3 class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::TestCase
4 test "should get index" do
5 authorize_with :active_trustedclient
7 assert_response :success
10 test "should not get index with expired auth" do
11 authorize_with :expired
12 get :index, format: :json
16 test "should not get index from untrusted client" do
17 authorize_with :active
22 test "create system auth" do
23 authorize_with :admin_trustedclient
24 post :create_system_auth, scopes: '["test"]'
25 assert_response :success
28 test "prohibit create system auth with token from non-trusted client" do
30 post :create_system_auth, scopes: '["test"]'
34 test "prohibit create system auth by non-admin" do
35 authorize_with :active
36 post :create_system_auth, scopes: '["test"]'
40 test "admin search filters where scopes exactly match" do
41 def check_tokens_by_scopes(scopes, *expected_tokens)
42 expected_tokens.map! { |name| api_client_authorizations(name).api_token }
43 get :index, where: {scopes: scopes}
44 assert_response :success
45 got_tokens = JSON.parse(@response.body)['items']
46 .map { |auth| auth['api_token'] }
47 assert_equal(expected_tokens.sort, got_tokens.sort,
48 "wrong results for scopes = #{scopes}")
50 authorize_with :admin_trustedclient
51 check_tokens_by_scopes([], :admin_noscope)
52 authorize_with :active_trustedclient
53 check_tokens_by_scopes(["GET /arvados/v1/users"], :active_userlist)
54 check_tokens_by_scopes(["POST /arvados/v1/api_client_authorizations",
55 "GET /arvados/v1/api_client_authorizations"],