AccessTest::assertResponse() - Code Metrics - Inspection of "Prettify json schema dump" - overblog/GraphQLBundle - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#126)

by Jérémiah

created 2017-03-30 12:32 UTC

AccessTest::assertResponse() A

↳ Parent: Project

Complexity

Conditions	1
Paths	1

Size

Total Lines	11
Code Lines	6

Duplication

Lines	11
Ratio	100 %

Importance

Changes

Metric	Value
dl	11
loc	11
rs	9.4285
c	0
b	0
f	0
cc	1
eloc	6
nc	1
nop	3

<?php

/*
 * This file is part of the OverblogGraphQLBundle package.
 *
 * (c) Overblog <http://github.com/overblog/>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Overblog\GraphQLBundle\Tests\Functional\Security;

use Overblog\GraphQLBundle\Tests\Functional\app\Mutation\SimpleMutationWithThunkFieldsMutation;
use Overblog\GraphQLBundle\Tests\Functional\TestCase;

class AccessTest extends TestCase
{
    private $userNameQuery = 'query { user { name } }';

    private $userRolesQuery = 'query { user { roles } }';

    private $userIsEnabledQuery = 'query { user { isEnabled } }';


    private $userFriendsQuery = <<<'EOF'
query {
  user {
    friends(first: 2) {
      edges {
        node {
          name
        }
      }
    }
  }
}
EOF;

    private $simpleMutationWithThunkQuery = <<<'EOF'
mutation M {
  simpleMutationWithThunkFields(input: {inputData: %d, clientMutationId: "bac"}) {
    result
    clientMutationId
  }
}
EOF;

    public function testNotAuthenticatedUserAccessToUserName()

    {
        $expected = [
            'data' => [
                'user' => [
                    'name' => null,
                ],
            ],
            'extensions' => [
                'warnings' => [
                    [
                        'message' => 'Access denied to this field.',
                        'locations' => [['line' => 1, 'column' => 16]],
                        'path' => ['user', 'name'],
                    ],
                ],
            ],
        ];

        $this->assertResponse($this->userNameQuery, $expected, static::ANONYMOUS_USER, 'access');
    }

    public function testFullyAuthenticatedUserAccessToUserName()
    {
        $expected = [
            'data' => [
                'user' => [
                    'name' => 'Dan',
                ],
            ],
        ];

        $this->assertResponse($this->userNameQuery, $expected, static::USER_RYAN, 'access');
    }

    public function testNotAuthenticatedUserAccessToUserRoles()
    {
        $this->assertResponse($this->userRolesQuery, $this->expectedFailedUserRoles(), static::ANONYMOUS_USER, 'access');
    }

    public function testAuthenticatedUserAccessToUserRolesWithoutEnoughRights()
    {
        $this->assertResponse($this->userRolesQuery, $this->expectedFailedUserRoles(), static::USER_RYAN, 'access');
    }

    public function testUserWithCorrectRightsAccessToUserRoles()
    {
        $expected = [
            'data' => [
                'user' => [
                    'roles' => ['ROLE_USER'],
                ],
            ],
        ];

        $this->assertResponse($this->userRolesQuery, $expected, static::USER_ADMIN, 'access');
    }

    public function testUserForbiddenField()

    {
        $expected = [
            'data' => [
                'user' => null,
            ],
            'extensions' => [
                'warnings' => [
                    [
                        'message' => 'Access denied to this field.',
                        'locations' => [
                            [
                                'line' => 3,
                                'column' => 5,
                            ],
                        ],
                        'path' => ['user', 'forbidden'],
                    ],
                ],
            ],
        ];

        $query = <<<'EOF'
query MyQuery {
  user {
    forbidden
  }
}
EOF;

        $this->assertResponse($query, $expected, static::USER_ADMIN, 'access');
    }

    public function testUserAccessToUserFriends()

    {
        $expected = [
            'data' => [
                'user' => [
                    'friends' => [
                        'edges' => [
                            ['node' => ['name' => 'Nick']],
                            ['node' => null],
                        ],
                    ],
                ],
            ],
        ];

        $this->assertResponse($this->userFriendsQuery, $expected, static::USER_ADMIN, 'access');
    }

    public function testMutationAllowedUser()
    {
        $result = 123;

        $expected = [
            'data' => [
                'simpleMutationWithThunkFields' => [
                    'result' => $result,
                    'clientMutationId' => 'bac',
                ],
            ],
        ];

