2022-04-19 04:25:11 +00:00
|
|
|
use async_graphql::{Guard, *};
|
2020-10-16 06:49:22 +00:00
|
|
|
use futures_util::stream::{Stream, StreamExt};
|
2020-05-01 23:57:34 +00:00
|
|
|
|
2020-05-02 03:03:04 +00:00
|
|
|
#[derive(Eq, PartialEq, Copy, Clone)]
|
|
|
|
|
enum Role {
|
|
|
|
|
Admin,
|
|
|
|
|
Guest,
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-08 11:42:53 +00:00
|
|
|
pub struct RoleGuard {
|
2020-05-02 03:03:04 +00:00
|
|
|
role: Role,
|
|
|
|
|
}
|
2020-05-01 23:57:34 +00:00
|
|
|
|
2021-11-16 02:22:39 +00:00
|
|
|
impl RoleGuard {
|
|
|
|
|
fn new(role: Role) -> Self {
|
|
|
|
|
Self { role }
|
|
|
|
|
}
|
2021-06-08 11:42:53 +00:00
|
|
|
}
|
|
|
|
|
|
2020-05-02 03:03:04 +00:00
|
|
|
#[async_trait::async_trait]
|
|
|
|
|
impl Guard for RoleGuard {
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
async fn check(&self, ctx: &Context<'_>) -> Result<()> {
|
2020-05-02 03:03:04 +00:00
|
|
|
if ctx.data_opt::<Role>() == Some(&self.role) {
|
|
|
|
|
Ok(())
|
|
|
|
|
} else {
|
|
|
|
|
Err("Forbidden".into())
|
|
|
|
|
}
|
2020-05-01 23:57:34 +00:00
|
|
|
}
|
2020-05-02 03:03:04 +00:00
|
|
|
}
|
2020-05-01 23:57:34 +00:00
|
|
|
|
2020-05-02 03:03:04 +00:00
|
|
|
struct Username(String);
|
|
|
|
|
|
2021-11-16 02:22:39 +00:00
|
|
|
struct UserGuard<'a> {
|
|
|
|
|
username: &'a str,
|
2020-05-02 03:03:04 +00:00
|
|
|
}
|
|
|
|
|
|
2021-11-16 02:22:39 +00:00
|
|
|
impl<'a> UserGuard<'a> {
|
|
|
|
|
fn new(username: &'a str) -> Self {
|
|
|
|
|
Self { username }
|
2020-05-01 23:57:34 +00:00
|
|
|
}
|
2020-05-02 03:03:04 +00:00
|
|
|
}
|
2020-05-01 23:57:34 +00:00
|
|
|
|
2020-10-06 09:16:51 +00:00
|
|
|
#[async_trait::async_trait]
|
2021-11-16 02:22:39 +00:00
|
|
|
impl<'a> Guard for UserGuard<'a> {
|
2020-10-06 09:16:51 +00:00
|
|
|
async fn check(&self, ctx: &Context<'_>) -> Result<()> {
|
2021-11-16 02:22:39 +00:00
|
|
|
if ctx.data_opt::<Username>().map(|name| name.0.as_str()) == Some(self.username) {
|
2020-10-06 09:16:51 +00:00
|
|
|
Ok(())
|
|
|
|
|
} else {
|
|
|
|
|
Err("Forbidden".into())
|
2020-05-01 23:57:34 +00:00
|
|
|
}
|
2020-10-06 09:16:51 +00:00
|
|
|
}
|
|
|
|
|
}
|
2020-05-01 23:57:34 +00:00
|
|
|
|
2021-03-12 04:47:24 +00:00
|
|
|
#[tokio::test]
|
2020-10-06 09:16:51 +00:00
|
|
|
pub async fn test_guard_simple_rule() {
|
|
|
|
|
#[derive(SimpleObject)]
|
|
|
|
|
struct Query {
|
2021-11-16 02:22:39 +00:00
|
|
|
#[graphql(guard = "RoleGuard::new(Role::Admin)")]
|
2020-10-06 09:16:51 +00:00
|
|
|
value: i32,
|
2020-05-01 23:57:34 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct Subscription;
|
|
|
|
|
|
2020-09-18 00:52:13 +00:00
|
|
|
#[Subscription]
|
2020-05-01 23:57:34 +00:00
|
|
|
impl Subscription {
|
2021-11-16 02:22:39 +00:00
|
|
|
#[graphql(guard = "RoleGuard::new(Role::Admin)")]
|
2020-05-05 05:02:24 +00:00
|
|
|
async fn values(&self) -> impl Stream<Item = i32> {
|
2020-10-16 06:49:22 +00:00
|
|
|
futures_util::stream::iter(vec![1, 2, 3])
|
2020-05-01 23:57:34 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-06 09:16:51 +00:00
|
|
|
let schema = Schema::new(Query { value: 10 }, EmptyMutation, Subscription);
|
2020-05-01 23:57:34 +00:00
|
|
|
|
2020-05-05 05:02:24 +00:00
|
|
|
let query = "{ value }";
|
2020-05-01 23:57:34 +00:00
|
|
|
assert_eq!(
|
2020-09-10 11:35:48 +00:00
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Admin))
|
2020-05-01 23:57:34 +00:00
|
|
|
.await
|
|
|
|
|
.data,
|
2020-10-12 02:17:05 +00:00
|
|
|
value!({"value": 10})
|
2020-05-01 23:57:34 +00:00
|
|
|
);
