fix tests

Author: sourabh1007

src/Service.Tests/CosmosTests/MutationTests.cs

@@ -257,11 +257,12 @@ public async Task MutationMissingRequiredPartitionKeyValueReturnError()
         /// It throws permission denied error if role doesn't have permission to perform the operation
         /// </summary>
         [TestMethod]
-        [DataRow("field-mutation-with-read-permission", DataApiBuilderException.GRAPHQL_MUTATION_FIELD_AUTHZ_FAILURE)] // exclude and include fields
-        [DataRow("authenticated", null)] // full permission
-        [DataRow("only-create-role", "The mutation operation createEarth was successful but the current user is unauthorized to view the response due to lack of read permissions")] // if only create permission is there
-        [DataRow("wildcard-exclude-fields-role", DataApiBuilderException.GRAPHQL_MUTATION_FIELD_AUTHZ_FAILURE)] // exclude wildcard
-        [DataRow("only-update-role", "The current user is not authorized to access this resource" )] // if create permission is not there
+        [DataRow("field-mutation-with-read-permission", DataApiBuilderException.GRAPHQL_MUTATION_FIELD_AUTHZ_FAILURE, DisplayName = " exclude and include fields")]
+        [DataRow("authenticated", null, DisplayName = "full permission")] 
+        [DataRow("only-create-role", "The mutation operation createEarth was successful " +
+            "but the current user is unauthorized to view the response due to lack of read permissions", DisplayName = "if only create permission is there")]
+        [DataRow("wildcard-exclude-fields-role", DataApiBuilderException.GRAPHQL_MUTATION_FIELD_AUTHZ_FAILURE, DisplayName = "exclude wildcard")]
+        [DataRow("only-update-role", "The current user is not authorized to access this resource", DisplayName = "if create permission is not there")]
         public async Task CreateItemWithAuthPermissions(string roleName, string expectedErrorMessage)
         {
             // Run mutation Add Earth;
@@ -296,11 +297,12 @@ public async Task CreateItemWithAuthPermissions(string roleName, string expected
         /// It throws permission denied error if role doesn't have permission to perform the operation
         /// </summary>
         [TestMethod]
-        [DataRow("field-mutation-with-read-permission", DataApiBuilderException.GRAPHQL_MUTATION_FIELD_AUTHZ_FAILURE)] // exclude and include fields
-        [DataRow("authenticated", null)] // full permission
-        [DataRow("only-update-role", "The mutation operation updateEarth was successful but the current user is unauthorized to view the response due to lack of read permissions")] // if only update permission is there
-        [DataRow("wildcard-exclude-fields-role", DataApiBuilderException.GRAPHQL_MUTATION_FIELD_AUTHZ_FAILURE)] // exclude wildcard
-        [DataRow("only-create-role", "The current user is not authorized to access this resource")] // if update permission is not there
+        [DataRow("field-mutation-with-read-permission", DataApiBuilderException.GRAPHQL_MUTATION_FIELD_AUTHZ_FAILURE, DisplayName = "exclude and include fields")] 
+        [DataRow("authenticated", null, DisplayName = "full permission")]
+        [DataRow("only-update-role", "The mutation operation updateEarth was successful " +
+            "but the current user is unauthorized to view the response due to lack of read permissions", DisplayName = "if only update permission is there")]
+        [DataRow("wildcard-exclude-fields-role", DataApiBuilderException.GRAPHQL_MUTATION_FIELD_AUTHZ_FAILURE, DisplayName = "exclude wildcard")]
+        [DataRow("only-create-role", "The current user is not authorized to access this resource", DisplayName = "if update permission is not there")]
         public async Task UpdateItemWithAuthPermissions(string roleName, string expectedErrorMessage)
         {
             // Create an item with "Authenticated" role
@@ -361,11 +363,13 @@ public async Task UpdateItemWithAuthPermissions(string roleName, string expected
         /// It throws permission denied error if role doesn't have permission to perform the operation
         /// </summary>
         [TestMethod]
-        [DataRow("field-mutation-with-read-permission", null)] // exclude and include fields. Response is BLANK.
-        [DataRow("authenticated", null)] // full permission. Response is BLANK
-        [DataRow("only-delete-role", "The mutation operation deleteEarth was successful but the current user is unauthorized to view the response due to lack of read permissions")] // if only update permission is there
-        [DataRow("wildcard-exclude-fields-role", "The mutation operation deleteEarth was successful but the current user is unauthorized to view the response due to lack of read permissions")] // exclude wildcard
-        [DataRow("only-create-role", "The current user is not authorized to access this resource")] // if update permission is not there
+        [DataRow("field-mutation-with-read-permission", null, DisplayName = " exclude and include fields. Response is BLANK")]
+        [DataRow("authenticated", null, DisplayName = "full permission. Response is BLANK")]
+        [DataRow("only-delete-role", "The mutation operation deleteEarth was successful " +
+            "but the current user is unauthorized to view the response due to lack of read permissions", DisplayName = "if only update permission is there")]
+        [DataRow("wildcard-exclude-fields-role", "The mutation operation deleteEarth was successful " +
+            "but the current user is unauthorized to view the response due to lack of read permissions", DisplayName = "exclude wildcard")]
+        [DataRow("only-create-role", "The current user is not authorized to access this resource", DisplayName = "if update permission is not there")] 
         public async Task DeleteItemWithAuthPermissions(string roleName, string expectedErrorMessage)
         {
             // Create an item with "Authenticated" role

