Skip to content

Commit 573b63d

Browse files
chris-nissenchris-nissen
committed
Added tests; updates from PR feedback.
1 parent ed076b6 commit 573b63d

File tree

2 files changed

+72
-9
lines changed

2 files changed

+72
-9
lines changed

src/GraphQL.Authorization.Tests/AuthorizationValidationRuleTests.cs

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -206,6 +206,66 @@ public void fails_on_missing_claim_on_connection_type()
206206
});
207207
}
208208

209+
[Fact]
210+
public void passes_when_field_is_not_included()
211+
{
212+
Settings.AddPolicy("FieldPolicy", _ =>
213+
{
214+
_.RequireClaim("admin");
215+
});
216+
217+
ShouldPassRule(_ =>
218+
{
219+
_.Query = @"query { post @include(if: false) }";
220+
_.Schema = BasicSchema();
221+
});
222+
}
223+
224+
[Fact]
225+
public void fails_when_field_is_included()
226+
{
227+
Settings.AddPolicy("FieldPolicy", _ =>
228+
{
229+
_.RequireClaim("admin");
230+
});
231+
232+
ShouldFailRule(_ =>
233+
{
234+
_.Query = @"query { post @include(if: true) }";
235+
_.Schema = BasicSchema();
236+
});
237+
}
238+
239+
[Fact]
240+
public void passes_when_field_is_skipped()
241+
{
242+
Settings.AddPolicy("FieldPolicy", _ =>
243+
{
244+
_.RequireClaim("admin");
245+
});
246+
247+
ShouldPassRule(_ =>
248+
{
249+
_.Query = @"query { post @skip(if: true) }";
250+
_.Schema = BasicSchema();
251+
});
252+
}
253+
254+
[Fact]
255+
public void fails_when_field_is_not_skipped()
256+
{
257+
Settings.AddPolicy("FieldPolicy", _ =>
258+
{
259+
_.RequireClaim("admin");
260+
});
261+
262+
ShouldFailRule(_ =>
263+
{
264+
_.Query = @"query { post @skip(if: false) }";
265+
_.Schema = BasicSchema();
266+
});
267+
}
268+
209269
private ISchema BasicSchema()
210270
{
211271
string defs = @"

src/GraphQL.Authorization/AuthorizationValidationRule.cs

Lines changed: 12 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -64,28 +64,31 @@ public Task<INodeVisitor> ValidateAsync(ValidationContext context)
6464

6565
private bool SkipAuthCheck(Field fieldAst, ValidationContext context)
6666
{
67-
if (fieldAst.Directives == null || !fieldAst.Directives.Any()) return true;
67+
if (fieldAst.Directives == null || !fieldAst.Directives.Any()) return false;
6868

69-
var includeField = GetDirectiveValue(context, fieldAst.Directives, DirectiveGraphType.Include.Name);
69+
var includeField = GetDirectiveValue(context, fieldAst.Directives, DirectiveGraphType.Include);
7070
if (includeField.HasValue) return !includeField.Value;
7171

72-
var skipField = GetDirectiveValue(context, fieldAst.Directives, DirectiveGraphType.Skip.Name);
72+
var skipField = GetDirectiveValue(context, fieldAst.Directives, DirectiveGraphType.Skip);
7373
if (skipField.HasValue) return skipField.Value;
7474

7575
return false;
7676
}
7777

78-
private static bool? GetDirectiveValue(ValidationContext context, Directives directives, string directiveName)
78+
private static bool? GetDirectiveValue(ValidationContext context, Directives directives, DirectiveGraphType directiveType)
7979
{
80-
var directive = directives.Find(directiveName);
80+
var directive = directives.Find(directiveType.Name);
8181
if (directive == null) return null;
8282

83-
var operation = !string.IsNullOrWhiteSpace(context.OperationName)
84-
? context.Document.Operations.WithName(context.OperationName)
85-
: context.Document.Operations.FirstOrDefault();
83+
var operationName = context.OperationName;
84+
var documentOperations = context.Document.Operations;
85+
var operation = !string.IsNullOrWhiteSpace(operationName)
86+
? documentOperations.WithName(operationName)
87+
: documentOperations.FirstOrDefault();
88+
8689
var values = ExecutionHelper.GetArgumentValues(
8790
context.Schema,
88-
DirectiveGraphType.Include.Arguments,
91+
directiveType.Arguments,
8992
directive.Arguments,
9093
ExecutionHelper.GetVariableValues(context.Document, context.Schema, operation?.Variables, context.Inputs));
9194

0 commit comments

Comments
 (0)