        $this->assertResponse(sprintf($this->simpleMutationWithThunkQuery, $result), $expected, static::USER_ADMIN, 'access');
        $this->assertTrue(SimpleMutationWithThunkFieldsMutation::hasMutate(true));
    }

    public function testMutationAllowedButNoRightsToDisplayPayload()
    {
        $expected = [
            'data' => [
                'simpleMutationWithThunkFields' => [
                    'result' => null,
                    'clientMutationId' => 'bac',
                ],
            ],
            'extensions' => [
                'warnings' => [
                    [
                        'message' => 'Access denied to this field.',
                        'locations' => [
                            [
                                'line' => 3,
                                'column' => 5,
                            ],
                        ],
                        'path' => ['simpleMutationWithThunkFields', 'result'],
                    ],
                ],
            ],
        ];

        $this->assertResponse(sprintf($this->simpleMutationWithThunkQuery, 321), $expected, static::USER_ADMIN, 'access');
        $this->assertTrue(SimpleMutationWithThunkFieldsMutation::hasMutate(true));
    }

    public function testMutationNotAllowedUser()
    {
        $expected = [
            'data' => [
                'simpleMutationWithThunkFields' => null,
            ],
            'errors' => [
                [
                    'message' => 'Access denied to this field.',
                    'locations' => [
                        [
                            'line' => 2,
                            'column' => 3,
                        ],
                    ],
                    'path' => ['simpleMutationWithThunkFields'],
                ],
            ],
        ];

        $this->assertResponse(sprintf($this->simpleMutationWithThunkQuery, 123), $expected, static::USER_RYAN, 'access');
        $this->assertFalse(SimpleMutationWithThunkFieldsMutation::hasMutate(true));
    }

    private function expectedFailedUserRoles()
    {
        return [
            'data' => [
                'user' => [
                    'roles' => [0 => null],
                ],
            ],
        ];
    }
}