src/Service.Tests/CosmosTests/QueryFilterTests.cs

@@ -176,11 +176,7 @@ public async Task TestStringFiltersOnTwoLevelNestedArrayType()
                 "JOIN d IN b.moreAttributes " +
                 "WHERE d.name = \"moonattr0\"";
 
-            await ExecuteAndValidateResult(
-                _graphQLQueryName,
-                gqlQuery,
-                dbQueryWithJoin,
-                authToken: AuthTestHelper.CreateStaticWebAppsEasyAuthToken(specificRole: AuthorizationType.Authenticated.ToString()));
+            await ExecuteAndValidateResult(_graphQLQueryName, gqlQuery, dbQueryWithJoin);
         }
 
         /// <summary>
@@ -266,8 +262,9 @@ public async Task TestStringMultiFiltersOnArrayTypeWithOrCondition()
             await ExecuteAndValidateResult(_graphQLQueryName, gqlQuery, dbQueryWithJoin);
         }
 
-        private async Task ExecuteAndValidateResult(string graphQLQueryName, string gqlQuery, string dbQuery, string authToken = null)
+        private async Task ExecuteAndValidateResult(string graphQLQueryName, string gqlQuery, string dbQuery)
         {
+            string authToken = AuthTestHelper.CreateStaticWebAppsEasyAuthToken(specificRole: AuthorizationType.Authenticated.ToString());
             JsonElement actual = await ExecuteGraphQLRequestAsync(graphQLQueryName, query: gqlQuery, authToken: authToken);
             JsonDocument expected = await ExecuteCosmosRequestAsync(dbQuery, _pageSize, null, _containerName);
             ValidateResults(actual.GetProperty("items"), expected.RootElement);
@@ -916,7 +913,7 @@ public async Task TestQueryFilterFieldAuth_UnauthorizedField()
                     }
                 }
             }";
-            string clientRoleHeader = AuthorizationType.Anonymous.ToString();
+            string clientRoleHeader = "limited-read-role";
             JsonElement response = await ExecuteGraphQLRequestAsync(
                 queryName: "earths",
                 query: gqlQuery,
@@ -974,7 +971,8 @@ public async Task TestQueryFilterNestedFieldAuth_AuthorizedNestedField()
                 }
             }";
 
-            JsonElement actual = await ExecuteGraphQLRequestAsync(_graphQLQueryName, query: gqlQuery);
+            string authToken = AuthTestHelper.CreateStaticWebAppsEasyAuthToken(specificRole: AuthorizationType.Authenticated.ToString());
+            JsonElement actual = await ExecuteGraphQLRequestAsync(_graphQLQueryName, query: gqlQuery, authToken: authToken);
             Assert.AreEqual(actual.GetProperty("items")[0].GetProperty("earth").GetProperty("id").ToString(), _idList[0]);
         }
 
@@ -1000,7 +998,7 @@ public async Task TestQueryFilterNestedFieldAuth_UnauthorizedNestedField()
                 }
             }";
 
-            string clientRoleHeader = AuthorizationType.Anonymous.ToString();
+            string clientRoleHeader = "limited-read-role";
             JsonElement response = await ExecuteGraphQLRequestAsync(
                 queryName: _graphQLQueryName,
                 query: gqlQuery,

src/Service.Tests/dab-config.CosmosDb_NoSql.json

@@ -293,6 +293,23 @@
             }
           ]
         },
+        {
+          "role": "limited-read-role",
+          "actions": [
+            {
+              "action": "read",
+              "fields": {
+                "exclude": [
+                  "name"
+                ],
+                "include": [
+                  "id",
+                  "type"
+                ]
+              }
+            }
+          ]
+        },
         {
           "role": "field-mutation-with-read-permission",
           "actions": [