// SPDX-License-Identifier: AGPL-3.0
describe('Login tests', function() {
+ let activeUser;
+ let inactiveUser;
+ let adminUser;
+
before(function() {
- cy.resetDB();
+ // Only set up common users once. These aren't set up as aliases because
+ // aliases are cleaned up after every test. Also it doesn't make sense
+ // to set the same users on beforeEach() over and over again, so we
+ // separate a little from Cypress' 'Best Practices' here.
+ cy.getUser('admin', 'Admin', 'User', true, true)
+ .as('adminUser').then(function() {
+ adminUser = this.adminUser;
+ }
+ );
+ cy.getUser('active', 'Active', 'User', false, true)
+ .as('activeUser').then(function() {
+ activeUser = this.activeUser;
+ }
+ );
+ cy.getUser('inactive', 'Inactive', 'User', false, false)
+ .as('inactiveUser').then(function() {
+ inactiveUser = this.inactiveUser;
+ }
+ );
})
beforeEach(function() {
- cy.arvadosFixture('users').as('users')
- cy.arvadosFixture('api_client_authorizations').as('client_auth')
cy.clearCookies()
cy.clearLocalStorage()
})
- it('logs in successfully with correct token', function() {
- const active_user = this.users['active']
- const active_token = this.client_auth['active']['api_token']
- cy.visit('/token/?api_token='+active_token)
- cy.url().should('contain', '/projects/')
- cy.get('button[title="Account Management"]').click()
- cy.get('ul[role=menu] > li[role=menuitem]').contains(`${active_user['first_name']} ${active_user['last_name']}`)
- })
-
- it('fails to log in with expired token', function() {
- const expired_token = this.client_auth['expired']['api_token']
- cy.visit('/token/?api_token='+expired_token)
- cy.contains('Please log in')
+ it('shows login page on first visit', function() {
+ cy.visit('/')
+ cy.get('div#root').should('contain', 'Please log in')
cy.url().should('not.contain', '/projects/')
})
- it('fails to log in with no token', function() {
+ it('shows login page with no token', function() {
cy.visit('/token/?api_token=')
- cy.contains('Please log in')
+ cy.get('div#root').should('contain', 'Please log in')
cy.url().should('not.contain', '/projects/')
})
- it('shows login page on first visit', function() {
- cy.visit('/')
- cy.contains('Please log in')
+ it('shows inactive page to inactive user', function() {
+ cy.visit(`/token/?api_token=${inactiveUser.token}`)
+ cy.get('div#root').should('contain', 'Your account is inactive');
+ })
+
+ it('shows login page with invalid token', function() {
+ cy.visit('/token/?api_token=nope')
+ cy.get('div#root').should('contain', 'Please log in')
cy.url().should('not.contain', '/projects/')
})
+
+ it('logs in successfully with valid user token', function() {
+ cy.visit(`/token/?api_token=${activeUser.token}`);
+ cy.url().should('contain', '/projects/');
+ cy.get('div#root').should('not.contain', 'Your account is inactive');
+ cy.get('button[title="Account Management"]').click();
+ cy.get('ul[role=menu] > li[role=menuitem]').contains(
+ `${activeUser.user.first_name} ${activeUser.user.last_name}`);
+ })
+
+ it('logs in successfully with valid admin token', function() {
+ cy.visit(`/token/?api_token=${adminUser.token}`);
+ cy.url().should('contain', '/projects/');
+ cy.get('div#root').should('not.contain', 'Your account is inactive');
+ cy.get('button[title="Admin Panel"]').click();
+ cy.get('ul[role=menu] > li[role=menuitem]')
+ .contains('Repositories')
+ .type('{esc}');
+ cy.get('button[title="Account Management"]').click();
+ cy.get('ul[role=menu] > li[role=menuitem]').contains(
+ `${adminUser.user.first_name} ${adminUser.user.last_name}`);
+ })
})
\ No newline at end of file
// -- This will overwrite an existing command --
// Cypress.Commands.overwrite("visit", (originalFn, url, options) => { ... })
-const YAML = require('yamljs');
-const arvadosFixturesDir = Cypress.env('fixtures');
const controllerURL = Cypress.env('controller_url');
const systemToken = Cypress.env('system_token');
Cypress.Commands.add(
- "arvadosFixture", (name) => {
- return cy.readFile(arvadosFixturesDir+'/'+name+'.yml').then(
- function (str) {
- return YAML.parse(str);
- }
- )
+ "do_request", (method='GET', path='', data=null, qs=null,
+ token=systemToken, auth=false, followRedirect=true) => {
+ return cy.request({
+ method: method,
+ url: `${controllerURL}/${path}`,
+ body: data,
+ qs: auth ? qs : Object.assign({api_token: token}, qs),
+ auth: auth ? {bearer: `${token}`} : undefined,
+ followRedirect: followRedirect
+ })
}
)
+// This resets the DB removing all content and seeding it with the fixtures.
+// TODO: Maybe we can add an optional param to avoid the loading part?
Cypress.Commands.add(
"resetDB", () => {
cy.request('POST', `${controllerURL}/database/reset?api_token=${systemToken}`);
}
-)
\ No newline at end of file
+)
+
+Cypress.Commands.add("getUser", (username, first_name='', last_name='', is_admin=false, is_active=true) => {
+ // Create user if not already created
+ return cy.do_request('POST', '/auth/controller/callback', {
+ auth_info: JSON.stringify({
+ email: `${username}@example.local`,
+ username: username,
+ first_name: first_name,
+ last_name: last_name,
+ alternate_emails: []
+ }),
+ return_to: ',https://example.local'
+ }, null, systemToken, true, false) // Don't follow redirects so we can catch the token
+ .its('headers.location').as('location')
+ // Get its token and set the account up as admin and/or active
+ .then(function() {
+ this.userToken = this.location.split("=")[1]
+ assert.isString(this.userToken)
+ return cy.do_request('GET', '/arvados/v1/users', null, {
+ filters: `[["username", "=", "${username}"]]`
+ })
+ .its('body.items.0')
+ .as('aUser')
+ .then(function() {
+ cy.do_request('PUT', `/arvados/v1/users/${this.aUser.uuid}`, {
+ user: {
+ is_admin: is_admin,
+ is_active: is_active
+ }
+ })
+ .its('body')
+ .as('theUser')
+ .then(function() {
+ return {user: this.theUser, token: this.userToken};
+ })
+ })
+ })
+})