Add more test cases for graphql cowboy handler

esl · Dec 8, 2021 · fba3a94 · fba3a94
1 parent 38b8fea
commit fba3a94
Show file tree

Hide file tree

Showing 3 changed files with 76 additions and 20 deletions.
diff --git a/big_tests/tests/graphql_SUITE.erl b/big_tests/tests/graphql_SUITE.erl
@@ -16,20 +16,36 @@ all() ->
      {group, user_handler}].
 
 groups() ->
-    [{cowboy_handler, [parallel], [can_connect_to_admin,
-                           can_connect_to_user
-                          ]},
-     {user_handler, [parallel], [wrong_creds_cannot_access_protected_types,
-                         unauth_cannot_access_protected_types,
-                         unauth_can_access_unprotected_types,
-                         can_execute_query_with_variables,
-                         auth_user_can_access_protected_types
-                        ]},
-     {admin_handler, [parallel], [wrong_creds_cannot_access_protected_types,
-                          unauth_cannot_access_protected_types,
-                          unauth_can_access_unprotected_types,
-                          can_execute_query_with_variables,
-                          auth_admin_can_access_protected_types]}].
+    [{cowboy_handler, [parallel], cowboy_handler()},
+     {user_handler, [parallel], user_handler()},
+     {admin_handler, [parallel], admin_handler()}].
+
+cowboy_handler() ->
+    [can_connect_to_admin,
+     can_connect_to_user].
+
+user_handler() ->
+    [wrong_creds_cannot_access_protected_types,
+     unauth_cannot_access_protected_types,
+     unauth_can_access_unprotected_types,
+     can_execute_query_with_variables,
+     auth_user_can_access_protected_types,
+     invalid_json_body_error,
+     no_query_supplied_error,
+     variables_invalid_json_error,
+     can_load_graphiql].
+
+
+admin_handler() ->
+    [wrong_creds_cannot_access_protected_types,
+     unauth_cannot_access_protected_types,
+     unauth_can_access_unprotected_types,
+     can_execute_query_with_variables,
+     auth_admin_can_access_protected_types,
+     invalid_json_body_error,
+     no_query_supplied_error,
+     variables_invalid_json_error,
+     can_load_graphiql].
 
 init_per_suite(Config) ->
     % reset endpoints and load test schema
@@ -129,6 +145,33 @@ can_execute_query_with_variables(Config) ->
                           <<"path">> := [<<"id">>]}]},
                  Data).
 
+can_load_graphiql(Config) ->
+    Ep = ?config(schema_endpoint, Config),
+    {Status, Html} = get_graphiql_website(Ep),
+    ?assertEqual({<<"200">>,<<"OK">>}, Status),
+    ?assertNotEqual(nomatch, binary:match(Html, <<"Loading...">>)).
+
+invalid_json_body_error(Config) ->
+    Ep = ?config(schema_endpoint, Config),
+    Body = <<"">>,
+    {Status, Data} = execute(Ep, Body, undefined),
+    ?assertEqual({<<"400">>,<<"Bad Request">>}, Status),
+    ?assertMatch(#{<<"errors">> := [#{<<"message">> := <<"invalid_json_body">>}]}, Data).
+
+no_query_supplied_error(Config) ->
+    Ep = ?config(schema_endpoint, Config),
+    Body = #{},
+    {Status, Data} = execute(Ep, Body, undefined),
+    ?assertEqual({<<"400">>,<<"Bad Request">>}, Status),
+    ?assertMatch(#{<<"errors">> := [#{<<"message">> := <<"no_query_supplied">>}]}, Data).
+
+variables_invalid_json_error(Config) ->
+    Ep = ?config(schema_endpoint, Config),
+    Body = #{<<"query">> => <<"{ field }">>, <<"variables">> => <<"{1: 2}">>},
+    {Status, Data} = execute(Ep, Body, undefined),
+    ?assertEqual({<<"400">>,<<"Bad Request">>}, Status),
+    ?assertMatch(#{<<"errors">> := [#{<<"message">> := <<"variables_invalid_json">>}]}, Data).
+
 %% Helpers
 
 assert_no_permissions(Status, Data) ->
@@ -187,3 +230,13 @@ execute(EpName, Body, Creds) ->
         path => "/graphql",
         body => Body},
     rest_helper:make_request(Request).
+
+get_graphiql_website(EpName) ->
+    Request =
+      #{port => get_port(EpName),
+        role => {graphql, atom_to_binary(EpName)},
+        method => <<"GET">>,
+        headers => [{<<"Accept">>, <<"text/html">>}],
+        return_maps => true,
+        path => "/graphql"},
+    rest_helper:make_request(Request).
diff --git a/big_tests/tests/rest_helper.erl b/big_tests/tests/rest_helper.erl
@@ -50,6 +50,7 @@
         creds => credentials(),
         path := binary(),
         body := binary(),
+        headers => [{binary(), binary()}],
         return_headers := boolean(),
         server := distributed_helper:rpc_spec(),
         port => inet:port_number(),
@@ -196,15 +197,17 @@ fusco_request(#{ role := Role, method := Method, creds := {User, Password},
                  path := Path, body := Body, server := Server } = Params) ->
     EncodedAuth = base64:encode_to_string(to_list(User) ++ ":"++ to_list(Password)),
     Basic = list_to_binary("Basic " ++ EncodedAuth),
-    Headers = [{<<"authorization">>, Basic}],
+    Headers = [{<<"authorization">>, Basic} | maps:get(headers, Params, [])],
     fusco_request(Method, Path, Body, Headers,
                   get_port(Role, Server, Params), get_ssl_status(Role, Server), Params);
 %% an API to just send a request to a given port, without authentication
 fusco_request(#{ method := Method, path := Path, body := Body, port := Port} = Params) ->
-    fusco_request(Method, Path, Body, [], Port, false, Params);
+    Headers = maps:get(headers, Params, []),
+    fusco_request(Method, Path, Body, Headers, Port, false, Params);
 %% without credentials it is for admin (secure) interface
 fusco_request(#{ role := Role, method := Method, path := Path, body := Body, server := Server } = Params) ->
-    fusco_request(Method, Path, Body, [], get_port(Role, Server, Params), get_ssl_status(Role, Server), Params).
+    Headers = maps:get(headers, Params, []),
+    fusco_request(Method, Path, Body, Headers, get_port(Role, Server, Params), get_ssl_status(Role, Server), Params).
 
 fusco_request(Method, Path, Body, HeadersIn, Port, SSL, Params) ->
     {ok, Client} = fusco_cp:start_link({"localhost", Port, SSL}, [], 1),

diff --git a/src/mongoose_graphql/mongoose_graphql_cowboy_handler.erl b/src/mongoose_graphql/mongoose_graphql_cowboy_handler.erl
@@ -84,7 +84,7 @@ json_request(Req, State) ->
 from_json(Req, State) -> json_request(Req, State).
 to_json(Req, State) -> json_request(Req, State).
 
-%% -- INTERNAL FUNCTIONS ---------------------------------------
+%% Internal
 
 check_auth(Auth, #{schema_endpoint := <<"admin">>} = State) ->
     auth_admin(Auth, State);
@@ -157,10 +157,10 @@ variables([#{ <<"variables">> := Vars} | _]) ->
           try jsx:decode(Vars, [return_maps]) of
               null -> {ok, #{}};
               JSON when is_map(JSON) -> {ok, JSON};
-              _ -> {error, invalid_json}
+              _ -> {error, variables_invalid_json}
           catch
               error:badarg ->
-                  {error, invalid_json}
+                  {error, variables_invalid_json}
           end;
       is_map(Vars) ->
           {ok, Vars};