Elgato_dark/console
1
0
Fork 0
mirror of https://github.com/graphql-hive/console synced 2026-04-21 14:37:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Use named arguments in createToken (seed) (#918)

Browse source
This commit is contained in:
Kamil Kisiela 2022-12-28 13:35:44 +01:00 committed by GitHub
parent 9a4a69bb83
commit d185e4f24e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 343 additions and 269 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
integration-tests/testkit/seed.ts
View file

@ -122,16 +122,19 @@ export function initSeed() {
.then(r => r.expectNoGraphQLErrors())
.then(r => r.deleteTokens.deletedTokens);
},
async createToken(
targetScopes: TargetAccessScope[] = [
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
],
projectScopes: ProjectAccessScope[] = [],
organizationScopes: OrganizationAccessScope[] = [],
async createToken({
targetScopes = [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes = [],
organizationScopes = [],
targetId = target.cleanId,
actorToken = ownerToken,
) {
}: {
targetScopes?: TargetAccessScope[];
projectScopes?: ProjectAccessScope[];
organizationScopes?: OrganizationAccessScope[];
targetId?: string;
actorToken?: string;
}) {
const tokenResult = await createToken(
{
name: generateUnique(),

24
integration-tests/tests/api/artifacts-cdn.spec.ts
View file

@ -121,11 +121,9 @@ function runArtifactsCDNTests(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken, target } = await createProject(ProjectType.Single);
const writeToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const writeToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
});
// Publish Schema
const publishSchemaResult = await writeToken
@ -167,11 +165,9 @@ function runArtifactsCDNTests(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken, target } = await createProject(ProjectType.Single);
const writeToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const writeToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
});
// Publish Schema
const publishSchemaResult = await writeToken
@ -226,11 +222,9 @@ function runArtifactsCDNTests(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken, target } = await createProject(ProjectType.Single);
const writeToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const writeToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
});
// Publish Schema

2
integration-tests/tests/api/legacy-auth.spec.ts
View file

@ -11,7 +11,7 @@ test.concurrent(
const { inviteAndJoinMember, createProject } = await createOrg();
await inviteAndJoinMember();
const { createToken } = await createProject(ProjectType.Single);
const { publishSchema, collectOperations, readOperationsStats } = await createToken();
const { publishSchema, collectOperations, readOperationsStats } = await createToken({});
const result = await publishSchema({
sdl: `type Query { ping: String }`,

10
integration-tests/tests/api/organization/get-started.spec.ts
View file

@ -38,16 +38,16 @@ test.concurrent('completing each step should result in updated Get Started progr
}
const { publishSchema, checkSchema, collectOperations, toggleTargetValidation } =
await createToken(
[
await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
TargetAccessScope.Settings,
],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
// Step: publish schema
await publishSchema({ sdl: 'type Query { foo: String }' }).then(r => r.expectNoGraphQLErrors());

42
integration-tests/tests/api/persisted-operations/publish.spec.ts
View file

@ -9,19 +9,26 @@ test.concurrent(
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
// Create a token with no rights
const { secret: noAccessToken } = await createToken([], [], []);
const { secret: noAccessToken } = await createToken({
targetScopes: [],
projectScopes: [],
organizationScopes: [],
});
// Create a token with read rights
const { secret: readToken } = await createToken(
[],
[ProjectAccessScope.OperationsStoreRead],
[],
);
const { secret: readToken } = await createToken({
targetScopes: [],
projectScopes: [ProjectAccessScope.OperationsStoreRead],
organizationScopes: [],
});
// Create a token with write rights
const { secret: writeToken } = await createToken(
[],
[ProjectAccessScope.OperationsStoreRead, ProjectAccessScope.OperationsStoreWrite],
[],
);
const { secret: writeToken } = await createToken({
targetScopes: [],
projectScopes: [
ProjectAccessScope.OperationsStoreRead,
ProjectAccessScope.OperationsStoreWrite,
],
organizationScopes: [],
});
const operations = [
{
@ -68,11 +75,14 @@ test.concurrent('should skip on already persisted operations', async () => {
const { createToken } = await createProject(ProjectType.Single);
// Create a token with write rights
const { secret: writeToken } = await createToken(
[],
[ProjectAccessScope.OperationsStoreRead, ProjectAccessScope.OperationsStoreWrite],
[],
);
const { secret: writeToken } = await createToken({
targetScopes: [],
projectScopes: [
ProjectAccessScope.OperationsStoreRead,
ProjectAccessScope.OperationsStoreWrite,
],
organizationScopes: [],
});
const operations = [
{

