Merge pull request #5317 from neo4j/4534-authorization-validate-argum…

…ent-should-also-handle-a-single-non-array-entry Fix validate argument for non array inputs
neo4j · Jul 5, 2024 · af2e31d · af2e31d
2 parents d958b34 + f4c41fe
commit af2e31d
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 9 deletions.
diff --git a/.changeset/small-cycles-drive.md b/.changeset/small-cycles-drive.md
@@ -0,0 +1,5 @@
+---
+"@neo4j/graphql": patch
+---
+
+Fix non-array validate argument on authorization directive #4534
diff --git a/packages/graphql/src/schema-model/generate-model.test.ts b/packages/graphql/src/schema-model/generate-model.test.ts
@@ -129,7 +129,7 @@ describe("ConcreteEntity generation", () => {
                     },
                 },
             ]);
-            expect(authAnnotation?.validate).toBeUndefined();
+            expect(authAnnotation?.validate).toEqual([]);
         });
 
         test("authorization annotation is correct on User entity", () => {

diff --git a/packages/graphql/src/schema-model/parser/annotations-parser/authorization-annotation.ts b/packages/graphql/src/schema-model/parser/annotations-parser/authorization-annotation.ts
@@ -17,6 +17,7 @@
  * limitations under the License.
  */
 import type { DirectiveNode } from "graphql";
+import { asArray } from "../../../utils/utils";
 import type {
     AuthorizationFilterRuleConstructor,
     AuthorizationValidateRuleConstructor,
@@ -34,7 +35,7 @@ export function parseAuthorizationAnnotation(directive: DirectiveNode): Authoriz
         validate?: Record<string, any>[];
     };
     const filterRules = filter?.map((rule) => new AuthorizationFilterRule(rule as AuthorizationFilterRuleConstructor));
-    const validateRules = validate?.map(
+    const validateRules = asArray(validate).map(
         (rule) => new AuthorizationValidateRule(rule as AuthorizationValidateRuleConstructor)
     );
 

diff --git a/...relationships/implementation-bind.test.ts → ...relationships/implementation-bind.test.ts b/...relationships/implementation-bind.test.ts → ...relationships/implementation-bind.test.ts
diff --git a/...authorization/arguments/bind/bind.test.ts → ...ation/arguments/validate/validate.test.ts b/...authorization/arguments/bind/bind.test.ts → ...ation/arguments/validate/validate.test.ts
@@ -41,13 +41,11 @@ describe("Cypher Auth Allow", () => {
 
             extend type User
                 @authorization(
-                    validate: [
-                        {
-                            when: AFTER
-                            operations: [CREATE, UPDATE, CREATE_RELATIONSHIP, DELETE_RELATIONSHIP]
-                            where: { node: { id: "$jwt.sub" } }
-                        }
-                    ]
+                    validate: {
+                        when: AFTER
+                        operations: [CREATE, UPDATE, CREATE_RELATIONSHIP, DELETE_RELATIONSHIP]
+                        where: { node: { id: "$jwt.sub" } }
+                    }
                 )
 
             extend type Post
-Original file line number
+Diff line change
@@ Expand Up / @@ -129,7 +129,7 @@ describe("ConcreteEntity generation", () => { @@
                         },
                     },
                 ]);
-                expect(authAnnotation?.validate).toBeUndefined();
+                expect(authAnnotation?.validate).toEqual([]);
             });
             test("authorization annotation is correct on User entity", () => {
@@ Expand Down @@