1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: AGPL-3.0
5 require 'integration_helper'
8 class LinkAccountTest < ActionDispatch::IntegrationTest
13 def start_sso_stub token
14 port = available_port('sso_stub')
16 s = WEBrick::HTTPServer.new(
18 :BindAddress => 'localhost',
19 :Logger => WEBrick::Log.new('/dev/null', WEBrick::BasicLog::DEBUG),
20 :AccessLog => [nil,nil]
23 s.mount_proc("/login"){|req, res|
24 res.set_redirect(WEBrick::HTTPStatus::TemporaryRedirect, req.query["return_to"] + "&api_token=#{token}")
32 "http://localhost:#{port}/"
35 test "Add another login to this account" do
36 visit page_with_token('active_trustedclient')
37 stub = start_sso_stub(api_fixture('api_client_authorizations')['project_viewer_trustedclient']['api_token'])
38 Rails.configuration.arvados_login_base = stub + "login"
40 find("#notifications-menu").click
41 assert_text "active-user@arvados.local"
43 find("a", text: "Link account").click
44 find("button", text: "Add another login to this account").click
46 find("#notifications-menu").click
47 assert_text "project-viewer@arvados.local"
49 find("button", text: "Link accounts").click
51 find("#notifications-menu").click
52 assert_text "active-user@arvados.local"
55 test "Use this login to access another account" do
56 visit page_with_token('project_viewer_trustedclient')
57 stub = start_sso_stub(api_fixture('api_client_authorizations')['active_trustedclient']['api_token'])
58 Rails.configuration.arvados_login_base = stub + "login"
60 find("#notifications-menu").click
61 assert_text "project-viewer@arvados.local"
63 find("a", text: "Link account").click
64 find("button", text: "Use this login to access another account").click
66 find("#notifications-menu").click
67 assert_text "active-user@arvados.local"
69 find("button", text: "Link accounts").click
71 find("#notifications-menu").click
72 assert_text "active-user@arvados.local"
75 test "Link login of inactive user to this account" do
76 visit page_with_token('active_trustedclient')
77 stub = start_sso_stub(api_fixture('api_client_authorizations')['inactive_uninvited_trustedclient']['api_token'])
78 Rails.configuration.arvados_login_base = stub + "login"
80 find("#notifications-menu").click
81 assert_text "active-user@arvados.local"
83 find("a", text: "Link account").click
84 find("button", text: "Add another login to this account").click
86 find("#notifications-menu").click
87 assert_text "inactive-uninvited-user@arvados.local"
89 find("button", text: "Link accounts").click
91 find("#notifications-menu").click
92 assert_text "active-user@arvados.local"
95 test "Cannot link to inactive user" do
96 visit page_with_token('active_trustedclient')
97 stub = start_sso_stub(api_fixture('api_client_authorizations')['inactive_uninvited_trustedclient']['api_token'])
98 Rails.configuration.arvados_login_base = stub + "login"
100 find("#notifications-menu").click
101 assert_text "active-user@arvados.local"
103 find("a", text: "Link account").click
104 find("button", text: "Use this login to access another account").click
106 find("#notifications-menu").click
107 assert_text "inactive-uninvited-user@arvados.local"
109 assert_text "Cannot link active-user@arvados.local"
111 assert find("#link-account-submit")['disabled']
113 find("button", text: "Cancel").click
115 find("#notifications-menu").click
116 assert_text "active-user@arvados.local"
119 test "Inactive user can link to active account" do
120 visit page_with_token('inactive_uninvited_trustedclient')
121 stub = start_sso_stub(api_fixture('api_client_authorizations')['active_trustedclient']['api_token'])
122 Rails.configuration.arvados_login_base = stub + "login"
124 find("#notifications-menu").click
125 assert_text "inactive-uninvited-user@arvados.local"
127 assert_text "Already have an account with a different login?"
129 find("a", text: "Link this login to your existing account").click
131 assert_no_text "Add another login to this account"
133 find("button", text: "Use this login to access another account").click
135 find("#notifications-menu").click
136 assert_text "active-user@arvados.local"
138 find("button", text: "Link accounts").click
140 find("#notifications-menu").click
141 assert_text "active-user@arvados.local"
144 test "Admin cannot link to non-admin" do
145 visit page_with_token('admin_trustedclient')
146 stub = start_sso_stub(api_fixture('api_client_authorizations')['active_trustedclient']['api_token'])
147 Rails.configuration.arvados_login_base = stub + "login"
149 find("#notifications-menu").click
150 assert_text "admin@arvados.local"
152 find("a", text: "Link account").click
153 find("button", text: "Use this login to access another account").click
155 find("#notifications-menu").click
156 assert_text "active-user@arvados.local"
158 assert_text "Cannot link admin account admin@arvados.local"
160 assert find("#link-account-submit")['disabled']
162 find("button", text: "Cancel").click
164 find("#notifications-menu").click
165 assert_text "admin@arvados.local"