserver
import Harness.Exceptions
import Harness.GraphqlEngine qualified as GraphqlEngine
import Harness.Quoter.Graphql (graphql)
import Harness.Quoter.Yaml (shouldReturnYaml, yaml)
import Harness.Test.Context qualified as Context
import Harness.Test.Schema (Table (..), table)
import Harness.Test.Schema qualified as Schema
import Harness.TestEnvironment (TestEnvironment)
import Test.Hspec (SpecWith, it)
import Prelude
--------------------------------------------------------------------------------
-- ** Preamble
spec :: SpecWith TestEnvironment
spec =
Context.run
[ Context.Context
{ name = Context.Backend Context.SQLServer,
mkLocalTestEnvironment = Context.noLocalTestEnvironment,
setup = mssqlSetup,
teardown = mssqlTeardown,
customOptions = Nothing
}
]
tests
--------------------------------------------------------------------------------
-- ** Schema
schema :: [Schema.Table]
schema = [author, article]
author :: Schema.Table
author =
(table "author")
{ tableColumns =
[ Schema.column "id" Schema.TInt,
Schema.column "name" Schema.TStr
],
tablePrimaryKey = ["id"],
tableData =
[ [Schema.VInt 1, Schema.VStr "Author 1"],
[Schema.VInt 2, Schema.VStr "Author 2"]
]
}
article :: Schema.Table
article =
(table "article")
{ tableColumns =
[ Schema.column "id" Schema.TInt,
Schema.column "title" Schema.TStr,
Schema.columnNull "content" Schema.TStr,
Schema.column "author_id" Schema.TInt
],
tablePrimaryKey = ["id"],
tableReferences = [Schema.Reference "author_id" "author" "id"]
}
--------------------------------------------------------------------------------
-- ** Setup and teardown
mssqlSetup :: (TestEnvironment, ()) -> IO ()
mssqlSetup (testEnvironment, ()) = do
Sqlserver.setup schema (testEnvironment, ())
-- also setup permissions
GraphqlEngine.postMetadata_ testEnvironment $
[yaml|
type: bulk
args:
- type: mssql_create_insert_permission
args:
source: mssql
table:
schema: hasura
name: article
role: user
permission:
check:
author_by_author_id_to_id:
id: X-Hasura-User-Id
columns:
- id
- title
- content
- author_id
- type: mssql_create_select_permission
args:
source: mssql
table:
schema: hasura
name: article
role: user
permission:
filter:
author_by_author_id_to_id:
id: X-Hasura-User-Id
columns:
- id
- title
- content
- author_id
- type: mssql_create_insert_permission
args:
source: mssql
table:
schema: hasura
name: author
role: user
permission:
check:
id: X-Hasura-User-Id
columns:
- id
- name
|]
mssqlTeardown :: (TestEnvironment, ()) -> IO ()
mssqlTeardown (testEnvironment, ()) = do
-- teardown permissions
let teardownPermissions =
GraphqlEngine.postMetadata_ testEnvironment $
[yaml|
type: bulk
args:
- type: mssql_drop_insert_permission
args:
source: mssql
table:
schema: hasura
name: article
role: user
- type: mssql_drop_select_permission
args:
source: mssql
table:
schema: hasura
name: article
role: user
- type: mssql_drop_insert_permission
args:
source: mssql
table:
schema: hasura
name: author
role: user
|]
finally
teardownPermissions
-- and then rest of the teardown
(Sqlserver.teardown schema (testEnvironment, ()))
--------------------------------------------------------------------------------
-- * Tests
tests :: Context.Options -> SpecWith TestEnvironment
tests opts = do
let userHeaders = [("X-Hasura-Role", "user"), ("X-Hasura-User-Id", "2")]
it "Insert article with mismatching author_id and X-Hasura-User-Id" $ \testEnvironment ->
shouldReturnYaml
opts
( GraphqlEngine.postGraphqlWithHeaders
testEnvironment
userHeaders
[graphql|
mutation {
insert_hasura_article(
objects:[{id: 1, title: "Author 1 article", author_id: 1}]
){
affected_rows
}
}
|]
)
[yaml|
errors:
- extensions:
path: "$"
code: permission-error
message: check constraint of an insert permission has failed
|]
it "Insert article with matching author_id and X-Hasura-User-Id" $ \testEnvironment ->
shouldReturnYaml
opts
( GraphqlEngine.postGraphqlWithHeaders
testEnvironment
userHeaders
[graphql|
mutation {
insert_hasura_article(
objects:[{id: 1, title: "Author 2 article", author_id: 2}]
){
affected_rows
returning {
id
title
content
author_id
}
}
}
|]
)
[yaml|
data:
insert_hasura_article:
returning:
- author_id: 2
content: null
id: 1
title: Author 2 article
affected_rows: 1
|]
it "Insert author with mismatching id and X-Hasura-User-Id" $ \testEnvironment ->
shouldReturnYaml
opts
( GraphqlEngine.postGraphqlWithHeaders
testEnvironment
userHeaders
[graphql|
mutation {
insert_hasura_author(
objects: [{id: 3, name: "Author 3"}]
){
affected_rows
}
}
|]
)
[yaml|
errors:
- extensions:
path: "$"
code: permission-error
message: check constraint of an insert permission has failed
|]