|
|
|
|
|
|
2020-05-05 05:02:24 +00:00
|
|
|
let query = "{ value }";
|
2020-05-01 23:57:34 +00:00
|
|
|
assert_eq!(
|
2020-09-10 11:35:48 +00:00
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Guest))
|
2020-05-01 23:57:34 +00:00
|
|
|
.await
|
2020-09-10 23:58:02 +00:00
|
|
|
.into_result()
|
2020-05-01 23:57:34 +00:00
|
|
|
.unwrap_err(),
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
2021-11-07 11:11:17 +00:00
|
|
|
source: None,
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
|
|
|
|
path: vec![PathSegment::Field("value".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
2020-05-01 23:57:34 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
2020-09-10 11:35:48 +00:00
|
|
|
.execute_stream(Request::new("subscription { values }").data(Role::Admin))
|
|
|
|
|
.map(|item| item.data)
|
2020-05-01 23:57:34 +00:00
|
|
|
.collect::<Vec<_>>()
|
|
|
|
|
.await,
|
|
|
|
|
vec![
|
2020-10-12 02:17:05 +00:00
|
|
|
value! ({"values": 1}),
|
|
|
|
|
value! ({"values": 2}),
|
|
|
|
|
value! ({"values": 3})
|
2020-05-01 23:57:34 +00:00
|
|
|
]
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
2020-09-10 11:35:48 +00:00
|
|
|
.execute_stream(Request::new("subscription { values }").data(Role::Guest))
|
2020-09-10 23:58:02 +00:00
|
|
|
.next()
|
2020-05-01 23:57:34 +00:00
|
|
|
.await
|
2020-09-10 23:58:02 +00:00
|
|
|
.unwrap()
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
.errors,
|
|
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
2021-11-07 11:11:17 +00:00
|
|
|
source: None,
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
locations: vec![Pos {
|
2020-05-01 23:57:34 +00:00
|
|
|
line: 1,
|
|
|
|
|
column: 16
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
}],
|
|
|
|
|
path: vec![PathSegment::Field("values".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
2020-05-01 23:57:34 +00:00
|
|
|
);
|
|
|
|
|
}
|
2020-05-02 03:03:04 +00:00
|
|
|
|
2021-03-12 04:47:24 +00:00
|
|
|
#[tokio::test]
|
2020-10-06 09:16:51 +00:00
|
|
|
pub async fn test_guard_and_operator() {
|
2020-09-18 00:52:13 +00:00
|
|
|
#[derive(SimpleObject)]
|
2020-05-02 03:03:04 +00:00
|
|
|
struct Query {
|
2021-11-16 02:22:39 +00:00
|
|
|
#[graphql(guard = r#"RoleGuard::new(Role::Admin).and(UserGuard::new("test"))"#)]
|
2020-05-02 03:03:04 +00:00
|
|
|
value: i32,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let schema = Schema::new(Query { value: 10 }, EmptyMutation, EmptySubscription);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
2020-09-10 11:35:48 +00:00
|
|
|
schema
|
|
|
|
|
.execute(
|
|
|
|
|
Request::new(query)
|
|
|
|
|
.data(Role::Admin)
|
|
|
|
|
.data(Username("test".to_string()))
|
|
|
|
|
)
|
2020-05-02 03:03:04 +00:00
|
|
|
.await
|
|
|
|
|
.data,
|
2020-10-12 02:17:05 +00:00
|
|
|
value!({"value": 10})
|
2020-05-02 03:03:04 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
2020-09-10 11:35:48 +00:00
|
|
|
schema
|
|
|
|
|
.execute(
|
|
|
|
|
Request::new(query)
|
|
|
|
|
.data(Role::Guest)
|
|
|
|
|
.data(Username("test".to_string()))
|
|
|
|
|
)
|
2020-05-02 03:03:04 +00:00
|
|
|
.await
|
2020-09-10 23:58:02 +00:00
|
|
|
.into_result()
|
2020-05-02 03:03:04 +00:00
|
|
|
.unwrap_err(),
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
2021-11-07 11:11:17 +00:00
|
|
|
source: None,
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
|
|
|
|
path: vec![PathSegment::Field("value".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
2020-05-02 03:03:04 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
