76936b5e-3307-4d8d-9961-262f68cd4b1f

Committed 13 May 2026 04:05PM UTC coverage: 96.324% (-1.1%) from 97.426%

Build # 76936b5e-3307-4d8d-9961-262f68cd4b1f

Build Type

Pull #292

circleci

Committed by

mcelicalderon

Commit Message

Remove Rails 6.1 from test matrix

Pull Request Pull Request #292: Support graphql 2.6

Coverage Stats

786 of 816 relevant lines covered (96.32%)

2014.08 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

87.93

/lib/graphql_devise/schema_plugin.rb

# frozen_string_literal: true

module GraphqlDevise
  class SchemaPlugin
    # NOTE: Based on GQL-Ruby docs  https://graphql-ruby.org/schema/introspection.html
    INTROSPECTION_FIELDS = ['__schema', '__type', '__typename']
    DEFAULT_NOT_AUTHENTICATED = ->(field) { raise AuthenticationError, "#{field} field requires authentication" }

    def initialize(query: nil, mutation: nil, authenticate_default: true, public_introspection: !Rails.env.production?, resource_loaders: [], unauthenticated_proc: DEFAULT_NOT_AUTHENTICATED)
      @query                = query
      @mutation             = mutation
      @resource_loaders     = resource_loaders
      @authenticate_default = authenticate_default
      @public_introspection = public_introspection
      @unauthenticated_proc = unauthenticated_proc

      # Must happen on initialize so operations are loaded before the types are added to the schema on GQL < 1.10
      load_fields
    end

    def use(schema_definition)
      if Gem::Version.new(GraphQL::VERSION) >= Gem::Version.new('2.3')
        schema_definition.trace_with(
          FieldAuthTracer,
          authenticate_default: @authenticate_default,
          public_introspection: public_introspection,
          unauthenticated_proc: @unauthenticated_proc
        )
      else
        schema_definition.tracer(self)
      end
    end

    def trace(event, trace_data)
      # Authenticate only root level queries
      return yield unless event == 'execute_field' && path(trace_data).count == 1

      field         = traced_field(trace_data)
      auth_required = authenticate_option(field, trace_data)
      context       = context_from_data(trace_data)

      if auth_required && !(public_introspection && introspection_field?(field))
        raise_on_missing_resource(context, field, auth_required)
      end

      yield
    end

    private

    attr_reader :public_introspection

    def raise_on_missing_resource(context, field, auth_required)
      @unauthenticated_proc.call(field.name) if context[:current_resource].blank?

      if auth_required.respond_to?(:call) && !auth_required.call(context[:current_resource])
        @unauthenticated_proc.call(field.name)
      end
    end

    def context_from_data(trace_data)
      query = if trace_data[:context]
        trace_data[:context].query
      else
        trace_data[:query]
      end

      query.context
    end

    def path(trace_data)
      if trace_data[:context]
        trace_data[:context].path
      else
        trace_data[:path]
      end
    end

    def traced_field(trace_data)
      if trace_data[:context]
        trace_data[:context].field
      else
        trace_data[:field]
      end
    end

    def authenticate_option(field, trace_data)
      auth_required = if trace_data[:context]
        field.metadata[:authenticate]
      else
        if Gem::Version.new(GraphQL::VERSION) >= Gem::Version.new('2.0')
          # authenticate will only be defined if "field_class GraphqlDevise::Types::BaseField" is added to the type
          # returning nil here will use the default value used when mounting the plugin
          field.try(:authenticate)
        elsif Gem::Version.new(GraphQL::VERSION) >= Gem::Version.new('1.13.1')
          field.graphql_definition(silence_deprecation_warning: true).metadata[:authenticate]
        else
          field.graphql_definition.metadata[:authenticate]
        end
      end

      auth_required.nil? ? @authenticate_default : auth_required
    end

    def load_fields
      @resource_loaders.each do |resource_loader|
        raise ::GraphqlDevise::Error, 'Invalid resource loader instance' unless resource_loader.instance_of?(ResourceLoader)

        resource_loader.call(@query, @mutation)
      end
    end

    def introspection_field?(field)
      INTROSPECTION_FIELDS.include?(field.name)
    end
  end
end

