Skip to content

Commit 2bb74d0

Browse files
pan93412pan93412
committed
fix(graph): correct totalQuestions and categories filtering
1 parent de328fc commit 2bb74d0

File tree

4 files changed

+353
-36
lines changed

4 files changed

+353
-36
lines changed

graph/ent.resolvers.go

Lines changed: 1 addition & 18 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

graph/question.resolvers.go

Lines changed: 55 additions & 18 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

graph/question_resolver_test.go

Lines changed: 72 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -899,6 +899,78 @@ func TestQueryResolver_QuestionCategories(t *testing.T) {
899899
require.Error(t, err)
900900
require.Contains(t, err.Error(), defs.CodeUnauthorized)
901901
})
902+
903+
t.Run("success - filters categories by visible_scope", func(t *testing.T) {
904+
// Create test database
905+
database := createTestDatabase(t, entClient)
906+
907+
// Create public question (no visible_scope)
908+
_, err := entClient.Question.Create().
909+
SetCategory("public-category").
910+
SetDifficulty("easy").
911+
SetTitle("Public Question").
912+
SetDescription("Public question").
913+
SetReferenceAnswer("SELECT * FROM test;").
914+
SetDatabase(database).
915+
Save(context.Background())
916+
require.NoError(t, err)
917+
918+
// Create restricted question (with visible_scope)
919+
_, err = entClient.Question.Create().
920+
SetCategory("premium-category").
921+
SetDifficulty("easy").
922+
SetTitle("Premium Question").
923+
SetDescription("Premium question").
924+
SetReferenceAnswer("SELECT * FROM test;").
925+
SetVisibleScope("premium:read").
926+
SetDatabase(database).
927+
Save(context.Background())
928+
require.NoError(t, err)
929+
930+
// User without premium:read scope should only see public category
931+
var resp1 struct {
932+
QuestionCategories []string
933+
}
934+
query := `query { questionCategories }`
935+
936+
err = gqlClient.Post(query, &resp1, func(bd *client.Request) {
937+
bd.HTTP = bd.HTTP.WithContext(auth.WithUser(bd.HTTP.Context(), auth.TokenInfo{
938+
UserID: testUser.ID,
939+
Scopes: []string{"question:read"}, // No premium:read
940+
}))
941+
})
942+
require.NoError(t, err)
943+
require.Contains(t, resp1.QuestionCategories, "public-category")
944+
require.NotContains(t, resp1.QuestionCategories, "premium-category")
945+
946+
// User with premium:read scope should see both categories
947+
var resp2 struct {
948+
QuestionCategories []string
949+
}
950+
err = gqlClient.Post(query, &resp2, func(bd *client.Request) {
951+
bd.HTTP = bd.HTTP.WithContext(auth.WithUser(bd.HTTP.Context(), auth.TokenInfo{
952+
UserID: testUser.ID,
953+
Scopes: []string{"question:read", "premium:read"},
954+
}))
955+
})
956+
require.NoError(t, err)
957+
require.Contains(t, resp2.QuestionCategories, "public-category")
958+
require.Contains(t, resp2.QuestionCategories, "premium-category")
959+
960+
// User with wildcard scope should see all categories
961+
var resp3 struct {
962+
QuestionCategories []string
963+
}
964+
err = gqlClient.Post(query, &resp3, func(bd *client.Request) {
965+
bd.HTTP = bd.HTTP.WithContext(auth.WithUser(bd.HTTP.Context(), auth.TokenInfo{
966+
UserID: testUser.ID,
967+
Scopes: []string{"*", "question:read"},
968+
}))
969+
})
970+
require.NoError(t, err)
971+
require.Contains(t, resp3.QuestionCategories, "public-category")
972+
require.Contains(t, resp3.QuestionCategories, "premium-category")
973+
})
902974
}
903975

904976
func TestQuestionResolver_Statistics(t *testing.T) {

0 commit comments

Comments
 (0)