14
integration-tests/tests/api/rate-limit/emails.spec.ts
View file

@ -32,11 +32,15 @@ test.only('rate limit approaching and reached for organization', async () => {
ownerToken,
);
const { collectOperations } = await createToken(
[TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
const { collectOperations } = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
],
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
const op = {
operation: 'query ping { ping }',

35
integration-tests/tests/api/schema/check.spec.ts
View file

@ -7,10 +7,9 @@ test.concurrent('can check a schema with target:registry:read access', async ()
const { createToken } = await createProject(ProjectType.Single);
// Create a token with write rights
const writeToken = await createToken([
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
]);
const writeToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
});
// Publish schema with write rights
const publishResult = await writeToken
@ -26,10 +25,18 @@ test.concurrent('can check a schema with target:registry:read access', async ()
expect(publishResult.schemaPublish.__typename).toBe('SchemaPublishSuccess');
// Create a token with no rights
const noAccessToken = await createToken([], [], []);
const noAccessToken = await createToken({
targetScopes: [],
projectScopes: [],
organizationScopes: [],
});
// Create a token with read rights
const readToken = await createToken([TargetAccessScope.RegistryRead], [], []);
const readToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead],
projectScopes: [],
organizationScopes: [],
});
// Check schema with no read and write rights
const checkResultErrors = await noAccessToken
@ -65,11 +72,11 @@ test.concurrent('should match indentation of previous description', async () =>
const { createToken } = await createProject(ProjectType.Single);
// Create a token with write rights
const writeToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const writeToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
// Publish schema with write rights
const publishResult = await writeToken
@ -89,7 +96,11 @@ test.concurrent('should match indentation of previous description', async () =>
expect(publishResult.schemaPublish.__typename).toBe('SchemaPublishSuccess');
// Create a token with read rights
const readToken = await createToken([TargetAccessScope.RegistryRead], [], []);
const readToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead],
projectScopes: [],
organizationScopes: [],
});
// Check schema with read rights
const checkResult = await readToken

10
integration-tests/tests/api/schema/composition-federation-2.spec.ts
View file

@ -13,11 +13,11 @@ test.concurrent('call an external service to compose and validate services', asy
const { createToken, project } = await createProject(ProjectType.Federation);
// Create a token with write rights
const writeToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Settings, ProjectAccessScope.Read],
[],
);
const writeToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [ProjectAccessScope.Settings, ProjectAccessScope.Read],
organizationScopes: [],
});
const usersServiceName = generateUnique();
const publishUsersResult = await writeToken
.publishSchema({

10
integration-tests/tests/api/schema/external-composition.spec.ts
View file

@ -10,11 +10,11 @@ test.concurrent('call an external service to compose and validate services', asy
const { createToken, project } = await createProject(ProjectType.Federation);
// Create a token with write rights
const writeToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Settings, ProjectAccessScope.Read],
[],
);
const writeToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [ProjectAccessScope.Settings, ProjectAccessScope.Read],
organizationScopes: [],
});
const usersServiceName = generateUnique();
const publishUsersResult = await writeToken

