Skip to content

Commit dbd6dc4

Browse files
chris-nissenchris-nissen
committed
Added tests; updates from PR feedback.
1 parent 79f89c2 commit dbd6dc4

File tree

2 files changed

+80
-18
lines changed

2 files changed

+80
-18
lines changed

src/GraphQL.Authorization.Tests/AuthorizationValidationRuleTests.cs

Lines changed: 68 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ public void class_policy_success()
1515
_.RequireClaim("admin");
1616
});
1717

18-
ShouldPassRule(_=>
18+
ShouldPassRule(_ =>
1919
{
2020
_.Query = @"query { post }";
2121
_.Schema = BasicSchema();
@@ -34,7 +34,7 @@ public void class_policy_fail()
3434
_.RequireClaim("admin");
3535
});
3636

37-
ShouldFailRule(_=>
37+
ShouldFailRule(_ =>
3838
{
3939
_.Query = @"query { post }";
4040
_.Schema = BasicSchema();
@@ -49,7 +49,7 @@ public void field_policy_success()
4949
_.RequireClaim("admin");
5050
});
5151

52-
ShouldPassRule(_=>
52+
ShouldPassRule(_ =>
5353
{
5454
_.Query = @"query { post }";
5555
_.Schema = BasicSchema();
@@ -68,7 +68,7 @@ public void field_policy_fail()
6868
_.RequireClaim("admin");
6969
});
7070

71-
ShouldFailRule(_=>
71+
ShouldFailRule(_ =>
7272
{
7373
_.Query = @"query { post }";
7474
_.Schema = BasicSchema();
@@ -83,7 +83,7 @@ public void nested_type_policy_success()
8383
_.RequireClaim("admin");
8484
});
8585

86-
ShouldPassRule(_=>
86+
ShouldPassRule(_ =>
8787
{
8888
_.Query = @"query { post }";
8989
_.Schema = NestedSchema();
@@ -102,7 +102,7 @@ public void nested_type_policy_fail()
102102
_.RequireClaim("admin");
103103
});
104104

105-
ShouldFailRule(_=>
105+
ShouldFailRule(_ =>
106106
{
107107
_.Query = @"query { post }";
108108
_.Schema = NestedSchema();
@@ -117,7 +117,7 @@ public void passes_with_claim_on_input_type()
117117
_.RequireClaim("admin");
118118
});
119119

120-
ShouldPassRule(_=>
120+
ShouldPassRule(_ =>
121121
{
122122
_.Query = @"query { author(input: { name: ""Quinn"" }) }";
123123
_.Schema = TypedSchema();
@@ -136,13 +136,72 @@ public void fails_on_missing_claim_on_input_type()
136136
_.RequireClaim("admin");
137137
});
138138

139-
ShouldFailRule(_=>
139+
ShouldFailRule(_ =>
140140
{
141141
_.Query = @"query { author(input: { name: ""Quinn"" }) }";
142142
_.Schema = TypedSchema();
143143
});
144144
}
145145

146+
[Fact]
147+
public void passes_when_field_is_not_included()
148+
{
149+
Settings.AddPolicy("FieldPolicy", _ =>
150+
{
151+
_.RequireClaim("admin");
152+
});
153+
154+
ShouldPassRule(_ =>
155+
{
156+
_.Query = @"query { post @include(if: false) }";
157+
_.Schema = BasicSchema();
158+
});
159+
}
160+
[Fact]
161+
public void fails_when_field_is_included()
162+
{
163+
Settings.AddPolicy("FieldPolicy", _ =>
164+
{
165+
_.RequireClaim("admin");
166+
});
167+
168+
ShouldFailRule(_ =>
169+
{
170+
_.Query = @"query { post @include(if: true) }";
171+
_.Schema = BasicSchema();
172+
});
173+
}
174+
175+
[Fact]
176+
public void passes_when_field_is_skipped()
177+
{
178+
Settings.AddPolicy("FieldPolicy", _ =>
179+
{
180+
_.RequireClaim("admin");
181+
});
182+
183+
ShouldPassRule(_ =>
184+
{
185+
_.Query = @"query { post @skip(if: true) }";
186+
_.Schema = BasicSchema();
187+
});
188+
}
189+
190+
[Fact]
191+
public void fails_when_field_is_not_skipped()
192+
{
193+
Settings.AddPolicy("FieldPolicy", _ =>
194+
{
195+
_.RequireClaim("admin");
196+
});
197+
198+
ShouldFailRule(_ =>
199+
{
200+
_.Query = @"query { post @skip(if: false) }";
201+
_.Schema = BasicSchema();
202+
});
203+
}
204+
146205
private ISchema BasicSchema()
147206
{
148207
var defs = @"
@@ -204,7 +263,7 @@ public class Post
204263

205264
public class Author
206265
{
207-
public string Name { get; set;}
266+
public string Name { get; set; }
208267
}
209268

210269
private ISchema TypedSchema()

src/GraphQL.Authorization/AuthorizationValidationRule.cs

Lines changed: 12 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -62,28 +62,31 @@ public INodeVisitor Validate(ValidationContext context)
6262

6363
private bool SkipAuthCheck(Field fieldAst, ValidationContext context)
6464
{
65-
if (fieldAst.Directives == null || !fieldAst.Directives.Any()) return true;
65+
if (fieldAst.Directives == null || !fieldAst.Directives.Any()) return false;
6666

67-
var includeField = GetDirectiveValue(context, fieldAst.Directives, DirectiveGraphType.Include.Name);
67+
var includeField = GetDirectiveValue(context, fieldAst.Directives, DirectiveGraphType.Include);
6868
if (includeField.HasValue) return !includeField.Value;
6969

70-
var skipField = GetDirectiveValue(context, fieldAst.Directives, DirectiveGraphType.Skip.Name);
70+
var skipField = GetDirectiveValue(context, fieldAst.Directives, DirectiveGraphType.Skip);
7171
if (skipField.HasValue) return skipField.Value;
7272

7373
return false;
7474
}
7575

76-
private static bool? GetDirectiveValue(ValidationContext context, Directives directives, string directiveName)
76+
private static bool? GetDirectiveValue(ValidationContext context, Directives directives, DirectiveGraphType directiveType)
7777
{
78-
var directive = directives.Find(directiveName);
78+
var directive = directives.Find(directiveType.Name);
7979
if (directive == null) return null;
8080

81-
var operation = !string.IsNullOrWhiteSpace(context.OperationName)
82-
? context.Document.Operations.WithName(context.OperationName)
83-
: context.Document.Operations.FirstOrDefault();
81+
var operationName = context.OperationName;
82+
var documentOperations = context.Document.Operations;
83+
var operation = !string.IsNullOrWhiteSpace(operationName)
84+
? documentOperations.WithName(operationName)
85+
: documentOperations.FirstOrDefault();
86+
8487
var values = ExecutionHelper.GetArgumentValues(
8588
context.Schema,
86-
DirectiveGraphType.Include.Arguments,
89+
directiveType.Arguments,
8790
directive.Arguments,
8891
ExecutionHelper.GetVariableValues(context.Document, context.Schema, operation?.Variables, context.Inputs));
8992

0 commit comments

Comments
 (0)