Add mutationUpdateSalaryTest

kuraun · rstoyanchev · commit a927159410d0 · 2022-11-17T11:53:50.000Z
Fixed the attribute value salary of UpdateSalaryInput of schema.graphqls to the name of SalaryInput object. Also enabled @secured. See gh-367
diff --git a/samples/webmvc-http-security/src/main/java/io/spring/sample/graphql/SalaryInput.java b/samples/webmvc-http-security/src/main/java/io/spring/sample/graphql/SalaryInput.java
@@ -23,6 +23,11 @@ public class SalaryInput {
 
 	private BigDecimal newSalary;
 
+	public SalaryInput(String employeeId, BigDecimal newSalary) {
+		this.employeeId = employeeId;
+		this.newSalary = newSalary;
+	}
+
 	public String getEmployeeId() {
 		return employeeId;
 	}
diff --git a/samples/webmvc-http-security/src/main/java/io/spring/sample/graphql/SecurityConfig.java b/samples/webmvc-http-security/src/main/java/io/spring/sample/graphql/SecurityConfig.java
@@ -14,7 +14,7 @@
 
 @Configuration
 @EnableWebSecurity
-@EnableGlobalMethodSecurity(prePostEnabled = true)
+@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
 public class SecurityConfig {
 
 	@Bean
diff --git a/samples/webmvc-http-security/src/main/resources/graphql/schema.graphqls b/samples/webmvc-http-security/src/main/resources/graphql/schema.graphqls
@@ -14,7 +14,7 @@ type Employee {
 
 input UpdateSalaryInput {
     employeeId: ID!
-    salary: String!
+    newSalary: String!
 }
 type UpdateSalaryPayload {
     success: Boolean!
diff --git a/samples/webmvc-http-security/src/test/java/io/spring/sample/graphql/WebMvcHttpSecuritySampleTests.java b/samples/webmvc-http-security/src/test/java/io/spring/sample/graphql/WebMvcHttpSecuritySampleTests.java
@@ -8,6 +8,8 @@
 import org.springframework.graphql.execution.ErrorType;
 import org.springframework.graphql.test.tester.WebGraphQlTester;
 
+import java.math.BigDecimal;
+
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 
@@ -72,6 +74,21 @@ void canNotQuerySalary() {
 				});
 	}
 
+	@Test
+	void canNotMutationUpdateSalary() {
+		WebGraphQlTester tester = this.graphQlTester.mutate().build();
+		SalaryInput salaryInput = new SalaryInput("1", BigDecimal.valueOf(44));
+
+		tester.documentName("updateSalary")
+				.variable("salaryInput", salaryInput)
+				.execute()
+				.errors()
+				.satisfy(errors -> {
+					assertThat(errors).hasSize(1);
+					assertThat(errors.get(0).getErrorType()).isEqualTo(ErrorType.UNAUTHORIZED);
+				});
+	}
+
 	@Test
 	void canQuerySalaryAsAdmin() {
 
diff --git a/samples/webmvc-http-security/src/test/resources/graphql-test/updateSalary.graphql b/samples/webmvc-http-security/src/test/resources/graphql-test/updateSalary.graphql
@@ -0,0 +1,9 @@
+mutation updateSalary($salaryInput: UpdateSalaryInput!) {
+    updateSalary(input: $salaryInput) {
+        success
+        employee {
+            id
+            name
+        }
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,7 @@ type Employee {`
`14`	`14`
`15`	`15`	`input UpdateSalaryInput {`
`16`	`16`	`employeeId: ID!`
`17`		`- salary: String!`
	`17`	`+ newSalary: String!`
`18`	`18`	`}`
`19`	`19`	`type UpdateSalaryPayload {`
`20`	`20`	`success: Boolean!`