def test_login_required_decorator_with_valid_token(self):
"""Tests the login required decorator called with valid token"""
type_definitions = ariadne.gql("""
type Query {
test: String!
}
""")
query_type = ariadne.QueryType()
def resolve_test(_, info):
request = info.context
self.assertTrue(hasattr(request, "user"))
self.assertEqual(request.user, self.user)
return "Test!"
resolve_test = Mock(wraps=resolve_test)
decorated_resolve_test = Mock(wraps=login_required(resolve_test))
query_type.set_field("test", decorated_resolve_test)
schema = ariadne.make_executable_schema([type_definitions],
[query_type])
middleware = [JSONWebTokenMiddleware()]
token = JSONWebTokenBackend().create(self.user)
request = HttpRequest()
request.META[HTTP_AUTHORIZATION_HEADER] = f"Token {token}"
settings = {
"AUTHENTICATION_BACKENDS": (
"django_ariadne_jwt.backends.JSONWebTokenBackend",
"django.contrib.auth.backends.ModelBackend",
)
}
with self.settings(**settings):
ariadne.graphql_sync(
schema,
{
"query":
"""
query {
test
}
"""
},
context_value=request,
middleware=middleware,
)
self.assertTrue(resolve_test.called)
def graphql_view(request):
if request.method == "GET":
return HttpResponse(PLAYGROUND_HTML)
if request.method != "POST":
return HttpResponseBadRequest()
if request.content_type != "application/json":
return HttpResponseBadRequest()
try:
data = json.loads(request.body)
except ValueError:
return HttpResponseBadRequest()
# Execute the query
success, result = graphql_sync(
schema,
data,
context_value=request, # expose request as info.context
debug=settings.DEBUG,
)
status_code = 200 if success else 400
# Send response to client
return JsonResponse(result, status=status_code)
def graphql_server():
# GraphQL queries are always sent as POST
data = request.get_json()
print(data)
# Note: Passing the request to the context is optional.
# In Flask, the current request is always accessible as flask.request
# if the cookie contains "access_token_cookie" and "refresh_token_cookie"
# set those tokens to tokens global variable
# this way we can make sure every has token
if request.cookies:
set_tokens(request.cookies)
try:
success, result = graphql_sync(
schema,
data,
context_value=request,
debug=app.debug
)
except Exception as e:
return {
"message": "Something went wrong."
}, 500
tokens = get_tokens()
result = jsonify(result)
if tokens:
set_access_cookies(result, tokens["access_token_cookie"])
set_refresh_cookies(result, tokens["refresh_token_cookie"])
else:
unset_access_cookies(result)
unset_refresh_cookies(result)
status_code = 200 if success else 400
return result, status_code
def test_set_alert(self):
"""Check for set_alert mutation."""
query = '''
mutation {
setAlert(company: "fluid", message: "Test", projectName: "unittest") {
success
}
}
'''
data = {'query': query}
request = RequestFactory().get('/')
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
request.session['username'] = '******'
request.session['company'] = 'unittest'
request.session['role'] = 'admin'
request.COOKIES[settings.JWT_COOKIE_NAME] = jwt.encode(
{
'user_email': 'unittest',
'user_role': 'admin',
'company': 'unittest'
},
algorithm='HS512',
key=settings.JWT_SECRET,
)
_, result = graphql_sync(SCHEMA, data, context_value=request)
assert 'errors' not in result
assert 'success' in result['data']['setAlert']
def test_add_user(self):
"""Check for addUser mutation."""
query = '''
mutation {
addUser(email: "*****@*****.**",
organization: "CustomerInc",
role: "customer",
phoneNumber: "3331112233") {
success
email
}
}
'''
data = {'query': query}
request = RequestFactory().get('/')
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
request.session['username'] = '******'
request.session['company'] = 'unittest'
request.session['role'] = 'admin'
request.COOKIES[settings.JWT_COOKIE_NAME] = jwt.encode(
{
'user_email': 'unittest',
'user_role': 'admin',
'company': 'unittest'
},
algorithm='HS512',
key=settings.JWT_SECRET,
)
_, result = graphql_sync(SCHEMA, data, context_value=request)
assert 'errors' not in result
assert 'addUser' in result['data']
assert 'success' in result['data']['addUser']
assert 'email' in result['data']['addUser']
def test_update_event(self):
"""Check for updateEvent mutation."""