1	# frozen_string_literal: true
2
3	module GraphqlDevise	93✔
4	class SchemaPlugin	93✔
5	# NOTE: Based on GQL-Ruby docs https://graphql-ruby.org/schema/introspection.html
6	INTROSPECTION_FIELDS = ['__schema', '__type', '__typename']	93✔
7	DEFAULT_NOT_AUTHENTICATED = ->(field) { raise AuthenticationError, "#{field} field requires authentication" }	1,023✔
8
9	def initialize(query: nil, mutation: nil, authenticate_default: true, public_introspection: !Rails.env.production?, resource_loaders: [], unauthenticated_proc: DEFAULT_NOT_AUTHENTICATED)	93✔
10	@query = query	372✔
11	@mutation = mutation	372✔
12	@resource_loaders = resource_loaders	372✔
13	@authenticate_default = authenticate_default	372✔
14	@public_introspection = public_introspection	372✔
15	@unauthenticated_proc = unauthenticated_proc	372✔
16
17	# Must happen on initialize so operations are loaded before the types are added to the schema on GQL < 1.10
18	load_fields	372✔
19	end
20
21	def use(schema_definition)	93✔
22	if Gem::Version.new(GraphQL::VERSION) >= Gem::Version.new('2.3')	186✔
23	schema_definition.trace_with(	96✔
24	FieldAuthTracer,
25	authenticate_default: @authenticate_default,
26	public_introspection: public_introspection,
27	unauthenticated_proc: @unauthenticated_proc
28	)
29	else
30	schema_definition.tracer(self)	90✔
31	end
32	end
33
34	def trace(event, trace_data)	93✔
35	# Authenticate only root level queries
36	return yield unless event == 'execute_field' && path(trace_data).count == 1	280,771✔
37
38	field = traced_field(trace_data)	1,665✔
39	auth_required = authenticate_option(field, trace_data)	1,665✔
40	context = context_from_data(trace_data)	1,665✔
41
42	if auth_required && !(public_introspection && introspection_field?(field))	1,665✔
43	raise_on_missing_resource(context, field, auth_required)	1,035✔
44	end
45
46	yield	1,215✔
47	end
48
49	private	93✔
50
51	attr_reader :public_introspection	93✔
52
53	def raise_on_missing_resource(context, field, auth_required)	93✔
54	@unauthenticated_proc.call(field.name) if context[:current_resource].blank?	1,035✔
55
56	if auth_required.respond_to?(:call) && !auth_required.call(context[:current_resource])	675✔
57	@unauthenticated_proc.call(field.name)	90✔
58	end
59	end
60
61	def context_from_data(trace_data)	93✔
62	query = if trace_data[:context]	1,665✔
63	trace_data[:context].query	×
64	else
65	trace_data[:query]	1,665✔
66	end
67
68	query.context	1,665✔
69	end
70
71	def path(trace_data)	93✔
72	if trace_data[:context]	214,968✔
73	trace_data[:context].path	×
74	else
75	trace_data[:path]	214,968✔
76	end
77	end
78
79	def traced_field(trace_data)	93✔
80	if trace_data[:context]	1,665✔
81	trace_data[:context].field	×
82	else
83	trace_data[:field]	1,665✔
84	end
85	end
86
87	def authenticate_option(field, trace_data)	93✔
88	auth_required = if trace_data[:context]	1,665✔
89	field.metadata[:authenticate]	×
90	else
91	if Gem::Version.new(GraphQL::VERSION) >= Gem::Version.new('2.0')	1,665✔
92	# authenticate will only be defined if "field_class GraphqlDevise::Types::BaseField" is added to the type
93	# returning nil here will use the default value used when mounting the plugin
94	field.try(:authenticate)	1,665✔
95	elsif Gem::Version.new(GraphQL::VERSION) >= Gem::Version.new('1.13.1')	×
96	field.graphql_definition(silence_deprecation_warning: true).metadata[:authenticate]	×
97	else
98	field.graphql_definition.metadata[:authenticate]	×
99	end
100	end
101
102	auth_required.nil? ? @authenticate_default : auth_required	1,665✔
103	end
104
105	def load_fields	93✔
106	@resource_loaders.each do \|resource_loader\|	372✔
107	raise ::GraphqlDevise::Error, 'Invalid resource loader instance' unless resource_loader.instance_of?(ResourceLoader)	372✔
108
109	resource_loader.call(@query, @mutation)	279✔
110	end
111	end
112
113	def introspection_field?(field)	93✔
114	INTROSPECTION_FIELDS.include?(field.name)	1,080✔
115	end
116	end
117	end

graphql-devise / graphql_devise / 76936b5e-3307-4d8d-9961-262f68cd4b1f

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous