Authorize Directive Serialization Issues (#485)

ChilliCream · Jan 15, 2019 · eff0f49 · eff0f49
1 parent ff56fb0
commit eff0f49
Show file tree

Hide file tree

Showing 22 changed files with 914 additions and 44 deletions.
diff --git a/src/Core/Core.Tests/Execution/Errors/ErrorBehaviourTests.cs b/src/Core/Core.Tests/Execution/Errors/ErrorBehaviourTests.cs
@@ -8,7 +8,7 @@ namespace HotChocolate.Execution
 {
     public class ErrorBehaviourTests
     {
-         [Fact]
+        [Fact]
         public async Task SyntaxError()
         {
             // arrange
@@ -231,6 +231,42 @@ public async Task Property_Return_UnexpectedErrorWithPath()
             result.Snapshot();
         }
 
+        [Fact]
+        public async Task RootTypeNotDefined()
+        {
+            // arrange
+            string query = "mutation { foo }";
+
+            var schema = Schema.Create(
+                "type Query { foo: String }",
+                c => c.Use(next => context => Task.CompletedTask));
+            IQueryExecuter executer = schema.MakeExecutable();
+
+            // act
+            IExecutionResult result = await executer.ExecuteAsync(query);
+
+            // assert
+            result.Snapshot();
+        }
+
+        [Fact]
+        public async Task RootFieldNotDefined()
+        {
+            // arrange
+            string query = "mutation { foo }";
+
+            var schema = Schema.Create(
+                "type Mutation { bar: String }",
+                c => c.Use(next => context => Task.CompletedTask));
+            IQueryExecuter executer = schema.MakeExecutable();
+
+            // act
+            IExecutionResult result = await executer.ExecuteAsync(query);
+
+            // assert
+            result.Snapshot();
+        }
+
         private async Task<IExecutionResult> ExecuteQuery(
             string query,
             Action errorHandled)

diff --git a/src/Core/Core.Tests/__snapshots__/RootFieldNotDefined.json b/src/Core/Core.Tests/__snapshots__/RootFieldNotDefined.json
@@ -0,0 +1,15 @@
+{
+  "Data": {},
+  "Extensions": {},
+  "Errors": [
+    {
+      "message": "The field `foo` does not exist on the type `Mutation`.",
+      "locations": [
+        {
+          "line": 1,
+          "column": 12
+        }
+      ]
+    }
+  ]
+}
diff --git a/src/Core/Core.Tests/__snapshots__/RootTypeNotDefined.json b/src/Core/Core.Tests/__snapshots__/RootTypeNotDefined.json
@@ -0,0 +1,9 @@
+{
+  "Data": {},
+  "Extensions": {},
+  "Errors": [
+    {
+      "message": "The specified root type `Mutation` does not exist."
+    }
+  ]
+}
diff --git a/src/Core/Core/Validation/QueryVisitor.cs b/src/Core/Core/Validation/QueryVisitor.cs
@@ -81,9 +81,17 @@ protected virtual void VisitOperationDefinition(
             ImmutableStack<ISyntaxNode> path)
         {
             IType operationType = Schema.GetOperationType(operation.Operation);
-            ImmutableStack<ISyntaxNode> newPath = path.Push(operation);
-            VisitSelectionSet(operation.SelectionSet, operationType, newPath);
-            VisitDirectives(operation.Directives, newPath);
+            if (operationType != null)
+            {
+                ImmutableStack<ISyntaxNode> newPath = path.Push(operation);
+
+                VisitSelectionSet(
+                    operation.SelectionSet,
+                    operationType,
+                    newPath);
+
+                VisitDirectives(operation.Directives, newPath);
+            }
             _visitedFragments.Clear();
         }
 
@@ -107,7 +115,8 @@ protected virtual void VisitSelectionSet(
                     }
                     else if (selection is InlineFragmentNode inlineFragment)
                     {
-                        VisitInlineFragmentInternal(inlineFragment, type, newpath);
+                        VisitInlineFragmentInternal(
+                            inlineFragment, type, newpath);
                     }
                 }
             }
@@ -252,7 +261,8 @@ protected bool ContainsFragment(string fragmentName)
             return _fragments.ContainsKey(fragmentName);
         }
 
-        protected bool IsFragmentVisited(FragmentDefinitionNode fragmentDefinition)
+        protected bool IsFragmentVisited(
+            FragmentDefinitionNode fragmentDefinition)
         {
             if (fragmentDefinition == null)
             {
@@ -262,7 +272,8 @@ protected bool IsFragmentVisited(FragmentDefinitionNode fragmentDefinition)
             return _visitedFragments.Contains(fragmentDefinition);
         }
 
