1 require 'integration_helper'
3 class AnonymousAccessTest < ActionDispatch::IntegrationTest
4 # These tests don't do state-changing API calls. Save some time by
5 # skipping the database reset.
6 reset_api_fixtures :after_each_test, false
7 reset_api_fixtures :after_suite, true
11 Rails.configuration.anonymous_user_token = api_fixture('api_client_authorizations')['anonymous']['api_token']
14 PUBLIC_PROJECT = "/projects/#{api_fixture('groups')['anonymously_accessible_project']['uuid']}"
16 def verify_site_navigation_anonymous_enabled user, is_active
19 assert_text 'Unrestricted public data'
20 assert_selector 'a', text: 'Projects'
22 assert_text 'indicate that you have read and accepted the user agreement'
24 within('.navbar-fixed-top') do
25 assert_selector 'a', text: Rails.configuration.site_name.downcase
26 assert(page.has_link?("notifications-menu"), 'no user menu')
27 page.find("#notifications-menu").click
28 within('.dropdown-menu') do
29 assert_selector 'a', text: 'Log out'
33 assert_text 'Unrestricted public data'
34 within('.navbar-fixed-top') do
35 assert_text Rails.configuration.site_name.downcase
36 assert_no_selector 'a', text: Rails.configuration.site_name.downcase
37 assert_selector 'a', text: 'Log in'
38 assert_selector 'a', text: 'Browse public projects'
44 [nil, nil, false, false],
45 ['inactive', api_fixture('users')['inactive'], false, false],
46 ['active', api_fixture('users')['active'], true, true],
47 ].each do |token, user, is_active|
48 test "visit public project as user #{token.inspect} when anonymous browsing is enabled" do
52 visit page_with_token(token, PUBLIC_PROJECT)
55 verify_site_navigation_anonymous_enabled user, is_active
59 test "selection actions when anonymous user accesses shared project" do
62 assert_selector 'a', text: 'Description'
63 assert_selector 'a', text: 'Data collections'
64 assert_selector 'a', text: 'Jobs and pipelines'
65 assert_selector 'a', text: 'Pipeline templates'
66 assert_selector 'a', text: 'Subprojects'
67 assert_selector 'a', text: 'Advanced'
68 assert_no_selector 'a', text: 'Other objects'
69 assert_no_selector 'button', text: 'Add data'
71 click_link 'Data collections'
72 click_button 'Selection'
73 within('.selection-action-container') do
74 assert_selector 'li', text: 'Compare selected'
75 assert_no_selector 'li', text: 'Create new collection with selected collections'
76 assert_no_selector 'li', text: 'Copy selected'
77 assert_no_selector 'li', text: 'Move selected'
78 assert_no_selector 'li', text: 'Remove selected'
82 test "anonymous user accesses data collections tab in shared project" do
84 click_link 'Data collections'
85 collection = api_fixture('collections')['user_agreement_in_anonymously_accessible_project']
86 assert_text 'GNU General Public License'
88 assert_selector 'a', text: 'Data collections'
90 # click on show collection
91 within "tr[data-object-uuid=\"#{collection['uuid']}\"]" do
96 assert_no_selector 'input', text: 'Create sharing link'
97 assert_no_text 'Sharing and permissions'
98 assert_no_selector 'a', text: 'Upload'
99 assert_no_selector 'button', 'Selection'
101 within '#collection_files tr,li', text: 'GNU_General_Public_License,_version_3.pdf' do
102 assert page.has_no_selector?('[value*="GNU_General_Public_License"]')
103 find 'a[title~=View]'
104 find 'a[title~=Download]'
109 magic = rand(2**512).to_s 36
110 CollectionsController.any_instance.stubs(:file_enumerator).returns([magic])
111 collection = api_fixture('collections')['public_text_file']
112 visit '/collections/' + collection['uuid']
113 find('tr,li', text: 'Hello world.txt').
