From 3ca12446d73c1b8c10f73bd9c6f644ce2152f253 Mon Sep 17 00:00:00 2001 From: Kien Dang Date: Fri, 24 Nov 2023 04:30:33 +0800 Subject: [PATCH] Add tests for validation rules --- graphene_django/tests/test_views.py | 63 ++++++++++++++++++++++++ graphene_django/tests/urls_validation.py | 16 ++++++ 2 files changed, 79 insertions(+) create mode 100644 graphene_django/tests/urls_validation.py diff --git a/graphene_django/tests/test_views.py b/graphene_django/tests/test_views.py index d64a4f0..ac4c924 100644 --- a/graphene_django/tests/test_views.py +++ b/graphene_django/tests/test_views.py @@ -827,3 +827,66 @@ def test_query_errors_atomic_request(set_rollback_mock, client): def test_query_errors_non_atomic(set_rollback_mock, client): client.get(url_string(query="force error")) set_rollback_mock.assert_not_called() + + +query_with_two_introspections = """ +query Instrospection { + queryType: __schema { + queryType {name} + } + mutationType: __schema { + mutationType {name} + } +} +""" + +introspection_disallow_error_message = "introspection is disabled" +max_validation_errors_exceeded_message = "too many validation errors" + + +@pytest.mark.urls("graphene_django.tests.urls_validation") +def test_allow_introspection(client): + response = client.post( + url_string("/graphql/", query="{__schema {queryType {name}}}") + ) + assert response.status_code == 200 + + assert response_json(response) == { + "data": {"__schema": {"queryType": {"name": "QueryRoot"}}} + } + + +@pytest.mark.urls("graphene_django.tests.urls_validation") +def test_validation_disallow_introspection(client): + response = client.post( + url_string("/graphql/validation/", query="{__schema {queryType {name}}}") + ) + + assert response.status_code == 400 + assert introspection_disallow_error_message in response.content.decode() + + +@pytest.mark.urls("graphene_django.tests.urls_validation") +@patch("graphene_django.settings.graphene_settings.MAX_VALIDATION_ERRORS", 2) +def test_within_max_validation_errors(client): + response = client.post( + url_string("/graphql/validation/", query=query_with_two_introspections) + ) + + assert response.status_code == 400 + + text_response = response.content.decode().lower() + + assert text_response.count(introspection_disallow_error_message) == 2 + assert max_validation_errors_exceeded_message not in text_response + + +@pytest.mark.urls("graphene_django.tests.urls_validation") +@patch("graphene_django.settings.graphene_settings.MAX_VALIDATION_ERRORS", 1) +def test_exceeds_max_validation_errors(client): + response = client.post( + url_string("/graphql/validation/", query=query_with_two_introspections) + ) + + assert response.status_code == 400 + assert max_validation_errors_exceeded_message in response.content.decode().lower() diff --git a/graphene_django/tests/urls_validation.py b/graphene_django/tests/urls_validation.py new file mode 100644 index 0000000..e8dab36 --- /dev/null +++ b/graphene_django/tests/urls_validation.py @@ -0,0 +1,16 @@ +from django.urls import path + +from graphene.validation import DisableIntrospection + +from ..views import GraphQLView +from .schema_view import schema + + +class View(GraphQLView): + schema = schema + + +urlpatterns = [ + path("graphql/", View.as_view()), + path("graphql/validation/", View.as_view(validation_rules=(DisableIntrospection,))), +]