query = '''
mutation {
updateEvent(eventId: "538745942") {
success
}
}
'''
data = {'query': query}
request = RequestFactory().get('/')
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
request.session['username'] = '******'
request.session['company'] = 'unittest'
request.session['role'] = 'admin'
request.COOKIES[settings.JWT_COOKIE_NAME] = jwt.encode(
{
'user_email': 'unittest',
'user_role': 'admin',
'company': 'unittest'
},
algorithm='HS512',
key=settings.JWT_SECRET,
)
_, result = graphql_sync(SCHEMA, data, context_value=request)
assert 'errors' not in result
assert 'success' in result['data']['updateEvent']
def graphql_server():
data = request.get_json()
success, result = graphql_sync(
schema, data, context_value=request, debug=app.debug
)
status_code = 200 if success else 400
return jsonify(result), status_code
def test_accept_legal(self):
"""Check acceptLegal query"""
query = '''
mutation {
acceptLegal(remember: true) {
success
}
}
'''
data = {'query': query}
request = RequestFactory().get('/')
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
request.session['username'] = '******'
request.session['company'] = 'unittest'
request.session['role'] = 'admin'
request.COOKIES[settings.JWT_COOKIE_NAME] = jwt.encode(
{
'user_email': 'unittest',
'user_role': 'admin',
'company': 'unittest'
},
algorithm='HS512',
key=settings.JWT_SECRET,
)
_, result = graphql_sync(SCHEMA, data, context_value=request)
assert 'acceptLegal' in result['data']
assert 'success' in result['data']['acceptLegal']
def test_sign_in(self):
"""Check for signIn mutation."""
query = '''
mutation {
signIn(
authToken: "badtoken",
provider: "google",
pushToken: "badpushtoken"
) {
authorized
sessionJwt
success
}
}
'''
data = {'query': query}
request = RequestFactory().get('/')
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
request.session['username'] = '******'
request.session['company'] = 'unittest'
request.session['role'] = 'admin'
request.COOKIES[settings.JWT_COOKIE_NAME] = jwt.encode(
{
'user_email': 'unittest',
'user_role': 'admin',
'company': 'unittest'
},
algorithm='HS512',
key=settings.JWT_SECRET,
)
_, result = graphql_sync(SCHEMA, data, context_value=request)
assert 'errors' in result
assert result['errors'][0]['message'] == 'INVALID_AUTH_TOKEN'
def graphql_server():
data = json.loads(request.get_data())
success, result = graphql_sync(schema, data, context_value=request)
status_code = 200 if success else 400
return jsonify(result), status_code
def test_download_event_file(self):
"""Check for downloadEventFile mutation."""
query = '''
mutation {
downloadEventFile(eventId: "484763304",
fileName: "1mvStFSToOL3bl47zaVZHBpRMZUUhU0Ad") {
success
url
}
}
'''
data = {'query': query}
request = RequestFactory().get('/')
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
request.session['username'] = '******'
request.session['company'] = 'unittest'
request.session['role'] = 'admin'
request.COOKIES[settings.JWT_COOKIE_NAME] = jwt.encode(
{
'user_email': 'unittest',
'user_role': 'admin',
'company': 'unittest'
},
algorithm='HS512',
key=settings.JWT_SECRET,
)
_, result = graphql_sync(SCHEMA, data, context_value=request)
assert 'errors' not in result
assert 'success' in result['data']['downloadEventFile']
assert 'url' in result['data']['downloadEventFile']
def test_event(self):
"""Check for event."""
