diff --git a/app/controllers/graphql_controller.rb b/app/controllers/graphql_controller.rb index ba8edc2b4..ce8f093db 100644 --- a/app/controllers/graphql_controller.rb +++ b/app/controllers/graphql_controller.rb @@ -12,6 +12,8 @@ class GraphqlController < ApplicationController render json: response, status: :ok rescue GraphqlController::QueryStringError render json: { message: 'Query string not present' }, status: :bad_request + rescue JSON::ParserError + render json: { message: 'Error parsing JSON' }, status: :bad_request rescue GraphQL::ParseError render json: { message: 'Query string is not valid JSON' }, status: :bad_request rescue @@ -40,6 +42,10 @@ class GraphqlController < ApplicationController end def query_variables - params[:variables].blank? ? {} : JSON.parse(params[:variables]) + if params[:variables].blank? || params[:variables] == 'null' + {} + else + JSON.parse(params[:variables]) + end end end diff --git a/spec/controllers/graphql_controller_spec.rb b/spec/controllers/graphql_controller_spec.rb index e95bdd3c9..f96392b73 100644 --- a/spec/controllers/graphql_controller_spec.rb +++ b/spec/controllers/graphql_controller_spec.rb @@ -8,18 +8,21 @@ describe GraphqlController, type: :request do describe "handles GET request" do specify "with query string inside query params" do get '/graphql', query: "{ proposal(id: #{proposal.id}) { title } }" + expect(response).to have_http_status(:ok) expect(JSON.parse(response.body)['data']['proposal']['title']).to eq(proposal.title) end specify "with malformed query string" do get '/graphql', query: 'Malformed query string' + expect(response).to have_http_status(:bad_request) expect(JSON.parse(response.body)['message']).to eq('Query string is not valid JSON') end specify "without query string" do get '/graphql' + expect(response).to have_http_status(:bad_request) expect(JSON.parse(response.body)['message']).to eq('Query string not present') end @@ -30,6 +33,7 @@ describe GraphqlController, type: :request do specify "with json-encoded query string inside body" do post '/graphql', { query: "{ proposal(id: #{proposal.id}) { title } }" }.to_json, json_headers + expect(response).to have_http_status(:ok) expect(JSON.parse(response.body)['data']['proposal']['title']).to eq(proposal.title) end @@ -37,20 +41,45 @@ describe GraphqlController, type: :request do specify "with raw query string inside body" do graphql_headers = { "CONTENT_TYPE" => "application/graphql" } post '/graphql', "{ proposal(id: #{proposal.id}) { title } }", graphql_headers + expect(response).to have_http_status(:ok) expect(JSON.parse(response.body)['data']['proposal']['title']).to eq(proposal.title) end specify "with malformed query string" do post '/graphql', { query: "Malformed query string" }.to_json, json_headers + expect(response).to have_http_status(:bad_request) expect(JSON.parse(response.body)['message']).to eq('Query string is not valid JSON') end it "without query string" do post '/graphql', json_headers + expect(response).to have_http_status(:bad_request) expect(JSON.parse(response.body)['message']).to eq('Query string not present') end end + + describe "correctly parses query variables" do + let(:query_string) { "{ proposal(id: #{proposal.id}) { title } }" } + + specify "when absent" do + get '/graphql', { query: query_string } + + expect(response).to have_http_status(:ok) + end + + specify "when specified as the 'null' string" do + get '/graphql', { query: query_string, variables: 'null' } + + expect(response).to have_http_status(:ok) + end + + specify "when specified as an empty string" do + get '/graphql', { query: query_string, variables: '' } + + expect(response).to have_http_status(:ok) + end + end end