fix(dataproducer): CurrentUser result is uncacheable

pfrenssen · pfrenssen · commit 01d1bc9679c5 · 2024-08-06T00:49:13.000+03:00
diff --git a/src/Plugin/GraphQL/DataProducer/User/CurrentUser.php b/src/Plugin/GraphQL/DataProducer/User/CurrentUser.php
@@ -42,7 +42,7 @@ public static function create(ContainerInterface $container, array $configuratio
   }
 
   /**
-   * CurrentUser constructor.
+   * Constructs a new CurrentUser data producer.
    *
    * @param array $configuration
    *   A configuration array containing information about the plugin instance.
@@ -59,7 +59,7 @@ public function __construct(array $configuration, string $plugin_id, array $plug
   }
 
   /**
-   * Returns current user.
+   * Returns the current user.
    *
    * @param \Drupal\graphql\GraphQL\Execution\FieldContext $field_context
    *   Field context.
@@ -68,9 +68,9 @@ public function __construct(array $configuration, string $plugin_id, array $plug
    *   The current user.
    */
   public function resolve(FieldContext $field_context): AccountInterface {
-    // Response must be cached based on current user as a cache context,
-    // otherwise a new user would became a previous user.
-    $field_context->addCacheableDependency($this->currentUser);
+    // Response must be cached per user so that information from previously
+    // logged in users will not leak to newly logged in users.
+    $field_context->addCacheContexts(['user']);
     return $this->currentUser;
   }
 
diff --git a/tests/src/Kernel/DataProducer/CurrentUserTest.php b/tests/src/Kernel/DataProducer/CurrentUserTest.php
@@ -0,0 +1,92 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Drupal\Tests\graphql\Kernel\DataProducer;
+
+use Drupal\Core\Session\AccountInterface;
+use Drupal\Tests\graphql\Kernel\GraphQLTestBase;
+use Drupal\Tests\user\Traits\UserCreationTrait;
+use Drupal\graphql\GraphQL\Execution\FieldContext;
+use Drupal\user\Entity\User;
+
+/**
+ * Tests the current_user data producer.
+ *
+ * @coversDefaultClass \Drupal\graphql\Plugin\GraphQL\DataProducer\User\CurrentUser
+ * @group graphql
+ */
+class CurrentUserTest extends GraphQLTestBase {
+
+  use UserCreationTrait;
+
+  /**
+   * Test users.
+   *
+   * @var \Drupal\Core\Session\AccountInterface[]
+   */
+  protected array $users;
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function setUp(): void {
+    parent::setUp();
+
+    // Create two test users.
+    $this->users = [
+      $this->createUser(),
+      $this->createUser(),
+    ];
+
+    // Log out initially.
+    $this->container->get('current_user')->setAccount(User::getAnonymousUser());
+  }
+
+  /**
+   * @covers \Drupal\graphql\Plugin\GraphQL\DataProducer\User\CurrentUser::resolve
+   */
+  public function testCurrentUser(): void {
+    // Initially no user is logged in.
+    $result = $this->executeDataProducer('current_user');
+    $this->assertInstanceOf(AccountInterface::class, $result);
+    $this->assertEquals(0, $result->id());
+
+    // Log in as the first user.
+    $this->container->get('current_user')->setAccount($this->users[0]);
+    $result = $this->executeDataProducer('current_user');
+    $this->assertInstanceOf(AccountInterface::class, $result);
+    $this->assertEquals($this->users[0]->id(), $result->id());
+
+    // Log in as the second user.
+    $this->container->get('current_user')->setAccount($this->users[1]);
+    $result = $this->executeDataProducer('current_user');
+    $this->assertInstanceOf(AccountInterface::class, $result);
+    $this->assertEquals($this->users[1]->id(), $result->id());
+
+    // Log out again.
+    $this->container->get('current_user')->setAccount(User::getAnonymousUser());
+    $result = $this->executeDataProducer('current_user');
+    $this->assertInstanceOf(AccountInterface::class, $result);
+    $this->assertEquals(0, $result->id());
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function executeDataProducer($id, array $contexts = []) {
+    /** @var \Drupal\graphql\Plugin\DataProducerPluginManager $manager */
+    $manager = $this->container->get('plugin.manager.graphql.data_producer');
+
+    /** @var \Drupal\graphql\Plugin\DataProducerPluginInterface $plugin */
+    $plugin = $manager->createInstance($id);
+
+    // The 'user' cache context should be added so that the results will be
+    // cached per user.
+    $context = $this->prophesize(FieldContext::class);
+    $context->addCacheContexts(['user'])->willReturn($context->reveal())->shouldBeCalled();
+
+    return $plugin->resolveField($context->reveal());
+  }
+
+}

Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,7 @@ public static function create(ContainerInterface $container, array $configuratio`
`42`	`42`	`}`
`43`	`43`
`44`	`44`	`/**`
`45`		`- * CurrentUser constructor.`
	`45`	`+ * Constructs a new CurrentUser data producer.`
`46`	`46`	`*`
`47`	`47`	`* @param array $configuration`
`48`	`48`	`* A configuration array containing information about the plugin instance.`
`@@ -59,7 +59,7 @@ public function __construct(array $configuration, string $plugin_id, array $plug`
`59`	`59`	`}`
`60`	`60`
`61`	`61`	`/**`
`62`		`- * Returns current user.`
	`62`	`+ * Returns the current user.`
`63`	`63`	`*`
`64`	`64`	`* @param \Drupal\graphql\GraphQL\Execution\FieldContext $field_context`
`65`	`65`	`* Field context.`
`@@ -68,9 +68,9 @@ public function __construct(array $configuration, string $plugin_id, array $plug`
`68`	`68`	`* The current user.`
`69`	`69`	`*/`
`70`	`70`	`public function resolve(FieldContext $field_context): AccountInterface {`
`71`		`- // Response must be cached based on current user as a cache context,`
`72`		`- // otherwise a new user would became a previous user.`
`73`		`- $field_context->addCacheableDependency($this->currentUser);`
	`71`	`+ // Response must be cached per user so that information from previously`
	`72`	`+ // logged in users will not leak to newly logged in users.`
	`73`	`+ $field_context->addCacheContexts(['user']);`
`74`	`74`	`return $this->currentUser;`
`75`	`75`	`}`
`76`	`76`