query = '''{
event(identifier: "418900971"){
projectName
detail
}
}'''
data = {'query': query}
request = RequestFactory().get('/')
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
request.session['username'] = '******'
request.session['company'] = 'unittest'
request.session['role'] = 'admin'
request.COOKIES[settings.JWT_COOKIE_NAME] = jwt.encode(
{
'user_email': 'unittest',
'user_role': 'admin',
'company': 'unittest'
},
algorithm='HS512',
key=settings.JWT_SECRET,
)
_, result = graphql_sync(SCHEMA, data, context_value=request)
assert 'event' in result['data']
assert result['data']['event']['projectName'] == 'unittesting'
assert result['data']['event']['detail'] == 'Integrates unit test'
def test_graphql_sync_prevents_introspection_query_when_option_is_disabled(
schema):
success, result = graphql_sync(
schema, {"query": "{ __schema { types { name } } }"},
introspection=False)
assert not success
assert (result["errors"][0]["message"] ==
"Cannot query '__schema': introspection is disabled.")
def test_buildingById_deep():
data = {"query": DEEP_BUILDING_QUERY}
success, result = graphql_sync(schema, data)
assert success == True
assert result["data"]["buildingById"]["name"] == "Barfy Gardens"
assert result["data"]["buildingById"]["residents"][0]["name"] == "Dino"
assert (result["data"]["buildingById"]["residents"][0]["building"]["name"]
== "Barfy Gardens")
def graphql_server():
success, result = graphql_sync(
schema=make_executable_schema(type_defs, query, mutation),
data=request.get_json(),
context_value=session,
)
status_code = 200 if success else 400
return jsonify(result), status_code
def graphql_server():
data = request.get_json()
success, result = graphql_sync(
schema,
data,
context_value=request,
debug=app.debug
)
return jsonify(result)
def graphql_playground():
data = request.args.get("query")
if data:
success, result = ariadne.graphql_sync(schema, {"query": data},
context_value=request,
debug=app.debug)
status_code = 200 if success else 400
return jsonify(result), status_code
return ariadne.constants.PLAYGROUND_HTML, 200
def graphql_server():
''' All graphql requests are always sent as post request '''
data = request.get_json()
success, result = graphql_sync(schema,
data,
context_value=request,
debug=app.debug)
status_code = 200 if success else 400
return jsonify(result), status_code
def query_api_server():
success, result = graphql_sync(
query_api_schema,
data=request.get_json(),
context_value=request,
introspection=os.getenv("FLASK_ENV") == "development",
error_formatter=format_database_errors,
)
status_code = 200 if success else 400
return jsonify(result), status_code
def graphql_playground():
"""Serve GraphQL playground"""
if 'query' in request.args:
# serve query
success, result = graphql_sync(schema,
{"query": request.args['query']})
status_code = 200 if success else 400
return jsonify(result), status_code
else:
# only serve playground if no query argument is given ...
return PLAYGROUND_HTML, 200
def graphql_server():
data = request.get_json()
success, result = graphql_sync(
schema,
data,
#pass the json into graphql sync along with schema
context_value=request,
# we do this just in case we want to make use of something outside of the query, within a resolver
debug=app.debug)
status_code = 200 if success else 400
return jsonify(result), status_code
def test_simple(schema):
with open(__file__) as f:
pysource = f.read()
success, result = graphql_sync(
schema, {
"query":
"""{
pythonToJupyter(source:""" + json.dumps(pysource) + """)
}""",
})
assert success
assert "errors" not in result
print(result['data'])
def graphql_server():
# GraphQL queries are always sent as POST
data = request.get_json()
