graphql: add email to user type

closes RECNVS-274 Test plan: * use graphql to view users' email addresses * only teachers admins should be able to see email addresses Change-Id: Id9693ca1a7cc82641ece8be24c9b2585cfae71d6 Reviewed-on: https://gerrit.instructure.com/139580 Tested-by: Jenkins Reviewed-by: Michael Jasper <mjasper@instructure.com> QA-Review: Collin Parrish <cparrish@instructure.com> Product-Review: Cameron Matheson <cameron@instructure.com>
2018-01-30 15:37:28 -07:00 · 2018-01-30 15:37:28 -07:00 · d1cfe7ad71
parent 08b922ca3e
commit d1cfe7ad71
3 changed files with 47 additions and 8 deletions
--- a/app/graphql/types/user_type.rb
+++ b/app/graphql/types/user_type.rb
@ -31,6 +31,18 @@ module Types
      }
    end

+    field :email, types.String, resolve: ->(user, _, ctx) {
+      return nil unless user.grants_right? ctx[:current_user], :read_profile
+
+      if user.email_cached?
+        user.email
+      else
+        Loaders::AssociationLoader.for(User, :communication_channels).
+          load(user).
+          then { user.email }
+      end
+    }
+
    field :enrollments, types[EnrollmentType] do
      argument :courseId, !types.ID,
        "only return enrollments for this course",
@ -39,7 +51,7 @@ module Types
      resolve ->(user, args, ctx) do
        Loaders::IDLoader.for(Course).load(args[:courseId]).then do |course|
          if course.grants_any_right? ctx[:current_user], :read_roster, :view_all_grades, :manage_grades
-            UserCourseEnrollmentLoader.for(course, ctx[:current_user]).load(user.id)
+            Loaders::UserCourseEnrollmentLoader.for(course, ctx[:current_user]).load(user.id)
          else
            nil
          end
@ -60,15 +72,16 @@ module Types
      end
    end
  end
-
 end

-class UserCourseEnrollmentLoader < Loaders::ForeignKeyLoader
-  def initialize(course, user)
-    scope = course.
-      apply_enrollment_visibility(course.all_enrollments, user).
-      active_or_pending
-    super(scope, :user_id)
+module Loaders
+  class UserCourseEnrollmentLoader < ForeignKeyLoader
+    def initialize(course, user)
+      scope = course.
+        apply_enrollment_visibility(course.all_enrollments, user).
+        active_or_pending
+      super(scope, :user_id)
+    end
  end
 end

--- a/schema.graphql
+++ b/schema.graphql
@ -680,6 +680,7 @@ type User implements Node, Timestamped {
  _id: ID!
  avatarUrl: URL
  createdAt: Time
+  email: String
  enrollments(
    # only return enrollments for this course
    courseId: ID!
--- a/spec/graphql/types/user_type_spec.rb
+++ b/spec/graphql/types/user_type_spec.rb
@ -46,4 +46,29 @@ describe Types::UserType do
      ).to be_nil
    end
  end
+
+  context "email" do
+    before(:once) do
+      user.email = "cooldude@example.com"
+      user.save!
+    end
+
+    it "returns email for teachers/admins" do
+      expect(user_type.email(current_user: @teacher)).to eq user.email
+
+      # this is for the cached branch
+      allow(user).to receive(:email_cached?) { true }
+      expect(user_type.email(current_user: @teacher)).to eq user.email
+    end
+
+    it "doesn't return email for others" do
+      _student = user
+      other_student = student_in_course(active_all: true).user
+      teacher_in_other_course = teacher_in_course(course: course_factory).user
+
+      expect(user_type.email(current_user: nil)).to be_nil
+      expect(user_type.email(current_user: other_student)).to be_nil
+      expect(user_type.email(current_user: teacher_in_other_course)).to be_nil
+    end
+  end
 end