Skip to content

Commit 2290145

Browse files
Moumoulsdavimacedo
Moumouls
authored and
davimacedo
committed
GraphQL: ACL (#5957)
* Spec Fix Spec * Add ACL Type + Input * Improvements * Fix
1 parent 9cf3b52 commit 2290145

File tree

10 files changed

+465
-187
lines changed

10 files changed

+465
-187
lines changed

package-lock.json

Lines changed: 43 additions & 173 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

spec/ParseGraphQLServer.spec.js

Lines changed: 173 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5829,6 +5829,179 @@ describe('ParseGraphQLServer', () => {
58295829
expect(schema.fields.updatedAt.type).toEqual('Date');
58305830
});
58315831

5832+
it('should support ACL', async () => {
5833+
const someClass = new Parse.Object('SomeClass');
5834+
await someClass.save();
5835+
5836+
const user = new Parse.User();
5837+
user.set('username', 'username');
5838+
user.set('password', 'password');
5839+
await user.signUp();
5840+
5841+
const user2 = new Parse.User();
5842+
user2.set('username', 'username2');
5843+
user2.set('password', 'password2');
5844+
await user2.signUp();
5845+
5846+
const roleACL = new Parse.ACL();
5847+
roleACL.setPublicReadAccess(true);
5848+
5849+
const role = new Parse.Role('aRole', roleACL);
5850+
await role.save();
5851+
5852+
const role2 = new Parse.Role('aRole2', roleACL);
5853+
await role2.save();
5854+
5855+
await parseGraphQLServer.parseGraphQLSchema.databaseController.schemaCache.clear();
5856+
5857+
const {
5858+
data: { createSomeClass },
5859+
} = await apolloClient.mutate({
5860+
mutation: gql`
5861+
mutation Create($fields: CreateSomeClassFieldsInput) {
5862+
createSomeClass(fields: $fields) {
5863+
id
5864+
ACL {
5865+
users {
5866+
userId
5867+
read
5868+
write
5869+
}
5870+
roles {
5871+
roleName
5872+
read
5873+
write
5874+
}
5875+
public {
5876+
read
5877+
write
5878+
}
5879+
}
5880+
}
5881+
}
5882+
`,
5883+
variables: {
5884+
fields: {
5885+
ACL: {
5886+
users: [
5887+
{ userId: user.id, read: true, write: true },
5888+
{ userId: user2.id, read: true, write: false },
5889+
],
5890+
roles: [
5891+
{ roleName: 'aRole', read: true, write: false },
5892+
{ roleName: 'aRole2', read: false, write: true },
5893+
],
5894+
public: { read: true, write: true },
5895+
},
5896+
},
5897+
},
5898+
});
5899+
5900+
const expectedCreateACL = {
5901+
__typename: 'ACL',
5902+
users: [
5903+
{
5904+
userId: user.id,
5905+
read: true,
5906+
write: true,
5907+
__typename: 'UserACL',
5908+
},
5909+
{
5910+
userId: user2.id,
5911+
read: true,
5912+
write: false,
5913+
__typename: 'UserACL',
5914+
},
5915+
],
5916+
roles: [
5917+
{
5918+
roleName: 'aRole',
5919+
read: true,
5920+
write: false,
5921+
__typename: 'RoleACL',
5922+
},
5923+
{
5924+
roleName: 'aRole2',
5925+
read: false,
5926+
write: true,
5927+
__typename: 'RoleACL',
5928+
},
5929+
],
5930+
public: { read: true, write: true, __typename: 'PublicACL' },
5931+
};
5932+
const query1 = new Parse.Query('SomeClass');
5933+
const obj1 = (await query1.get(createSomeClass.id, {
5934+
useMasterKey: true,
5935+
})).toJSON();
5936+
expect(obj1.ACL[user.id]).toEqual({ read: true, write: true });
5937+
expect(obj1.ACL[user2.id]).toEqual({ read: true });
5938+
expect(obj1.ACL['role:aRole']).toEqual({ read: true });
5939+
expect(obj1.ACL['role:aRole2']).toEqual({ write: true });
5940+
expect(obj1.ACL['*']).toEqual({ read: true, write: true });
5941+
expect(createSomeClass.ACL).toEqual(expectedCreateACL);
5942+
5943+
const {
5944+
data: { updateSomeClass },
5945+
} = await apolloClient.mutate({
5946+
mutation: gql`
5947+
mutation Update($id: ID!, $fields: UpdateSomeClassFieldsInput) {
5948+
updateSomeClass(id: $id, fields: $fields) {
5949+
id
5950+
ACL {
5951+
users {
5952+
userId
5953+
read
5954+
write
5955+
}
5956+
roles {
5957+
roleName
5958+
read
5959+
write
5960+
}
5961+
public {
5962+
read
5963+
write
5964+
}
5965+
}
5966+
}
5967+
}
5968+
`,
5969+
variables: {
5970+
id: createSomeClass.id,
5971+
fields: {
5972+
ACL: {
5973+
roles: [{ roleName: 'aRole', write: true, read: true }],
5974+
public: { read: true, write: false },
5975+
},
5976+
},
5977+
},
5978+
});
5979+
5980+
const expectedUpdateACL = {
5981+
__typename: 'ACL',
5982+
users: null,
5983+
roles: [
5984+
{
5985+
roleName: 'aRole',
5986+
read: true,
5987+
write: true,
5988+
__typename: 'RoleACL',
5989+
},
5990+
],
5991+
public: { read: true, write: false, __typename: 'PublicACL' },
5992+
};
5993+
5994+
const query2 = new Parse.Query('SomeClass');
5995+
const obj2 = (await query2.get(createSomeClass.id, {
5996+
useMasterKey: true,
5997+
})).toJSON();
5998+
5999+
expect(obj2.ACL['role:aRole']).toEqual({ write: true, read: true });
6000+
expect(obj2.ACL[user.id]).toBeUndefined();
6001+
expect(obj2.ACL['*']).toEqual({ read: true });
6002+
expect(updateSomeClass.ACL).toEqual(expectedUpdateACL);
6003+
});
6004+
58326005
it('should support pointer on create', async () => {
58336006
const company = new Parse.Object('Company');
58346007
company.set('name', 'imACompany1');

src/GraphQL/ParseGraphQLServer.js

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,10 @@ class ParseGraphQLServer {
4646
config: req.config,
4747
auth: req.auth,
4848
},
49+
formatError: error => {
50+
// Allow to console.log here to debug
51+
return error;
52+
},
4953
};
5054
} catch (e) {
5155
this.log.error(

0 commit comments

Comments
 (0)