218
integration-tests/tests/api/schema/publish.spec.ts
View file

@ -8,7 +8,11 @@ test.concurrent('cannot publish a schema without target:registry:write access',
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Federation);
const readToken = await createToken([TargetAccessScope.RegistryRead], [], []);
const readToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead],
projectScopes: [],
organizationScopes: [],
});
const resultErrors = await readToken
.publishSchema({
@ -28,11 +32,11 @@ test.concurrent('can publish a schema with target:registry:write access', async
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
const result1 = await readWriteToken
.publishSchema({
@ -67,11 +71,11 @@ test.concurrent('base schema should not affect the output schema persisted in db
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
// Publish schema with write rights
const publishResult = await readWriteToken
@ -115,11 +119,11 @@ test.concurrent('directives should not be removed (federation)', async () => {
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Federation);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
// Publish schema with write rights
const publishResult = await readWriteToken
@ -150,11 +154,11 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Federation);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
const basePublishParams = {
service: 'test',
@ -205,11 +209,11 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Federation);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
const basePublishParams = {
service: 'test',
@ -254,11 +258,11 @@ test.concurrent('directives should not be removed (stitching)', async () => {
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Stitching);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
// Publish schema with write rights
const publishResult = await readWriteToken
@ -289,11 +293,11 @@ test.concurrent('directives should not be removed (single)', async () => {
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
// Publish schema with write rights
const publishResult = await readWriteToken
.publishSchema({
@ -323,11 +327,11 @@ test.concurrent('share publication of schema using redis', async () => {
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
// Publish schema with write rights
const publishResult = await readWriteToken
@ -365,11 +369,11 @@ test("Two targets with the same commit id shouldn't return an error", async () =
const { createOrg, ownerToken } = await initSeed().createOwner();
const { organization, createProject } = await createOrg();
const { project, createToken } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
const publishResult = await readWriteToken
.publishSchema({
@ -387,12 +391,12 @@ test("Two targets with the same commit id shouldn't return an error", async () =
ownerToken,
).then(r => r.expectNoGraphQLErrors());
const target2 = createTargetResult.createTarget.ok!.createdTarget;
const writeTokenResult2 = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
target2.cleanId,
);
const writeTokenResult2 = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
targetId: target2.cleanId,
});
const publishResult2 = await writeTokenResult2
.publishSchema({
author: 'gilad',
@ -410,11 +414,11 @@ test.concurrent('marking versions as valid', async () => {
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
// Initial schema
let result = await readWriteToken
@ -485,11 +489,11 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
// Initial schema
let result = await readWriteToken
@ -564,11 +568,11 @@ test.concurrent('CDN data can not be fetched with an invalid access token', asyn
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
// Initial schema
const result = await readWriteToken
@ -597,11 +601,11 @@ test.concurrent('CDN data can be fetched with an valid access token', async () =
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
// Initial schema
const result = await readWriteToken
@ -632,11 +636,11 @@ test.concurrent('linkToWebsite should be available when publishing initial schem
const { createOrg } = await initSeed().createOwner();
const { createProject, organization } = await createOrg();
const { project, target, createToken } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
const result = await readWriteToken
.publishSchema({
@ -664,11 +668,11 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject, organization } = await createOrg();
const { createToken, project, target } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
let result = await readWriteToken
.publishSchema({
@ -732,11 +736,11 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Stitching);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
// cats service has only one field
let result = await readWriteToken
@ -800,11 +804,11 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Federation);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
const basePublishParams = {
service: 'test',
@ -847,11 +851,11 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Federation);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
await readWriteToken.publishSchema({
service: 'reviews',
@ -948,11 +952,11 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Federation);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
await readWriteToken.publishSchema({
service: 'products',
@ -1004,11 +1008,11 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
const commits = ['a1', 'a2', 'a3', 'a4', 'a5', 'a6'];
const publishes = await Promise.all(

10
integration-tests/tests/api/schema/sync.spec.ts
View file

@ -7,11 +7,11 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const readWriteToken = await createToken(
[TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[],
[],
);
const readWriteToken = await createToken({
targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
});
// Initial schema
const publishResult = await readWriteToken

20
integration-tests/tests/api/target/tokens.spec.ts
View file

@ -9,7 +9,11 @@ test.concurrent(
const { createToken } = await createProject(ProjectType.Single);
// member should not have access to target:registry:write
const token = await createToken([], [], []);
const token = await createToken({
targetScopes: [],
projectScopes: [],
organizationScopes: [],
});
const tokenInfo = await token.fetchTokenInfo();
if (tokenInfo.__typename === 'TokenNotFoundError') {
throw new Error('Token not found');
@ -58,13 +62,13 @@ test.concurrent('cannot set a scope on a token if user has no access to that sco
);
// member should not have access to target:registry:write
const tokenResult = createToken(
[TargetAccessScope.RegistryWrite],
[],
[],
target.cleanId,
memberToken,
);
const tokenResult = createToken({
targetScopes: [TargetAccessScope.RegistryWrite],
projectScopes: [],
organizationScopes: [],
targetId: target.cleanId,
actorToken: memberToken,
});
await expect(tokenResult).rejects.toThrowError('target:registry:write');
});