-        protected bool MarkFragmentVisited(FragmentDefinitionNode fragmentDefinition)
+        protected bool MarkFragmentVisited(
+            FragmentDefinitionNode fragmentDefinition)
         {
             if (fragmentDefinition == null)
             {

diff --git a/src/Server/AspNetCore.Authorization/AuthorizeDirective.cs b/src/Server/AspNetCore.Authorization/AuthorizeDirective.cs
@@ -1,6 +1,8 @@
 using System;
 using System.Collections.Generic;
 using System.Linq;
+using System.Runtime.Serialization;
+using HotChocolate.Language;
 
 #if !ASPNETCLASSIC
 using System.Collections.ObjectModel;
@@ -13,17 +15,54 @@ namespace HotChocolate.AspNetCore.Authorization
 #endif
 {
     public class AuthorizeDirective
+        : ISerializable
     {
+        public AuthorizeDirective()
+        {
+            Roles = Array.Empty<string>();
+        }
+
 #if ASPNETCLASSIC
         public AuthorizeDirective(IEnumerable<string> roles)
         {
             if (roles == null)
             {
                 throw new ArgumentNullException(nameof(roles));
             }
-            
+
             Roles = roles.ToArray();
         }
+
+        public AuthorizeDirective(
+            SerializationInfo info,
+            StreamingContext context)
+        {
+            var node = info.GetValue(
+                nameof(DirectiveNode),
+                typeof(DirectiveNode))
+                as DirectiveNode;
+
+            if (node == null)
+            {
+                Roles = (string[])info.GetValue(
+                    nameof(Roles),
+                    typeof(string[]));
+            }
+            else
+            {
+                ArgumentNode rolesArgument = node.Arguments
+                    .FirstOrDefault(t => t.Name.Value == "roles");
+
+                Roles = (rolesArgument != null
+                    && rolesArgument.Value is ListValueNode lv)
+                    ? lv.Items.OfType<StringValueNode>()
+                        .Select(t => t.Value?.Trim())
+                        .Where(s => !string.IsNullOrEmpty(s))
+                        .ToArray()
+                    : Array.Empty<string>();
+            }
+        }
+
 #else
         public AuthorizeDirective(string policy)
             : this(policy, null)
@@ -39,14 +78,53 @@ public AuthorizeDirective(string policy, IEnumerable<string> roles)
                 roles?.ToList().AsReadOnly();
 
             if (string.IsNullOrEmpty(policy)
-                && (readOnlyRoles == null || readOnlyRoles.Any()))
+                && (readOnlyRoles == null || readOnlyRoles.Count > 0))
             {
                 throw new ArgumentException(
                     "Either policy or roles has to be set.");
             }
 
             Policy = policy;
-            Roles = readOnlyRoles;
+            Roles = (IReadOnlyCollection<string>)readOnlyRoles 
+                ?? Array.Empty<string>();
+        }
+
+        public AuthorizeDirective(
+            SerializationInfo info,
+            StreamingContext context)
+        {
+            var node = info.GetValue(
+                nameof(DirectiveNode),
+                typeof(DirectiveNode))
+                as DirectiveNode;
+
+            if (node == null)
+            {
+                Policy = info.GetString(nameof(Policy));
+                Roles = (string[])info.GetValue(
+                    nameof(Roles),
+                    typeof(string[]));
+            }
+            else
+            {
+                ArgumentNode policyArgument = node.Arguments
+                    .FirstOrDefault(t => t.Name.Value == "policy");
+                ArgumentNode rolesArgument = node.Arguments
+                    .FirstOrDefault(t => t.Name.Value == "roles");
+
+                Policy = (policyArgument != null
+                    && policyArgument.Value is StringValueNode sv)
+                    ? sv.Value
+                    : null;
+
+                Roles = (rolesArgument != null
+                    && rolesArgument.Value is ListValueNode lv)
+                    ? lv.Items.OfType<StringValueNode>()
+                        .Select(t => t.Value?.Trim())
+                        .Where(s => !string.IsNullOrEmpty(s))
+                        .ToArray()
+                    : Array.Empty<string>();
+            }
         }
 
         /// <summary>
@@ -59,5 +137,16 @@ public AuthorizeDirective(string policy, IEnumerable<string> roles)
         /// Gets or sets of roles that are allowed to access the resource.
         /// </summary>
         public IReadOnlyCollection<string> Roles { get; }
+
+
+        public void GetObjectData(
+            SerializationInfo info,
+            StreamingContext context)
+        {
+#if !ASPNETCLASSIC
+            info.AddValue(nameof(Policy), Policy);
+#endif
+            info.AddValue(nameof(Roles), Roles?.ToArray());
+        }
     }
 }