# Note: Passing the request to the context is optional.
# In Flask, the current request is always accessible as flask.request
success, result = graphql_sync(schema,
data,
context_value=request,
debug=app.debug)
status_code = 200 if success else 400
return jsonify(result), status_code
def graphql_server():
data = request.get_json()
success, result = graphql_sync(
schema,
data,
debug=app.debug,
context_value=None,
error_formatter=error_formatter,
extensions=extensions,
)
status_code = 200 if success else 400
return jsonify(result), status_code
def run():
data = {
"teams": [
{
"name":
"x",
"members": [
{
"age": 10,
"name": "a"
},
{
"age": 10,
"name": "b"
},
{
"age": 10,
"name": "z"
},
],
},
{
"name":
"y",
"members": [
{
"age": 10,
"name": "i"
},
{
"age": 10,
"name": "j"
},
{
"age": 10,
"name": "k"
},
],
},
]
}
q = """\
{
teams { __typename, name, members(name: "i") { __typename, name }}
}
"""
ok, result = graphql_sync(schema, {"query": q}, root_value=data)
loading.dumpfile(result)
def graphql_server():
# Get the JSON request submitted via POST
data = request.get_json()
# Pass request data along with schema and
# original request to graphql_sync to work out
# which resolver function to call
success, result = graphql_sync(schema,
data,
context_value=request,
debug=app.debug)
# If all ok return result and status code
status_code = 200 if success else 400
return jsonify(result), status_code
def graphql_server():
data = request.get_json()
print("Host Name ", request.headers, file=sys.stdout)
print("Host Content Length ", request.content_length, file=sys.stdout)
print("POST ", data, file=sys.stdout)
success, result = graphql_sync(
schema,
data,
context_value=request,
debug=app.debug
)
status_code = 200 if success else 400
print("RESULT ", jsonify(result), file=sys.stdout, flush=True)
return jsonify(result), status_code
def graphql_server():
# Note: Passing the request to the context is optional.
# In Flask, the current request is always accessible as flask.request
debug_graphql = bool(os.getenv("DEBUG_GRAPHQL", False))
success, result = graphql_sync(
full_api_schema,
data=request.get_json(),
context_value=request,
debug=debug_graphql,
introspection=os.getenv("FLASK_ENV") == "development",
error_formatter=format_database_errors,
)
status_code = 200 if success else 400
return jsonify(result), status_code
def test_grant_user_access(self):
"""Check for grantUserAccess mutation."""
query = '''
mutation {
grantUserAccess (
email: "*****@*****.**",
organization: "test",
phoneNumber: "3453453453"
projectName: "unittesting",
responsibility: "test",
role: "customer") {
success
grantedUser {
email
role
responsibility
phoneNumber
organization
firstLogin
lastLogin
}
}
}
'''
data = {'query': query}
request = RequestFactory().get('/')
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
request.session['username'] = '******'
request.session['company'] = 'unittest'
request.session['role'] = 'admin'
request.COOKIES[settings.JWT_COOKIE_NAME] = jwt.encode(
{
'username': '******',
'company': 'unittest',
'user_role': 'admin',
'user_email': 'unittest'
},
algorithm='HS512',
key=settings.JWT_SECRET,
)
_, result = graphql_sync(SCHEMA, data, context_value=request)
assert 'errors' not in result
assert 'success' in result['data']['grantUserAccess']
assert 'grantedUser' in result['data']['grantUserAccess']
assert 'email' in result['data']['grantUserAccess']['grantedUser']
def graphql_server():
data = flask.request.get_json()
success, result = ariadne.graphql_sync(
schema,
data,
context_value=flask.request,
debug=app.debug,
# mimetype="text/event-stream"
)
status_code = 200 if success else 400
r = flask.make_response(result, status_code)
# r.mimetype = "text/html"
r.mimetype = "text/event-stream"
# r.minetype = "application/json"
return r
def graphql_view(request):
if request.method == "GET":
return render(request, "misago/admin/graphql_playground.html")
if request.method != "POST":
return HttpResponseBadRequest()
if request.content_type != "application/json":
return HttpResponseBadRequest()
try:
data = json.loads(request.body)
except ValueError:
return HttpResponseBadRequest()
success, result = graphql_sync(
schema, data, context_value=request, debug=settings.DEBUG
)
status_code = 200 if success else 400
return JsonResponse(result, status=status_code)