174
integration-tests/tests/api/target/usage.spec.ts
View file

@ -11,7 +11,7 @@ import { CollectedOperation } from '../../../testkit/usage';
import { clickHouseQuery } from '../../../testkit/clickhouse';
// eslint-disable-next-line hive/enforce-deps-in-dev
import { normalizeOperation } from '@graphql-hive/core';
// eslint-disable-next-line import/no-extraneous-dependencies
import { parse, print } from 'graphql';
import { initSeed } from '../../../testkit/seed';
@ -38,17 +38,21 @@ test.concurrent('collect operation', async () => {
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const settingsToken = await createToken(
[TargetAccessScope.Read, TargetAccessScope.Settings],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
const settingsToken = await createToken({
targetScopes: [TargetAccessScope.Read, TargetAccessScope.Settings],
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
const writeToken = await createToken(
[TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
const writeToken = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
],
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
const schemaPublishResult = await writeToken
.publishSchema({
@ -120,11 +124,15 @@ test.concurrent('normalize and collect operation without breaking its syntax', a
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const writeToken = await createToken(
[TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
const writeToken = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
],
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
const raw_document = `
query outfit {
@ -233,11 +241,15 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { createToken } = await createProject(ProjectType.Single);
const writeToken = await createToken(
[TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
const writeToken = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
],
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
const batchSize = 1000;
const totalAmount = 10_000;
@ -298,23 +310,27 @@ test.concurrent('check usage from two selected targets', async () => {
expect(productionTargetResult.createTarget.error).toBeNull();
const productionTarget = productionTargetResult.createTarget.ok!.createdTarget;
const stagingToken = await createToken(
[
const stagingToken = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
TargetAccessScope.Settings,
],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read, OrganizationAccessScope.Settings],
);
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read, OrganizationAccessScope.Settings],
});
const productionToken = await createToken(
[TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
productionTarget.cleanId,
);
const productionToken = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
],
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
targetId: productionTarget.cleanId,
});
const schemaPublishResult = await stagingToken
.publishSchema({
@ -426,16 +442,16 @@ test.concurrent('check usage not from excluded client names', async () => {
const { organization, createProject } = await createOrg();
const { project, target, createToken } = await createProject(ProjectType.Single);
const token = await createToken(
[
const token = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
TargetAccessScope.Settings,
],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
const schemaPublishResult = await token
.publishSchema({
@ -560,11 +576,15 @@ test.concurrent('number of produced and collected operations should match', asyn
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { target, createToken } = await createProject(ProjectType.Single);
const writeToken = await createToken(
[TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
const writeToken = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
],
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
const batchSize = 1000;
const totalAmount = 10_000;
@ -647,11 +667,15 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { target, createToken } = await createProject(ProjectType.Single);
const writeToken = await createToken(
[TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
const writeToken = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
],
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
await writeToken.collectOperations([
{
@ -712,11 +736,15 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { target, createToken } = await createProject(ProjectType.Single);
const writeToken = await createToken(
[TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
const writeToken = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
],
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
await writeToken.collectOperations([
{
@ -785,11 +813,15 @@ test.concurrent(
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { target, createToken } = await createProject(ProjectType.Single);
const writeToken = await createToken(
[TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
const writeToken = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
],
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
await writeToken.collectOperations([
{
@ -848,11 +880,15 @@ test.concurrent('ignore operations with syntax errors', async () => {
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { target, createToken } = await createProject(ProjectType.Single);
const writeToken = await createToken(
[TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
const writeToken = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
],
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
const collectResult = await writeToken.collectOperations([
{
@ -918,11 +954,15 @@ test.concurrent('ensure correct data', async () => {
const { createOrg } = await initSeed().createOwner();
const { createProject } = await createOrg();
const { target, createToken } = await createProject(ProjectType.Single);
const writeToken = await createToken(
[TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite],
[ProjectAccessScope.Read],
[OrganizationAccessScope.Read],
);
const writeToken = await createToken({
targetScopes: [
TargetAccessScope.Read,
TargetAccessScope.RegistryRead,
TargetAccessScope.RegistryWrite,
],
projectScopes: [ProjectAccessScope.Read],
organizationScopes: [OrganizationAccessScope.Read],
});
await writeToken.collectOperations([
{

