2 require 'helpers/git_test_helper'
4 class RepositoryTest < ActiveSupport::TestCase
7 def new_repo(owner_key, attrs={})
8 set_user_from_auth owner_key
9 owner = users(owner_key)
10 Repository.new({owner_uuid: owner.uuid}.merge(attrs))
13 def changed_repo(repo_key, changes)
14 repo = repositories(repo_key)
15 changes.each_pair { |attr, value| repo.send("#{attr}=".to_sym, value) }
19 def default_git_url(repo_name, user_name=nil)
21 "git@git.%s.arvadosapi.com:%s/%s.git" %
22 [Rails.configuration.uuid_prefix, user_name, repo_name]
24 "git@git.%s.arvadosapi.com:%s.git" %
25 [Rails.configuration.uuid_prefix, repo_name]
29 def assert_server_path(path_tail, repo_sym)
30 assert_equal(File.join(Rails.configuration.git_repositories_dir, path_tail),
31 repositories(repo_sym).server_path)
36 {active: "active/", admin: "admin/", system_user: ""}.
37 each_pair do |user_sym, name_prefix|
38 test "valid names for #{user_sym} repo" do
39 %w(a aa a0 aA Aa AA A0).each do |name|
40 repo = new_repo(user_sym, name: name_prefix + name)
45 test "name is required for #{user_sym} repo" do
46 refute(new_repo(user_sym).valid?)
49 test "repo name beginning with numeral is invalid for #{user_sym}" do
50 repo = new_repo(user_sym, name: "#{name_prefix}0a")
54 test "name containing bad char is invalid for #{user_sym}" do
55 "\\.-_/!@#$%^&*()[]{}".each_char do |bad_char|
56 repo = new_repo(user_sym, name: "#{name_prefix}bad#{bad_char}reponame")
62 test "admin can create valid repo for other user with correct name prefix" do
63 owner = users(:active)
64 repo = new_repo(:admin, name: "#{owner.username}/validnametest",
65 owner_uuid: owner.uuid)
69 test "admin can create valid system repo without name prefix" do
70 repo = new_repo(:admin, name: "validnametest",
71 owner_uuid: users(:system_user).uuid)
75 test "repo name prefix must match owner_uuid username" do
76 repo = new_repo(:admin, name: "admin/badusernametest",
77 owner_uuid: users(:active).uuid)
81 test "repo name prefix must be empty for system repo" do
82 repo = new_repo(:admin, name: "root/badprefixtest",
83 owner_uuid: users(:system_user).uuid)
89 test "name must be unique per user" do
90 repo = new_repo(:active, name: repositories(:foo).name)
94 test "name can be duplicated across users" do
95 repo = new_repo(:active, name: "active/#{repositories(:arvados).name}")
99 test "repository cannot be owned by a group" do
100 set_user_from_auth :active
101 repo = Repository.new(owner_uuid: groups(:all_users).uuid,
102 name: "ownedbygroup")
104 refute_empty(repo.errors[:owner_uuid] || [])
110 repo = new_repo(:active, name: "active/fetchtest")
112 assert_equal(default_git_url("fetchtest", "active"), repo.fetch_url)
115 test "fetch_url owned by system user" do
116 set_user_from_auth :admin
117 repo = Repository.new(owner_uuid: users(:system_user).uuid,
120 assert_equal(default_git_url("fetchtest"), repo.fetch_url)
124 repo = new_repo(:active, name: "active/pushtest")
126 assert_equal(default_git_url("pushtest", "active"), repo.push_url)
129 test "push_url owned by system user" do
130 set_user_from_auth :admin
131 repo = Repository.new(owner_uuid: users(:system_user).uuid,
134 assert_equal(default_git_url("pushtest"), repo.push_url)
139 test "disk path stored by UUID" do
140 assert_server_path("zzzzz-s0uqq-382brsig8rp3666/.git", :foo)
143 test "disk path stored by name" do
144 assert_server_path("arvados/.git", :arvados)
147 test "disk path for repository not on disk" do
148 assert_nil(Repository.new.server_path)
151 ### Repository creation
153 test "non-admin can create a repository for themselves" do
154 repo = new_repo(:active, name: "active/newtestrepo")
158 test "non-admin can't create a repository for another visible user" do
159 repo = new_repo(:active, name: "repoforanon",
160 owner_uuid: users(:anonymous).uuid)
161 assert_not_allowed { repo.save }
164 test "admin can create a repository for themselves" do
165 repo = new_repo(:admin, name: "admin/newtestrepo")
169 test "admin can create a repository for others" do
170 repo = new_repo(:admin, name: "active/repoforactive",
171 owner_uuid: users(:active).uuid)
175 test "admin can create a system repository" do
176 repo = new_repo(:admin, name: "repoforsystem",
177 owner_uuid: users(:system_user).uuid)
181 ### Repository destruction
183 test "non-admin can destroy their own repository" do
184 set_user_from_auth :active
185 assert(repositories(:foo).destroy)
188 test "non-admin can't destroy others' repository" do
189 set_user_from_auth :active
190 assert_not_allowed { repositories(:repository3).destroy }
193 test "non-admin can't destroy system repository" do
194 set_user_from_auth :active
195 assert_not_allowed { repositories(:arvados).destroy }
198 test "admin can destroy their own repository" do
199 set_user_from_auth :admin
200 assert(repositories(:repository3).destroy)
203 test "admin can destroy others' repository" do
204 set_user_from_auth :admin
205 assert(repositories(:foo).destroy)
208 test "admin can destroy system repository" do
209 set_user_from_auth :admin
210 assert(repositories(:arvados).destroy)
213 ### Changing ownership
215 test "non-admin can't make their repository a system repository" do
216 set_user_from_auth :active
217 repo = changed_repo(:foo, owner_uuid: users(:system_user).uuid)
218 assert_not_allowed { repo.save }
221 test "admin can give their repository to someone else" do
222 set_user_from_auth :admin
223 repo = changed_repo(:repository3, owner_uuid: users(:active).uuid,
228 test "admin can make their repository a system repository" do
229 set_user_from_auth :admin
230 repo = changed_repo(:repository3, owner_uuid: users(:system_user).uuid,
235 test 'write permission allows changing modified_at' do
236 act_as_user users(:active) do
237 r = repositories(:foo)
238 modtime_was = r.modified_at
239 r.modified_at = Time.now
241 assert_operator modtime_was, :<, r.modified_at
245 test 'write permission necessary for changing modified_at' do
246 act_as_user users(:spectator) do
247 r = repositories(:foo)
248 modtime_was = r.modified_at
249 r.modified_at = Time.now
250 assert_raises ArvadosModel::PermissionDeniedError do
254 assert_equal modtime_was, r.modified_at
260 test "non-admin can rename own repo" do
261 act_as_user users(:active) do
262 assert repositories(:foo).update_attributes(name: 'active/foo12345')
266 test "top level repo can be touched by non-admin with can_manage" do
267 add_permission_link users(:active), repositories(:arvados), 'can_manage'
268 act_as_user users(:active) do
269 assert changed_repo(:arvados, modified_at: Time.now).save
273 test "top level repo cannot be renamed by non-admin with can_manage" do
274 add_permission_link users(:active), repositories(:arvados), 'can_manage'
275 act_as_user users(:active) do
276 assert_not_allowed { changed_repo(:arvados, name: 'xarvados').save }