UNPKG

graphdb-workbench-tests

Version:

Cypress tests for GraphDB workbench

github.com/Ontotext-AD/graphdb-workbench

Ontotext-AD/graphdb-workbench

127 lines (109 loc) 5.05 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
import {UserAndAccessSteps} from "../../../steps/setup/user-and-access-steps"; import {LoginSteps} from "../../../steps/login-steps"; import {GraphqlPlaygroundSteps} from "../../../steps/graphql/graphql-playground-steps"; import {RepositorySteps} from "../../../steps/repository-steps"; describe('GraphQL-only User – Playground Access & Mutation Restriction', () => { let repositoryId; const gqlUsername = `gqluser-${Date.now()}`; const testPassword = 'P@ssw0rd123!'; const readQuery = ` query StarshipById { starship(ID: "https://swapi.co/resource/starship/9") { name } } `; const mutation = ` mutation CreateHuman { create_Human( objects: [ { id: "file:/test/onto/vocabulary/Human1", rdfs_label: "New human with specific iri id" } ] ) { human { id } affected_objects { ids } } } `; beforeEach(() => { repositoryId = `repo-${Date.now()}`; cy.createRepository({ id: repositoryId }); cy.presetRepository(repositoryId); cy.importServerFile(repositoryId, 'swapi-dataset.ttl'); cy.uploadGraphqlSchema(repositoryId, 'graphql/soml/swapi-schema.yaml', 'swapi'); }); afterEach(() => { cy.loginAsAdmin(); cy.switchOffSecurity(true); cy.deleteUser(gqlUsername); cy.deleteRepository(repositoryId); }); it('should see only the assigned repo, block SPARQL, allow GraphQL read and forbid writes, and hide create-repo everywhere', () => { UserAndAccessSteps.visit(); UserAndAccessSteps.clickCreateNewUserButton(); UserAndAccessSteps.typeUsername(gqlUsername); UserAndAccessSteps.typePassword(testPassword); UserAndAccessSteps.typeConfirmPasswordField(testPassword); UserAndAccessSteps.clickReadAccessRepo(repositoryId); UserAndAccessSteps.clickGraphqlAccessRepo(repositoryId); UserAndAccessSteps.confirmUserCreate(); UserAndAccessSteps.toggleSecurity(); // Log in as GraphQL-only user LoginSteps.loginWithUser(gqlUsername, testPassword); // The repository is set RepositorySteps.verifyRepositoryIsSelected(repositoryId); // Verify only the assigned repository appears in endpoints GraphqlPlaygroundSteps.visit(); GraphqlPlaygroundSteps.getView().should('be.visible'); GraphqlPlaygroundSteps.getQueryEditor().should('be.visible'); GraphqlPlaygroundSteps.getSelectedEndpoint().should('have.text', 'swapi'); // And I can execute a query on the countries endpoint GraphqlPlaygroundSteps.setInEditor(readQuery); // And I execute the query GraphqlPlaygroundSteps.executeQuery(); // Then I get expected result GraphqlPlaygroundSteps.getResponse().should('contain', '"name": "Death Star"'); // Execute the create_Human mutation → expect errors GraphqlPlaygroundSteps.setInEditor(mutation); GraphqlPlaygroundSteps.executeQuery(); GraphqlPlaygroundSteps.getResponse().should('contain.text', 'errors'); LoginSteps.logout(); }); it('should allow GraphQL mutation and hide SPARQL/Import/Create-repo menus', () => { UserAndAccessSteps.visit(); UserAndAccessSteps.clickCreateNewUserButton(); UserAndAccessSteps.typeUsername(gqlUsername); UserAndAccessSteps.typePassword(testPassword); UserAndAccessSteps.typeConfirmPasswordField(testPassword); UserAndAccessSteps.clickReadAccessRepo(repositoryId); UserAndAccessSteps.clickWriteAccessRepo(repositoryId); UserAndAccessSteps.clickGraphqlAccessRepo(repositoryId); UserAndAccessSteps.confirmUserCreate(); UserAndAccessSteps.toggleSecurity(); // Log in as the new user LoginSteps.loginWithUser(gqlUsername, testPassword); // The repository is set RepositorySteps.verifyRepositoryIsSelected(repositoryId); // Visit GraphQL Playground GraphqlPlaygroundSteps.visit(); GraphqlPlaygroundSteps.getView().should('be.visible'); GraphqlPlaygroundSteps.getQueryEditor().should('be.visible'); GraphqlPlaygroundSteps.getSelectedEndpoint().should('have.text', 'swapi'); // Execute a read query to verify read access GraphqlPlaygroundSteps.setInEditor(readQuery); GraphqlPlaygroundSteps.executeQuery(); GraphqlPlaygroundSteps.getResponse() .should('contain.text', '"name": "Death Star"'); // Execute the mutation and expect success GraphqlPlaygroundSteps.setInEditor(mutation); GraphqlPlaygroundSteps.executeQuery(); GraphqlPlaygroundSteps.getResponse() .should('contain.text', 'data') .and('contain.text', 'create_Human') .and('contain.text', 'affected_objects'); LoginSteps.logout(); }); });