6
integration-tests/tests/api/tokens.spec.ts
View file

@ -6,7 +6,11 @@ test.concurrent('deleting a token should clear the cache', async () => {
const { inviteAndJoinMember, createProject } = await createOrg();
await inviteAndJoinMember();
const { createToken, removeTokens } = await createProject(ProjectType.Single);
const { secret, token: createdToken, fetchTokenInfo } = await createToken([], [], []);
const {
secret,
token: createdToken,
fetchTokenInfo,
} = await createToken({ targetScopes: [], projectScopes: [], organizationScopes: [] });
expect(secret).toBeDefined();

18
integration-tests/tests/cli/schema.spec.ts
View file

@ -9,7 +9,7 @@ test.concurrent('can publish and check a schema with target:registry:read access
const { inviteAndJoinMember, createProject } = await createOrg();
await inviteAndJoinMember();
const { createToken } = await createProject(ProjectType.Single);
const { secret } = await createToken();
const { secret } = await createToken({});
await schemaPublish([
'--token',
@ -33,7 +33,7 @@ test.concurrent('publishing a breaking change results in invalid state', async (
const { inviteAndJoinMember, createProject } = await createOrg();
await inviteAndJoinMember();
const { createToken } = await createProject(ProjectType.Single);
const { secret } = await createToken();
const { secret } = await createToken({});
await schemaPublish([
'--token',
@ -57,7 +57,7 @@ test.concurrent(
const { inviteAndJoinMember, createProject } = await createOrg();
await inviteAndJoinMember();
const { createToken } = await createProject(ProjectType.Single);
const { secret } = await createToken();
const { secret } = await createToken({});
const allocatedError = new Error('Should have thrown.');
try {
@ -86,7 +86,7 @@ test.concurrent('service url should be available in supergraph', async () => {
const { inviteAndJoinMember, createProject } = await createOrg();
await inviteAndJoinMember();
const { createToken } = await createProject(ProjectType.Federation);
const { secret, fetchSupergraph } = await createToken();
const { secret, fetchSupergraph } = await createToken({});
await schemaPublish([
'--token',
@ -111,7 +111,7 @@ test.concurrent('service url should be required in Federation', async () => {
const { inviteAndJoinMember, createProject } = await createOrg();
await inviteAndJoinMember();
const { createToken } = await createProject(ProjectType.Federation);
const { secret } = await createToken();
const { secret } = await createToken({});
await expect(
schemaPublish([
@ -133,7 +133,7 @@ test.concurrent('schema:publish should print a link to the website', async () =>
const { organization, inviteAndJoinMember, createProject } = await createOrg();
await inviteAndJoinMember();
const { project, target, createToken } = await createProject(ProjectType.Single);
const { secret } = await createToken();
const { secret } = await createToken({});
await expect(schemaPublish(['--token', secret, 'fixtures/init-schema.graphql'])).resolves.toMatch(
`Available at ${process.env.HIVE_APP_BASE_URL}/${organization.cleanId}/${project.cleanId}/${target.cleanId}`,
@ -151,7 +151,7 @@ test.concurrent('schema:check should notify user when registry is empty', async
const { inviteAndJoinMember, createProject } = await createOrg();
await inviteAndJoinMember();
const { createToken } = await createProject(ProjectType.Single);
const { secret } = await createToken();
const { secret } = await createToken({});
await expect(schemaCheck(['--token', secret, 'fixtures/init-schema.graphql'])).resolves.toMatch(
'empty',
@ -163,7 +163,7 @@ test.concurrent('schema:check should throw on corrupted schema', async () => {
const { inviteAndJoinMember, createProject } = await createOrg();
await inviteAndJoinMember();
const { createToken } = await createProject(ProjectType.Single);
const { secret } = await createToken();
const { secret } = await createToken({});
const output = schemaCheck(['--token', secret, 'fixtures/missing-type.graphql']);
await expect(output).rejects.toThrowError('Unknown type');
@ -183,7 +183,7 @@ test.concurrent(
const { organization, inviteAndJoinMember, createProject } = await createOrg();
await inviteAndJoinMember();
const { project, target, createToken } = await createProject(ProjectType.Single);
const { secret } = await createToken();
const { secret } = await createToken({});
await expect(
schemaPublish(['--token', secret, 'fixtures/init-schema.graphql']),