1: -module(graphql_SUITE). 2: 3: -include_lib("common_test/include/ct.hrl"). 4: -include_lib("eunit/include/eunit.hrl"). 5: -include_lib("exml/include/exml.hrl"). 6: 7: -compile([export_all, nowarn_export_all]). 8: 9: -import(distributed_helper, [mim/0, require_rpc_nodes/1, rpc/4]). 10: -import(graphql_helper, [execute/3]). 11: 12: -define(assertAdminAuth(Auth, Data), assert_auth(atom_to_binary(Auth), Data)). 13: -define(assertUserAuth(Username, Auth, Data), 14: assert_auth(#{<<"username">> => Username, 15: <<"authStatus">> => atom_to_binary(Auth)}, Data)). 16: 17: suite() -> 18: require_rpc_nodes([mim]) ++ escalus:suite(). 19: 20: all() -> 21: [{group, cowboy_handler}, 22: {group, admin_handler}, 23: {group, user_handler}]. 24: 25: groups() -> 26: [{cowboy_handler, [parallel], cowboy_handler()}, 27: {user_handler, [parallel], user_handler()}, 28: {admin_handler, [parallel], admin_handler()}]. 29: 30: cowboy_handler() -> 31: [can_connect_to_admin, 32: can_connect_to_user]. 33: 34: user_handler() -> 35: [user_checks_auth, 36: auth_user_checks_auth | common_tests()]. 37: admin_handler() -> 38: [admin_checks_auth, 39: auth_admin_checks_auth | common_tests()]. 40: 41: common_tests() -> 42: [can_load_graphiql]. 43: 44: init_per_suite(Config) -> 45: Config1 = escalus:init_per_suite(Config), 46: dynamic_modules:save_modules(domain_helper:host_type(), Config1). 47: 48: end_per_suite(Config) -> 49: dynamic_modules:restore_modules(Config), 50: escalus_fresh:clean(), 51: escalus:end_per_suite(Config). 52: 53: init_per_group(admin_handler, Config) -> 54: graphql_helper:init_admin_handler(Config); 55: init_per_group(user_handler, Config) -> 56: Config1 = escalus:create_users(Config, escalus:get_users([alice])), 57: [{schema_endpoint, user} | Config1]; 58: init_per_group(_, Config) -> 59: Config. 60: 61: end_per_group(user_handler, Config) -> 62: escalus:delete_users(Config, escalus:get_users([alice])); 63: end_per_group(_, _Config) -> 64: ok. 65: 66: init_per_testcase(CaseName, Config) -> 67: escalus:init_per_testcase(CaseName, Config). 68: 69: end_per_testcase(CaseName, Config) -> 70: escalus:end_per_testcase(CaseName, Config). 71: 72: can_connect_to_admin(_Config) -> 73: ?assertMatch({{<<"400">>, <<"Bad Request">>}, _}, execute(admin, #{}, undefined)). 74: 75: can_connect_to_user(_Config) -> 76: ?assertMatch({{<<"400">>, <<"Bad Request">>}, _}, execute(user, #{}, undefined)). 77: 78: can_load_graphiql(Config) -> 79: Ep = ?config(schema_endpoint, Config), 80: {Status, Html} = get_graphiql_website(Ep), 81: ?assertEqual({<<"200">>, <<"OK">>}, Status), 82: ?assertNotEqual(nomatch, binary:match(Html, <<"Loading...">>)). 83: 84: user_checks_auth(Config) -> 85: Ep = ?config(schema_endpoint, Config), 86: Body = #{query => "{ checkAuth { username authStatus } }"}, 87: StatusData = execute(Ep, Body, undefined), 88: ?assertUserAuth(null, 'UNAUTHORIZED', StatusData). 89: 90: auth_user_checks_auth(Config) -> 91: escalus:fresh_story( 92: Config, [{alice, 1}], 93: fun(Alice) -> 94: Password = user_password(alice), 95: AliceJID = escalus_client:short_jid(Alice), 96: Ep = ?config(schema_endpoint, Config), 97: Body = #{query => "{ checkAuth { username authStatus } }"}, 98: StatusData = execute(Ep, Body, {AliceJID, Password}), 99: ?assertUserAuth(AliceJID, 'AUTHORIZED', StatusData) 100: end). 101: 102: admin_checks_auth(Config) -> 103: Ep = ?config(schema_endpoint, Config), 104: Body = #{query => "{ checkAuth }"}, 105: StatusData = execute(Ep, Body, undefined), 106: ?assertAdminAuth('UNAUTHORIZED', StatusData). 107: 108: auth_admin_checks_auth(Config) -> 109: Ep = ?config(schema_endpoint, Config), 110: Opts = ?config(listener_opts, Config), 111: User = proplists:get_value(username, Opts), 112: Password = proplists:get_value(password, Opts), 113: Body = #{query => "{ checkAuth }"}, 114: StatusData = execute(Ep, Body, {User, Password}), 115: ?assertAdminAuth('AUTHORIZED', StatusData). 116: 117: %% Helpers 118: 119: assert_auth(Auth, {Status, Data}) -> 120: ?assertEqual({<<"200">>, <<"OK">>}, Status), 121: ?assertMatch(#{<<"data">> := #{<<"checkAuth">> := Auth}}, Data). 122: 123: user_password(User) -> 124: [{User, Props}] = escalus:get_users([User]), 125: proplists:get_value(password, Props). 126: 127: get_graphiql_website(EpName) -> 128: Request = 129: #{port => graphql_helper:get_listener_port(EpName), 130: role => {graphql, atom_to_binary(EpName)}, 131: method => <<"GET">>, 132: headers => [{<<"Accept">>, <<"text/html">>}], 133: return_maps => true, 134: path => "/graphql"}, 135: rest_helper:make_request(Request).