2020-09-10 11:35:48 +00:00
|
|
|
schema
|
|
|
|
|
.execute(
|
|
|
|
|
Request::new(query)
|
|
|
|
|
.data(Role::Admin)
|
|
|
|
|
.data(Username("test1".to_string()))
|
|
|
|
|
)
|
2020-05-02 03:03:04 +00:00
|
|
|
.await
|
2020-09-10 23:58:02 +00:00
|
|
|
.into_result()
|
2020-05-02 03:03:04 +00:00
|
|
|
.unwrap_err(),
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
2021-11-07 11:11:17 +00:00
|
|
|
source: None,
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
|
|
|
|
path: vec![PathSegment::Field("value".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
2020-05-02 03:03:04 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
2020-09-10 11:35:48 +00:00
|
|
|
schema
|
|
|
|
|
.execute(
|
|
|
|
|
Request::new(query)
|
|
|
|
|
.data(Role::Guest)
|
|
|
|
|
.data(Username("test1".to_string()))
|
|
|
|
|
)
|
2020-05-02 03:03:04 +00:00
|
|
|
.await
|
2020-09-10 23:58:02 +00:00
|
|
|
.into_result()
|
2020-05-02 03:03:04 +00:00
|
|
|
.unwrap_err(),
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
2021-11-07 11:11:17 +00:00
|
|
|
source: None,
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
|
|
|
|
path: vec![PathSegment::Field("value".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
2020-05-02 03:03:04 +00:00
|
|
|
);
|
|
|
|
|
}
|
2020-05-09 10:34:57 +00:00
|
|
|
|
2021-03-12 04:47:24 +00:00
|
|
|
#[tokio::test]
|
2020-10-06 09:16:51 +00:00
|
|
|
pub async fn test_guard_or_operator() {
|
|
|
|
|
#[derive(SimpleObject)]
|
|
|
|
|
struct Query {
|
2021-11-16 02:22:39 +00:00
|
|
|
#[graphql(guard = r#"RoleGuard::new(Role::Admin).or(UserGuard::new("test"))"#)]
|
2020-10-06 09:16:51 +00:00
|
|
|
value: i32,
|
2020-05-09 10:34:57 +00:00
|
|
|
}
|
|
|
|
|
|
2020-10-06 09:16:51 +00:00
|
|
|
let schema = Schema::new(Query { value: 10 }, EmptyMutation, EmptySubscription);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(
|
|
|
|
|
Request::new(query)
|
|
|
|
|
.data(Role::Admin)
|
|
|
|
|
.data(Username("test".to_string()))
|
|
|
|
|
)
|
|
|
|
|
.await
|
|
|
|
|
.data,
|
2020-10-12 02:17:05 +00:00
|
|
|
value!({"value": 10})
|
2020-10-06 09:16:51 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(
|
|
|
|
|
Request::new(query)
|
|
|
|
|
.data(Role::Guest)
|
|
|
|
|
.data(Username("test".to_string()))
|
|
|
|
|
)
|
|
|
|
|
.await
|
|
|
|
|
.data,
|
2020-10-12 02:17:05 +00:00
|
|
|
value!({"value": 10})
|
2020-10-06 09:16:51 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(
|
|
|
|
|
Request::new(query)
|
|
|
|
|
.data(Role::Admin)
|
|
|
|
|
.data(Username("test1".to_string()))
|
|
|
|
|
)
|
2020-05-09 10:34:57 +00:00
|
|
|
.await
|
|
|
|
|
.data,
|
2020-10-12 02:17:05 +00:00
|
|
|
value!({"value": 10})
|
2020-05-09 10:34:57 +00:00
|
|
|
);
|
|
|
|
|
|
2020-10-06 09:16:51 +00:00
|
|
|
let query = "{ value }";
|
2020-05-09 10:34:57 +00:00
|
|
|
assert_eq!(
|
2020-09-10 11:35:48 +00:00
|
|
|
schema
|
2020-10-06 09:16:51 +00:00
|
|
|
.execute(
|
|
|
|
|
Request::new(query)
|
|
|
|
|
.data(Role::Guest)
|
|
|
|
|
.data(Username("test1".to_string()))
|
|
|
|
|
)
|
2020-05-09 10:34:57 +00:00
|
|
|
.await
|
2020-09-10 23:58:02 +00:00
|
|
|
.into_result()
|
2020-05-09 10:34:57 +00:00
|
|
|
.unwrap_err(),
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
2021-11-07 11:11:17 +00:00
|
|
|
source: None,
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
2020-10-06 09:16:51 +00:00
|
|
|
path: vec![PathSegment::Field("value".to_owned())],
|
Rework errors
This completely overhauls the error system used in async-graphql.
