# frozen_string_literal: true

RSpec.shared_examples 'a working graphql query' do
  include GraphqlHelpers

  it 'returns a successful response', :aggregate_failures do
    expect(response).to have_gitlab_http_status(:success)
    expect(graphql_errors).to be_nil
    expect(json_response.keys).to include('data')
  end
end

RSpec.shared_examples 'a working GraphQL mutation' do
  include GraphqlHelpers

  before do
    post_graphql_mutation(mutation, current_user: current_user, token: token)
  end

  shared_examples 'allows access to the mutation' do
    let(:scopes) { ['api'] }

    it_behaves_like 'a working graphql query' do
      it 'returns data' do
        expect(graphql_data.compact).not_to be_empty
      end
    end
  end

  shared_examples 'prevents access to the mutation' do
    let(:scopes) { ['read_api'] }

    it 'does not resolve the mutation' do
      expect(graphql_data.compact).to be_empty
      expect(graphql_errors).to be_present
    end
  end

  context 'with a personal access token' do
    let(:token) do
      pat = create(:personal_access_token, user: current_user, scopes: scopes)
      { personal_access_token: pat }
    end

    it_behaves_like 'prevents access to the mutation'
    it_behaves_like 'allows access to the mutation'
  end

  context 'with an OAuth token' do
    let(:token) do
      { oauth_access_token: create(:oauth_access_token, resource_owner: current_user, scopes: scopes.join(' ')) }
    end

    it_behaves_like 'prevents access to the mutation'
    it_behaves_like 'allows access to the mutation'
  end
end

RSpec.shared_examples 'a mutation on an unauthorized resource' do
  it_behaves_like 'a mutation that returns top-level errors',
                      errors: [::Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
end