Skip to content

Commit

Permalink
Add GraphQL field to return all workspaces for admins (#1974)
Browse files Browse the repository at this point in the history
* Add GraphQL field to return all workspaces for admins

Admin users should be able to view all workspaces. This change adds
an `accessible_teams` fields to UserType. This field will return
all workspaces for admin users, and assigned teams for normal users.
  • Loading branch information
jayjay-w authored Jul 30, 2024
1 parent e949d5e commit 7d16469
Show file tree
Hide file tree
Showing 4 changed files with 127 additions and 0 deletions.
5 changes: 5 additions & 0 deletions app/graph/types/user_type.rb
Original file line number Diff line number Diff line change
Expand Up @@ -17,4 +17,9 @@ class UserType < DefaultObject
def source
Source.find(object.source_id)
end

field :accessible_teams, PublicTeamType.connection_type, null: true
def accessible_teams
User.current.is_admin? ? Team.all : User.current.teams
end
end
21 changes: 21 additions & 0 deletions lib/relay.idl
Original file line number Diff line number Diff line change
Expand Up @@ -16244,6 +16244,27 @@ type UpdateUserPayload {
User type
"""
type User implements Node {
accessible_teams(
"""
Returns the elements in the list that come after the specified cursor.
"""
after: String

"""
Returns the elements in the list that come before the specified cursor.
"""
before: String

"""
Returns the first _n_ elements from the list.
"""
first: Int

"""
Returns the last _n_ elements from the list.
"""
last: Int
): PublicTeamConnection
created_at: String
dbid: Int
email: String
Expand Down
61 changes: 61 additions & 0 deletions public/relay.json
Original file line number Diff line number Diff line change
Expand Up @@ -89654,6 +89654,67 @@
"name": "User",
"description": "User type",
"fields": [
{
"name": "accessible_teams",
"description": null,
"args": [
{
"name": "after",
"description": "Returns the elements in the list that come after the specified cursor.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null,
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "before",
"description": "Returns the elements in the list that come before the specified cursor.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null,
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "first",
"description": "Returns the first _n_ elements from the list.",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null,
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "last",
"description": "Returns the last _n_ elements from the list.",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null,
"isDeprecated": false,
"deprecationReason": null
}
],
"type": {
"kind": "OBJECT",
"name": "PublicTeamConnection",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "created_at",
"description": null,
Expand Down
40 changes: 40 additions & 0 deletions test/controllers/graphql_controller_11_test.rb
Original file line number Diff line number Diff line change
Expand Up @@ -115,4 +115,44 @@ def teardown
data = JSON.parse(response.body)['data']['createProjectMedia']
assert_not_nil data['project_media']['id']
end

test "admin users should be able to see all workspaces" do
Team.destroy_all

user = create_user
team1 = create_team
create_team_user user: user, team: team1

admin = create_user(is_admin: true)
team2 = create_team
create_team_user user: admin, team: team2

authenticate_with_user(admin)
query = "query { user(id: #{admin.id}) { accessible_teams { edges { node { dbid } } } } }"
post :create, params: { query: query }
assert_response :success
data = JSON.parse(response.body)['data']['user']['accessible_teams']['edges']
assert_equal 2, data.size
assert_equal team1.id, data[0]['node']['dbid']
assert_equal team2.id, data[1]['node']['dbid']
end

test "non-admin users should only be able to see workspaces they belong to" do
Team.destroy_all
user = create_user
team1 = create_team
create_team_user user: user, team: team1

user2 = create_user
team2 = create_team
create_team_user user: user2, team: team2

authenticate_with_user(user)
query = "query { user(id: #{user.id}) { accessible_teams { edges { node { dbid } } } } }"
post :create, params: { query: query }
assert_response :success
data = JSON.parse(response.body)['data']['user']['accessible_teams']['edges']
assert_equal 1, data.size
assert_equal team1.id, data[0]['node']['dbid']
end
end

0 comments on commit 7d16469

Please sign in to comment.