EXTRA-user-update-and-tests

rwieruch · rwieruch · commit 5eaece8a6462 · 2018-10-25T22:42:16.000+08:00
diff --git a/server/src/resolvers/user.js b/server/src/resolvers/user.js
@@ -2,7 +2,7 @@ import jwt from 'jsonwebtoken';
 import { combineResolvers } from 'graphql-resolvers';
 import { AuthenticationError, UserInputError } from 'apollo-server';
 
-import { isAdmin } from './authorization';
+import { isAdmin, isAuthenticated } from './authorization';
 
 const createToken = async (user, secret, expiresIn) => {
   const { id, email, username, role } = user;
@@ -65,6 +65,14 @@ export default {
       return { token: createToken(user, secret, '30m') };
     },
 
+    updateUser: combineResolvers(
+      isAuthenticated,
+      async (parent, { username }, { models, me }) => {
+        const user = await models.User.findById(me.id);
+        return await user.update({ username });
+      },
+    ),
+
     deleteUser: combineResolvers(
       isAdmin,
       async (parent, { id }, { models }) => {
diff --git a/server/src/schema/user.js b/server/src/schema/user.js
@@ -15,6 +15,7 @@ export default gql`
     ): Token!
 
     signIn(login: String!, password: String!): Token!
+    updateUser(username: String!): User!
     deleteUser(id: ID!): Boolean!
   }
 
diff --git a/server/src/tests/api.js b/server/src/tests/api.js
@@ -2,6 +2,41 @@ import axios from 'axios';
 
 const API_URL = 'http://localhost:8000/graphql';
 
+export const signIn = async variables =>
+  await axios.post(API_URL, {
+    query: `
+      mutation ($login: String!, $password: String!) {
+        signIn(login: $login, password: $password) {
+          token
+        }
+      }
+    `,
+    variables,
+  });
+
+export const me = async token =>
+  await axios.post(
+    API_URL,
+    {
+      query: `
+        {
+          me {
+            id
+            email
+            username
+          }
+        }
+      `,
+    },
+    token
+      ? {
+          headers: {
+            'x-token': token,
+          },
+        }
+      : null,
+  );
+
 export const user = async variables =>
   axios.post(API_URL, {
     query: `
@@ -17,18 +52,62 @@ export const user = async variables =>
     variables,
   });
 
-export const signIn = async variables =>
-  await axios.post(API_URL, {
+export const users = async () =>
+  axios.post(API_URL, {
     query: `
-      mutation ($login: String!, $password: String!) {
-        signIn(login: $login, password: $password) {
+      {
+        users {
+          id
+          username
+          email
+          role
+        }
+      }
+    `,
+  });
+
+export const signUp = async variables =>
+  axios.post(API_URL, {
+    query: `
+      mutation(
+        $username: String!,
+        $email: String!,
+        $password: String!
+      ) {
+        signUp(
+          username: $username,
+          email: $email,
+          password: $password
+        ) {
           token
         }
       }
     `,
     variables,
   });
 
+export const updateUser = async (variables, token) =>
+  axios.post(
+    API_URL,
+    {
+      query: `
+        mutation ($username: String!) {
+          updateUser(username: $username) {
+            username
+          }
+        }
+      `,
+      variables,
+    },
+    token
+      ? {
+          headers: {
+            'x-token': token,
+          },
+        }
+      : null,
+  );
+
 export const deleteUser = async (variables, token) =>
   axios.post(
     API_URL,
@@ -40,9 +119,11 @@ export const deleteUser = async (variables, token) =>
       `,
       variables,
     },
-    {
-      headers: {
-        'x-token': token,
-      },
-    },
+    token
+      ? {
+          headers: {
+            'x-token': token,
+          },
+        }
+      : null,
   );
diff --git a/server/src/tests/user.spec.js b/server/src/tests/user.spec.js
@@ -34,6 +34,135 @@ describe('users', () => {
     });
   });
 