- `Error` has been renamed to `ServerError` and `FieldError` has been
renamed to just `Error`. This is because `FieldError` is by far the most
common error that users will have to use so it makes sense to use the
most obvious error name. Also, the current name didn't make sense as it
was used for things other than field errors, such as the data callback
for websockets.
- `ServerError` has been made completely opaque. Before it was an enum
of all the possible errors, but now it just contains an error message,
the locations, the path and extensions. It is a shame that we lose
information, it makes more sense as _conceptually_ GraphQL does not
provide that information. It also frees us to change the internals of
async-graphql a lot more.
- The path of errors is no longer an opaque JSON value but a regular
type, `Vec<PathSegment>`. The type duplication of `PathSegment` and
`QueryPathSegment` is unfortunate, I plan to work on this in the future.
- Now that `ServerError` is opaque, `RuleError` has been removed from
the public API, making it simpler.
- Additionally `QueryError` has been completely removed. Instead the
error messages are constructed ad-hoc; I took care to never repeat an
error message.
- Instead of constructing field-not-found errors inside the
implementations of field resolvers they now return `Option`s, where a
`None` value is representative of the field not being found.
- As an unfortunate consequence of the last change, self-referential
types based on the output of a subscription resolver can no longer be
created. This does not mean anything for users, but causes lifetime
issues in the implementation of merged objects. I fixed it with a bit of
a hack, but this'll have to be looked into further.
- `InputValueError` now has a generic parameter - it's kind of weird but
it's necessary for ergonomics. It also improves error messages.
- The `ErrorExtensions` trait has been removed. I didn't think the
`extend` method was necessary since `From` impls exist. But the
ergonomics are still there with a new trait `ExtendError`, which
is implemented for both errors and results.
- `Response` now supports serializing multiple errors. This allows for
nice things like having multiple validation errors not be awkwardly
shoved into a single error.
- When an error occurs in execution, data is sent as `null`. This is
slightly more compliant with the spec but the algorithm described in
<https://spec.graphql.org/June2018/#sec-Errors-and-Non-Nullability> has
yet to be implemented.