114 find('a[title~=View]').click
123 test "anonymous user accesses jobs and pipelines tab in shared project and clicks on #{type}" do
125 click_link 'Data collections'
126 assert_text 'GNU General Public License'
128 click_link 'Jobs and pipelines'
129 assert_text 'Pipeline in publicly accessible project'
131 # click on the specified job
132 if type.include? 'job'
135 verify_pipeline_instance_row
140 def verify_job_row look_for
141 within first('tr', text: look_for) do
144 assert_text 'Public Projects Unrestricted public data'
145 assert_text 'script_version'
147 assert_text 'zzzzz-tpzed-xurymjxw79nv3jz' # modified by user
148 assert_no_selector 'a', text: 'zzzzz-tpzed-xurymjxw79nv3jz'
149 assert_no_selector 'a', text: 'Move job'
150 assert_no_selector 'button', text: 'Cancel'
151 assert_no_selector 'button', text: 'Re-run job'
154 def verify_pipeline_instance_row
155 within first('tr[data-kind="arvados#pipelineInstance"]') do
156 assert_text 'Pipeline in publicly accessible project'
160 # in pipeline instance page
161 assert_text 'Public Projects Unrestricted public data'
162 assert_text 'This pipeline is complete'
163 assert_no_selector 'a', text: 'Re-run with latest'
164 assert_no_selector 'a', text: 'Re-run options'
167 test "anonymous user accesses pipeline templates tab in shared project" do
169 click_link 'Data collections'
170 assert_text 'GNU General Public License'
172 assert_selector 'a', text: 'Pipeline templates'
174 click_link 'Pipeline templates'
175 assert_text 'Pipeline template in publicly accessible project'
177 within first('tr[data-kind="arvados#pipelineTemplate"]') do
182 assert_text 'Public Projects Unrestricted public data'
183 assert_text 'script version'
184 assert_no_selector 'a', text: 'Run this pipeline'
187 test "anonymous user accesses subprojects tab in shared project" do
188 visit PUBLIC_PROJECT + '#Subprojects'
190 assert_text 'Subproject in anonymous accessible project'
192 within first('tr[data-kind="arvados#group"]') do
197 assert_text 'Description for subproject in anonymous accessible project'
201 ['pipeline_in_publicly_accessible_project', true],
202 ['pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false],
203 ['pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false, 'spectator'],
204 ['pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', true, 'admin'],
206 ['completed_job_in_publicly_accessible_project', true],
207 ['job_in_publicly_accessible_project_but_other_objects_elsewhere', false],
208 ].each do |fixture, objects_readable, user=nil|
209 test "access #{fixture} in public project with objects readable=#{objects_readable} with user #{user}" do
210 pipeline_page = true if fixture.include?('pipeline')
213 object = api_fixture('pipeline_instances')[fixture]
214 page = "/pipeline_instances/#{object['uuid']}"
215 expect_log_text = "Log for foo"
217 object = api_fixture('jobs')[fixture]
218 page = "/jobs/#{object['uuid']}"
219 expect_log_text = "stderr crunchstat"
223 visit page_with_token user, page
228 # click job link, if in pipeline page
229 click_link 'foo' if pipeline_page
232 assert_selector 'a[href="#Log"]', text: 'Log'
233 assert_no_selector 'a[data-toggle="disabled"]', text: 'Log'
234 assert_no_text 'Output data not available'
236 assert_text 'This pipeline was created from'
237 assert_selector 'a', text: object['components']['foo']['job']['uuid']
238 # We'd like to test the Log tab on job pages too, but we can't right
239 # now because Poltergeist 1.x doesn't support JavaScript's
240 # Function.prototype.bind, which is used by job_log_graph.js.
242 assert_text expect_log_text
245 assert_selector 'a[data-toggle="disabled"]', text: 'Log'
246 assert_text 'Output data not available'
247 assert_text object['job']
249 assert_no_text 'This pipeline was created from' # template is not readable
250 assert_no_selector 'a', text: object['components']['foo']['job']['uuid']
253 assert_text 'Output data not available'
254 assert_no_text expect_log_text
260 ['new_pipeline_in_publicly_accessible_project', true],
261 ['new_pipeline_in_publicly_accessible_project', true, 'spectator'],
262 ['new_pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false],
263 ['new_pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false, 'spectator'],
264 ['new_pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', true, 'admin'],
265 ['new_pipeline_in_publicly_accessible_project_with_dataclass_file_and_other_objects_elsewhere', false],
266 ['new_pipeline_in_publicly_accessible_project_with_dataclass_file_and_other_objects_elsewhere', false, 'spectator'],
267 ['new_pipeline_in_publicly_accessible_project_with_dataclass_file_and_other_objects_elsewhere', true, 'admin'],
268 ].each do |fixture, objects_readable, user=nil|
269 test "access #{fixture} in public project with objects readable=#{objects_readable} with user #{user}" do
270 object = api_fixture('pipeline_instances')[fixture]
271 page = "/pipeline_instances/#{object['uuid']}"
273 visit page_with_token user, page
278 # click Components tab
279 click_link 'Components'
282 assert_text 'This pipeline was created from'
285 assert_selector 'a', text: 'Choose'
286 assert_selector 'a', text: 'Run'
287 assert_no_selector 'a.disabled', text: 'Run'
289 assert_selector 'a', text: object['components']['foo']['script_parameters']['input']['value']
290 user ? (assert_selector 'a', text: 'Run') : (assert_no_selector 'a', text: 'Run')
293 assert_no_text 'This pipeline was created from' # template is not readable
294 input = object['components']['foo']['script_parameters']['input']['value']
295 assert_no_selector 'a', text: input
297 input = input.gsub('/', '\\/')
298 assert_text "One or more inputs provided are not readable"
299 assert_selector "input[type=text][value=#{input}]"
300 assert_selector 'a.disabled', text: 'Run'
302 assert_no_text "One or more inputs provided are not readable"
304 assert_no_selector 'a', text: 'Run'
310 test "anonymous user accesses collection in shared project" do
311 visit "/collections/#{api_fixture('collections')['public_text_file']['uuid']}"
314 assert_text 'Public Projects Unrestricted public data'
315 assert_text 'Hello world'
316 assert_text 'Content address'
317 assert_selector 'a', text: 'Provenance graph'