1		<?php
2
3		/*
4		* This file is part of the OverblogGraphQLBundle package.
5		*
6		* (c) Overblog <http://github.com/overblog/>
7		*
8		* For the full copyright and license information, please view the LICENSE
9		* file that was distributed with this source code.
10		*/
11
12		namespace Overblog\GraphQLBundle\Tests\Functional\Security;
13
14		use Overblog\GraphQLBundle\Tests\Functional\app\Mutation\SimpleMutationWithThunkFieldsMutation;
15		use Overblog\GraphQLBundle\Tests\Functional\TestCase;
16
17		class AccessTest extends TestCase
18		{
19		private $userNameQuery = 'query { user { name } }';
20
21		private $userRolesQuery = 'query { user { roles } }';
22
23		private $userIsEnabledQuery = 'query { user { isEnabled } }';
		0 ignored issues – show Unused Code introduced 2017-03-30 09:44 UTC by Report Bug Copy Issue Report The property `$userIsEnabledQuery` is not used and could be removed. This check marks private properties in classes that are never used. Those properties can be removed. Loading history...
24
25		private $userFriendsQuery = <<<'EOF'
26		query {
27		user {
28		friends(first: 2) {
29		edges {
30		node {
31		name
32		}
33		}
34		}
35		}
36		}
37		EOF;
38
39		private $simpleMutationWithThunkQuery = <<<'EOF'
40		mutation M {
41		simpleMutationWithThunkFields(input: {inputData: %d, clientMutationId: "bac"}) {
42		result
43		clientMutationId
44		}
45		}
46		EOF;
47
48	View Code Duplication	public function testNotAuthenticatedUserAccessToUserName()
		0 ignored issues – show Duplication introduced 2016-04-02 20:15 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
49		{
50		$expected = [
51		'data' => [
52		'user' => [
53		'name' => null,
54		],
55		],
56		'extensions' => [
57		'warnings' => [
58		[
59		'message' => 'Access denied to this field.',
60		'locations' => [['line' => 1, 'column' => 16]],
61		'path' => ['user', 'name'],
62		],
63		],
64		],
65		];
66
67		$this->assertResponse($this->userNameQuery, $expected, static::ANONYMOUS_USER, 'access');
68		}
69
70		public function testFullyAuthenticatedUserAccessToUserName()
71		{
72		$expected = [
73		'data' => [
74		'user' => [
75		'name' => 'Dan',
76		],
77		],
78		];
79
80		$this->assertResponse($this->userNameQuery, $expected, static::USER_RYAN, 'access');
81		}
82
83		public function testNotAuthenticatedUserAccessToUserRoles()
84		{
85		$this->assertResponse($this->userRolesQuery, $this->expectedFailedUserRoles(), static::ANONYMOUS_USER, 'access');
86		}
87
88		public function testAuthenticatedUserAccessToUserRolesWithoutEnoughRights()
89		{
90		$this->assertResponse($this->userRolesQuery, $this->expectedFailedUserRoles(), static::USER_RYAN, 'access');
91		}
92
93		public function testUserWithCorrectRightsAccessToUserRoles()
94		{
95		$expected = [
96		'data' => [
97		'user' => [
98		'roles' => ['ROLE_USER'],
99		],
100		],
101		];
102
103		$this->assertResponse($this->userRolesQuery, $expected, static::USER_ADMIN, 'access');
104		}
105
106	View Code Duplication	public function testUserForbiddenField()
		0 ignored issues – show Duplication introduced 2016-05-16 09:56 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
107		{
108		$expected = [
109		'data' => [
110		'user' => null,
111		],
112		'extensions' => [
113		'warnings' => [
114		[
115		'message' => 'Access denied to this field.',
116		'locations' => [
117		[
118		'line' => 3,
119		'column' => 5,
120		],
121		],
122		'path' => ['user', 'forbidden'],
123		],
124		],
125		],
126		];
127
128		$query = <<<'EOF'
129		query MyQuery {
130		user {
131		forbidden
132		}
133		}
134		EOF;
135
136		$this->assertResponse($query, $expected, static::USER_ADMIN, 'access');
137		}
138
139	View Code Duplication	public function testUserAccessToUserFriends()
		0 ignored issues – show Duplication introduced 2017-03-30 09:44 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
140		{
141		$expected = [
142		'data' => [
143		'user' => [
144		'friends' => [
145		'edges' => [
146		['node' => ['name' => 'Nick']],
147		['node' => null],
148		],
149		],
150		],
151		],
152		];
153
154		$this->assertResponse($this->userFriendsQuery, $expected, static::USER_ADMIN, 'access');
155		}
156
157		public function testMutationAllowedUser()
158		{
159		$result = 123;
160
161		$expected = [
162		'data' => [
163		'simpleMutationWithThunkFields' => [
164		'result' => $result,
165		'clientMutationId' => 'bac',
166		],
167		],
168		];
169
170		$this->assertResponse(sprintf($this->simpleMutationWithThunkQuery, $result), $expected, static::USER_ADMIN, 'access');
171		$this->assertTrue(SimpleMutationWithThunkFieldsMutation::hasMutate(true));
172		}
173
174		public function testMutationAllowedButNoRightsToDisplayPayload()
175		{
176		$expected = [
177		'data' => [
178		'simpleMutationWithThunkFields' => [
179		'result' => null,
180		'clientMutationId' => 'bac',
181		],
182		],
183		'extensions' => [
184		'warnings' => [
185		[
186		'message' => 'Access denied to this field.',
187		'locations' => [
188		[
189		'line' => 3,
190		'column' => 5,
191		],
192		],
193		'path' => ['simpleMutationWithThunkFields', 'result'],
194		],
195		],
196		],
197		];
198
199		$this->assertResponse(sprintf($this->simpleMutationWithThunkQuery, 321), $expected, static::USER_ADMIN, 'access');
200		$this->assertTrue(SimpleMutationWithThunkFieldsMutation::hasMutate(true));
201		}
202
203		public function testMutationNotAllowedUser()
204		{
205		$expected = [
206		'data' => [
207		'simpleMutationWithThunkFields' => null,
208		],
209		'errors' => [
210		[
211		'message' => 'Access denied to this field.',
212		'locations' => [
213		[
214		'line' => 2,
215		'column' => 3,
216		],
217		],
218		'path' => ['simpleMutationWithThunkFields'],
219		],
220		],
221		];
222
223		$this->assertResponse(sprintf($this->simpleMutationWithThunkQuery, 123), $expected, static::USER_RYAN, 'access');
224		$this->assertFalse(SimpleMutationWithThunkFieldsMutation::hasMutate(true));
225		}
226
227		private function expectedFailedUserRoles()
228		{
229		return [
230		'data' => [
231		'user' => [
232		'roles' => [0 => null],
233		],
234		],
235		];
236		}
237		}
238

overblog / GraphQLBundle

Scrutinizer GitHub App not installed

Pull Request — master (#126)

AccessTest::assertResponse() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like