2020-09-29 19:06:44 +00:00
|
|
|
extensions: None,
|
|
|
|
|
}]
|
2020-05-09 10:34:57 +00:00
|
|
|
);
|
|
|
|
|
}
|
2021-07-15 00:09:29 +00:00
|
|
|
|
|
|
|
|
#[tokio::test]
|
|
|
|
|
pub async fn test_guard_use_params() {
|
|
|
|
|
struct EqGuard {
|
|
|
|
|
expect: i32,
|
|
|
|
|
actual: i32,
|
|
|
|
|
}
|
|
|
|
|
|
2021-11-16 02:22:39 +00:00
|
|
|
impl EqGuard {
|
|
|
|
|
fn new(expect: i32, actual: i32) -> Self {
|
|
|
|
|
Self { expect, actual }
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-15 00:09:29 +00:00
|
|
|
#[async_trait::async_trait]
|
|
|
|
|
impl Guard for EqGuard {
|
|
|
|
|
async fn check(&self, _ctx: &Context<'_>) -> Result<()> {
|
|
|
|
|
if self.expect != self.actual {
|
|
|
|
|
Err("Forbidden".into())
|
|
|
|
|
} else {
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct Query;
|
|
|
|
|
|
|
|
|
|
#[Object]
|
|
|
|
|
impl Query {
|
2021-11-16 02:22:39 +00:00
|
|
|
#[graphql(guard = "EqGuard::new(100, value)")]
|
2021-07-15 00:09:29 +00:00
|
|
|
async fn get(&self, value: i32) -> i32 {
|
|
|
|
|
value
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let schema = Schema::new(Query, EmptyMutation, EmptySubscription);
|
|
|
|
|
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new("{ get(value: 100) }"))
|
|
|
|
|
.await
|
|
|
|
|
.into_result()
|
|
|
|
|
.unwrap()
|
|
|
|
|
.data,
|
|
|
|
|
value!({"get": 100})
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new("{ get(value: 99) }"))
|
|
|
|
|
.await
|
|
|
|
|
.into_result()
|
|
|
|
|
.unwrap_err(),
|
|
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
2021-11-07 11:11:17 +00:00
|
|
|
source: None,
|
2021-07-15 00:09:29 +00:00
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
|
|
|
|
path: vec![PathSegment::Field("get".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
|
|
|
|
);
|
|
|
|
|
}
|
2021-12-26 02:42:36 +00:00
|
|
|
|
2022-03-14 01:19:27 +00:00
|
|
|
#[tokio::test]
|
|
|
|
|
pub async fn test_guard_on_simple_object() {
|
|
|
|
|
#[derive(SimpleObject)]
|
|
|
|
|
#[graphql(guard = "RoleGuard::new(Role::Admin)")]
|
|
|
|
|
struct Query {
|
|
|
|
|
value: i32,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let schema = Schema::new(Query { value: 100 }, EmptyMutation, EmptySubscription);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Admin))
|
|
|
|
|
.await
|
|
|
|
|
.data,
|
|
|
|
|
value!({"value": 100})
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Guest))
|
|
|
|
|
.await
|
|
|
|
|
.into_result()
|
|
|
|
|
.unwrap_err(),
|
|
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
|
|
|
|
source: None,
|
|
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
|
|
|
|
path: vec![PathSegment::Field("value".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[tokio::test]
|
|
|
|
|
pub async fn test_guard_on_simple_object_field() {
|
|
|
|
|
#[derive(SimpleObject)]
|
|
|
|
|
#[graphql]
|
|
|
|
|
struct Query {
|
|
|
|
|
#[graphql(guard = "RoleGuard::new(Role::Admin)")]
|
|
|
|
|
value: i32,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let schema = Schema::new(Query { value: 100 }, EmptyMutation, EmptySubscription);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Admin))
|
|
|
|
|
.await
|
|
|
|
|
.data,
|
|
|
|
|
value!({"value": 100})
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Guest))
|
|
|
|
|
.await
|
|
|
|
|
.into_result()
|
|
|
|
|
.unwrap_err(),
|
|
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
|
|
|
|
source: None,
|
|
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
|
|
|
|
path: vec![PathSegment::Field("value".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[tokio::test]
|
|
|
|
|
pub async fn test_guard_on_object() {
|
|
|
|
|
struct Query;
|
|
|
|
|
|
|
|
|
|
#[Object(guard = "RoleGuard::new(Role::Admin)")]
|
|
|
|
|
impl Query {
|
|
|
|
|
async fn value(&self) -> i32 {
|
|
|
|
|
100
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let schema = Schema::new(Query, EmptyMutation, EmptySubscription);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Admin))
|
|
|
|
|
.await
|
|
|
|
|
.data,
|
|
|
|
|
value!({"value": 100})
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Guest))
|
|
|
|
|
.await
|
|
|
|
|
.into_result()
|
|
|
|
|
.unwrap_err(),
|
|
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
|
|
|
|
source: None,
|
|
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
|
|
|
|
path: vec![PathSegment::Field("value".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[tokio::test]
|
|
|
|