+  describe('users: [User!]', () => {
+    it('returns a list of users', async () => {
+      const expectedResult = {
+        data: {
+          users: [
+            {
+              id: '1',
+              username: 'rwieruch',
+              email: 'hello@robin.com',
+              role: 'ADMIN',
+            },
+            {
+              id: '2',
+              username: 'ddavids',
+              email: 'hello@david.com',
+              role: null,
+            },
+          ],
+        },
+      };
+
+      const result = await userApi.users();
+
+      expect(result.data).to.eql(expectedResult);
+    });
+  });
+
+  describe('me: User', () => {
+    it('returns null when no user is signed in', async () => {
+      const expectedResult = {
+        data: {
+          me: null,
+        },
+      };
+
+      const { data } = await userApi.me();
+
+      expect(data).to.eql(expectedResult);
+    });
+
+    it('returns me when me is signed in', async () => {
+      const expectedResult = {
+        data: {
+          me: {
+            id: '1',
+            username: 'rwieruch',
+            email: 'hello@robin.com',
+          },
+        },
+      };
+
+      const {
+        data: {
+          data: {
+            signIn: { token },
+          },
+        },
+      } = await userApi.signIn({
+        login: 'rwieruch',
+        password: 'rwieruch',
+      });
+
+      const { data } = await userApi.me(token);
+
+      expect(data).to.eql(expectedResult);
+    });
+  });
+
+  describe('signUp, updateUser, deleteUser', () => {
+    it('signs up a user, updates a user and deletes the user as admin', async () => {
+      // sign up
+
+      let {
+        data: {
+          data: {
+            signUp: { token },
+          },
+        },
+      } = await userApi.signUp({
+        username: 'Mark',
+        email: 'mark@gmule.com',
+        password: 'asdasdasd',
+      });
+
+      const {
+        data: {
+          data: { me },
+        },
+      } = await userApi.me(token);
+
+      expect(me).to.eql({
+        id: '3',
+        username: 'Mark',
+        email: 'mark@gmule.com',
+      });
+
+      // update as user
+
+      const {
+        data: {
+          data: { updateUser },
+        },
+      } = await userApi.updateUser({ username: 'Mark' }, token);
+
+      expect(updateUser.username).to.eql('Mark');
+
+      // delete as admin
+
+      const {
+        data: {
+          data: {
+            signIn: { token: adminToken },
+          },
+        },
+      } = await userApi.signIn({
+        login: 'rwieruch',
+        password: 'rwieruch',
+      });
+
+      const {
+        data: {
+          data: { deleteUser },
+        },
+      } = await userApi.deleteUser({ id: me.id }, adminToken);
+
+      expect(deleteUser).to.eql(true);
+    });
+  });
+
   describe('deleteUser(id: String!): Boolean!', () => {
     it('returns an error because only admins can delete a user', async () => {
       const {
@@ -54,4 +183,70 @@ describe('users', () => {
       expect(errors[0].message).to.eql('Not authorized as admin.');
     });
   });
+
+  describe('updateUser(username: String!): User!', () => {
+    it('returns an error because only authenticated users can update a user', async () => {
+      const {
+        data: { errors },
+      } = await userApi.updateUser({ username: 'Mark' });
+
+      expect(errors[0].message).to.eql('Not authenticated as user.');
+    });
+  });
+
+  describe('signIn(login: String!, password: String!): Token!', () => {
+    it('returns a token when a user signs in with username', async () => {
+      const {
+        data: {
+          data: {
+            signIn: { token },
+          },
+        },
+      } = await userApi.signIn({
+        login: 'ddavids',
+        password: 'ddavids',
+      });
+
+      expect(token).to.be.a('string');
+    });
+
+    it('returns a token when a user signs in with email', async () => {
+      const {
+        data: {
+          data: {
+            signIn: { token },
+          },
+        },
+      } = await userApi.signIn({
+        login: 'hello@david.com',
+        password: 'ddavids',
+      });
+
+      expect(token).to.be.a('string');
+    });
+
+    it('returns an error when a user provides a wrong password', async () => {
+      const {
+        data: { errors },
+      } = await userApi.signIn({
+        login: 'ddavids',
+        password: 'dontknow',
+      });
+
+      expect(errors[0].message).to.eql('Invalid password.');
+    });
+  });
+
+  it('returns an error when a user is not found', async () => {
+    const {
+      data: { errors },
+    } = await userApi.signIn({
+      login: 'dontknow',
+      password: 'ddavids',
+    });
+
+    expect(errors[0].message).to.eql(
+      'No user found with this login credentials.',
+    );
+  });
 });

Original file line number	Diff line number	Diff line change
@@ -15,6 +15,7 @@ export default gql`
`15`	`15`	`): Token!`
`16`	`16`
`17`	`17`	`signIn(login: String!, password: String!): Token!`
	`18`	`+ updateUser(username: String!): User!`
`18`	`19`	`deleteUser(id: ID!): Boolean!`
`19`	`20`	`}`
`20`	`21`