graphql-php/tests/Validator/QuerySecurityTestCase.php

110 lines
2.7 KiB
PHP
Raw Permalink Normal View History

<?php
2018-09-02 14:08:49 +03:00
declare(strict_types=1);
namespace GraphQL\Tests\Validator;
2018-09-02 14:08:49 +03:00
use GraphQL\Error\Error;
use GraphQL\Error\FormattedError;
use GraphQL\Language\Parser;
use GraphQL\Type\Introspection;
use GraphQL\Validator\DocumentValidator;
2018-08-07 01:35:37 +03:00
use GraphQL\Validator\Rules\QuerySecurityRule;
2018-07-29 18:43:10 +03:00
use PHPUnit\Framework\TestCase;
2018-09-02 14:08:49 +03:00
use function array_map;
2018-07-29 18:43:10 +03:00
abstract class QuerySecurityTestCase extends TestCase
{
/**
2018-09-02 14:08:49 +03:00
* @expectedException \InvalidArgumentException
* @expectedExceptionMessage argument must be greater or equal to 0.
*/
2018-09-02 14:08:49 +03:00
public function testMaxQueryDepthMustBeGreaterOrEqualTo0() : void
{
$this->getRule(-1);
}
/**
2018-09-02 14:08:49 +03:00
* @param int $max
*
2018-09-02 14:08:49 +03:00
* @return QuerySecurityRule
*/
2018-09-02 14:08:49 +03:00
abstract protected function getRule($max);
2018-09-02 14:08:49 +03:00
protected function assertIntrospectionQuery($maxExpected)
{
2018-09-02 14:08:49 +03:00
$query = Introspection::getIntrospectionQuery();
$this->assertMaxValue($query, $maxExpected);
}
2018-09-02 14:08:49 +03:00
protected function assertMaxValue($query, $maxExpected)
{
2018-09-02 14:08:49 +03:00
$this->assertDocumentValidator($query, $maxExpected);
$newMax = $maxExpected - 1;
if ($newMax === QuerySecurityRule::DISABLED) {
return;
}
$this->assertDocumentValidator($query, $newMax, [$this->createFormattedError($newMax, $maxExpected)]);
}
2018-09-02 14:08:49 +03:00
/**
* @param string $queryString
* @param int $max
* @param string[][] $expectedErrors
2018-09-26 12:07:23 +03:00
*
2018-09-02 14:08:49 +03:00
* @return Error[]
*/
protected function assertDocumentValidator($queryString, $max, array $expectedErrors = []) : array
{
$errors = DocumentValidator::validate(
QuerySecuritySchema::buildSchema(),
Parser::parse($queryString),
[$this->getRule($max)]
);
2018-09-19 18:12:09 +03:00
self::assertEquals($expectedErrors, array_map([Error::class, 'formatError'], $errors), $queryString);
return $errors;
}
2018-09-02 14:08:49 +03:00
protected function createFormattedError($max, $count, $locations = [])
{
2018-09-02 14:08:49 +03:00
return FormattedError::create($this->getErrorMessage($max, $count), $locations);
}
2018-09-02 14:08:49 +03:00
/**
* @param int $max
* @param int $count
*
* @return string
*/
abstract protected function getErrorMessage($max, $count);
protected function assertIntrospectionTypeMetaFieldQuery($maxExpected)
{
$query = '
{
__type(name: "Human") {
name
}
}
';
$this->assertMaxValue($query, $maxExpected);
}
protected function assertTypeNameMetaFieldQuery($maxExpected)
{
$query = '
{
human {
__typename
firstName
}
}
';
$this->assertMaxValue($query, $maxExpected);
}
}