|
pub async fn test_guard_on_object_field() {
|
|
|
|
|
struct Query;
|
|
|
|
|
|
|
|
|
|
#[Object]
|
|
|
|
|
impl Query {
|
|
|
|
|
#[graphql(guard = "RoleGuard::new(Role::Admin)")]
|
|
|
|
|
async fn value(&self) -> i32 {
|
|
|
|
|
100
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let schema = Schema::new(Query, EmptyMutation, EmptySubscription);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Admin))
|
|
|
|
|
.await
|
|
|
|
|
.data,
|
|
|
|
|
value!({"value": 100})
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Guest))
|
|
|
|
|
.await
|
|
|
|
|
.into_result()
|
|
|
|
|
.unwrap_err(),
|
|
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
|
|
|
|
source: None,
|
|
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
|
|
|
|
path: vec![PathSegment::Field("value".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-26 02:42:36 +00:00
|
|
|
#[tokio::test]
|
|
|
|
|
pub async fn test_guard_on_complex_object() {
|
2022-03-14 01:19:27 +00:00
|
|
|
#[derive(SimpleObject)]
|
|
|
|
|
#[graphql(complex)]
|
|
|
|
|
struct Query {
|
|
|
|
|
value1: i32,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[ComplexObject(guard = "RoleGuard::new(Role::Admin)")]
|
|
|
|
|
impl Query {
|
|
|
|
|
async fn value2(&self) -> i32 {
|
|
|
|
|
100
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let schema = Schema::new(Query { value1: 10 }, EmptyMutation, EmptySubscription);
|
|
|
|
|
|
|
|
|
|
let query = "{ value2 }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Admin))
|
|
|
|
|
.await
|
|
|
|
|
.data,
|
|
|
|
|
value!({"value2": 100})
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let query = "{ value2 }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Guest))
|
|
|
|
|
.await
|
|
|
|
|
.into_result()
|
|
|
|
|
.unwrap_err(),
|
|
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
|
|
|
|
source: None,
|
|
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
|
|
|
|
path: vec![PathSegment::Field("value2".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[tokio::test]
|
|
|
|
|
pub async fn test_guard_on_complex_object_field() {
|
2021-12-26 02:42:36 +00:00
|
|
|
#[derive(SimpleObject)]
|
|
|
|
|
#[graphql(complex)]
|
|
|
|
|
struct Query {
|
|
|
|
|
value1: i32,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[ComplexObject]
|
|
|
|
|
impl Query {
|
|
|
|
|
#[graphql(guard = "RoleGuard::new(Role::Admin)")]
|
|
|
|
|
async fn value2(&self) -> i32 {
|
|
|
|
|
100
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let schema = Schema::new(Query { value1: 10 }, EmptyMutation, EmptySubscription);
|
|
|
|
|
|
|
|
|
|
let query = "{ value2 }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Admin))
|
|
|
|
|
.await
|
|
|
|
|
.data,
|
|
|
|
|
value!({"value2": 100})
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let query = "{ value2 }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Guest))
|
|
|
|
|
.await
|
|
|
|
|
.into_result()
|
|
|
|
|
.unwrap_err(),
|
|
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
|
|
|
|
source: None,
|
|
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
|
|
|
|
path: vec![PathSegment::Field("value2".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
|
|
|
|
);
|
|
|
|
|
}
|
2022-06-30 02:50:45 +00:00
|
|
|
|
|
|
|
|
#[tokio::test]
|
|
|
|
|
pub async fn test_guard_with_fn() {
|
|
|
|
|
fn is_admin(ctx: &Context<'_>) -> Result<()> {
|
|
|
|
|
if ctx.data_opt::<Role>() == Some(&Role::Admin) {
|
|
|
|
|
Ok(())
|
|
|
|
|
} else {
|
|
|
|
|
Err("Forbidden".into())
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[derive(SimpleObject)]
|
|
|
|
|
struct Query {
|
|
|
|
|
#[graphql(guard = "is_admin")]
|
|
|
|
|
value: i32,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let schema = Schema::new(Query { value: 10 }, EmptyMutation, EmptySubscription);
|
|
|
|
|
|
|
|
|
|
let query = "{ value }";
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Admin))
|
|
|
|
|
.await
|
|
|
|
|
.data,
|
|
|
|
|
value!({"value": 10})
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
assert_eq!(
|
|
|
|
|
schema
|
|
|
|
|
.execute(Request::new(query).data(Role::Guest))
|
|
|
|
|
.await
|
|
|
|
|
.into_result()
|
|
|
|
|
.unwrap_err(),
|
|
|
|
|
vec![ServerError {
|
|
|
|
|
message: "Forbidden".to_string(),
|
|
|
|
|
source: None,
|
|
|
|
|
locations: vec![Pos { line: 1, column: 3 }],
|
|
|
|
|
path: vec![PathSegment::Field("value".to_owned())],
|
|
|
|
|
extensions: None,
|
|
|
|
|
}]
|
|
|
|
|
);
|
|
|
|
|
}
|
