use of com.amplifyframework.api.aws.AuthorizationType in project amplify-android by aws-amplify.
the class AuthRuleRequestDecoratorTest method ownerArgumentAddedForRestrictedReadWithOidc.
/**
* Verify that owner argument is required for all subscriptions if ModelOperation.READ is specified
* while using OpenID Connect auth mode.
* @throws AmplifyException if a ModelSchema can't be derived from the Model class.
*/
@Test
public void ownerArgumentAddedForRestrictedReadWithOidc() throws AmplifyException {
final AuthorizationType mode = AuthorizationType.OPENID_CONNECT;
final String expectedOwner = FakeOidcAuthProvider.SUB;
// OwnerOidc class has restriction on every operation including READ
for (SubscriptionType subscriptionType : SubscriptionType.values()) {
GraphQLRequest<OwnerOidc> originalRequest = createRequest(OwnerOidc.class, subscriptionType);
GraphQLRequest<OwnerOidc> modifiedRequest = decorator.decorate(originalRequest, mode);
assertEquals(expectedOwner, getOwnerField(modifiedRequest));
}
}
use of com.amplifyframework.api.aws.AuthorizationType in project amplify-android by aws-amplify.
the class AuthRuleRequestDecoratorTest method ownerArgumentAddedIfOwnerIsNotInGroupWithUserPools.
/**
* Verify owner argument is added if model contains both owner-based and group-based
* authorization and the user is not in any read-restricted group.
* @throws AmplifyException if a ModelSchema can't be derived from the Model class.
*/
@Test
public void ownerArgumentAddedIfOwnerIsNotInGroupWithUserPools() throws AmplifyException {
final AuthorizationType mode = AuthorizationType.AMAZON_COGNITO_USER_POOLS;
final String expectedOwner = FakeCognitoAuthProvider.USERNAME;
// but user is not in the read-restricted group.
for (SubscriptionType subscriptionType : SubscriptionType.values()) {
GraphQLRequest<OwnerNotInGroup> originalRequest = createRequest(OwnerNotInGroup.class, subscriptionType);
GraphQLRequest<OwnerNotInGroup> modifiedRequest = decorator.decorate(originalRequest, mode);
assertEquals(expectedOwner, getOwnerField(modifiedRequest));
}
}
use of com.amplifyframework.api.aws.AuthorizationType in project amplify-android by aws-amplify.
the class AuthRuleRequestDecoratorTest method ownerArgumentNotAddedIfOwnerIsInGroupWithUserPools.
/**
* Verify owner argument is NOT added if model contains both owner-based and group-based
* authorization and the user is in any of the read-restricted groups.
* @throws AmplifyException if a ModelSchema can't be derived from the Model class.
*/
@Test
public void ownerArgumentNotAddedIfOwnerIsInGroupWithUserPools() throws AmplifyException {
final AuthorizationType mode = AuthorizationType.AMAZON_COGNITO_USER_POOLS;
// and user is in the read-restricted group.
for (SubscriptionType subscriptionType : SubscriptionType.values()) {
GraphQLRequest<OwnerInGroup> originalRequest = createRequest(OwnerInGroup.class, subscriptionType);
GraphQLRequest<OwnerInGroup> modifiedRequest = decorator.decorate(originalRequest, mode);
assertNull(getOwnerField(modifiedRequest));
}
}
use of com.amplifyframework.api.aws.AuthorizationType in project amplify-android by aws-amplify.
the class AuthRuleRequestDecoratorTest method requestPassThroughForNoAuth.
/**
* Test that auth rule request decorator returns the same request if there
* is no auth rule associated with it.
* @throws AmplifyException if a ModelSchema can't be derived from the Model class.
*/
@Test
public void requestPassThroughForNoAuth() throws AmplifyException {
final AuthorizationType mode = AuthorizationType.AMAZON_COGNITO_USER_POOLS;
// NoAuth class does not have use @auth directive
for (SubscriptionType subscriptionType : SubscriptionType.values()) {
GraphQLRequest<NoAuth> originalRequest = createRequest(NoAuth.class, subscriptionType);
GraphQLRequest<NoAuth> modifiedRequest = decorator.decorate(originalRequest, mode);
assertEquals(originalRequest, modifiedRequest);
}
}
use of com.amplifyframework.api.aws.AuthorizationType in project amplify-android by aws-amplify.
the class AuthRuleRequestDecoratorTest method ownerArgumentNotAddedIfOwnerIsInCustomGroup.
/**
* Verify owner argument is NOT added if model contains both owner-based and group-based
* authorization and the user is in any of the read-restricted groups.
* @throws AmplifyException if a ModelSchema can't be derived from the Model class.
*/
@Test
public void ownerArgumentNotAddedIfOwnerIsInCustomGroup() throws AmplifyException {
final AuthorizationType mode = AuthorizationType.OPENID_CONNECT;
// and user is in the read-restricted custom group.
for (SubscriptionType subscriptionType : SubscriptionType.values()) {
GraphQLRequest<OwnerInCustomGroup> originalRequest = createRequest(OwnerInCustomGroup.class, subscriptionType);
GraphQLRequest<OwnerInCustomGroup> modifiedRequest = decorator.decorate(originalRequest, mode);
assertNull(getOwnerField(modifiedRequest));
}
}
Aggregations