1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: AGPL-3.0
7 # Test referential integrity: ensure we cannot leave any object
8 # without owners by deleting a user or group.
13 class OwnerTest < ActiveSupport::TestCase
14 fixtures :users, :groups, :specimens
17 set_user_from_auth :admin_trustedclient
22 [User, Group].each do |o_class|
23 test "create object with legit #{o_class} owner" do
25 o = o_class.create! group_class: "project"
29 i = Specimen.create(owner_uuid: o.uuid)
30 assert i.valid?, "new item should pass validation"
31 assert i.uuid, "new item should have an ID"
32 assert Specimen.where(uuid: i.uuid).any?, "new item should really be in DB"
35 test "create object with non-existent #{o_class} owner" do
36 assert_raises(ActiveRecord::RecordInvalid,
37 "create should fail with random owner_uuid") do
38 Specimen.create!(owner_uuid: o_class.generate_uuid)
41 i = Specimen.create(owner_uuid: o_class.generate_uuid)
42 assert !i.valid?, "object with random owner_uuid should not be valid?"
44 i = Specimen.new(owner_uuid: o_class.generate_uuid)
45 assert !i.valid?, "new item should not pass validation"
46 assert !i.uuid, "new item should not have an ID"
49 [User, Group].each do |new_o_class|
50 test "change owner from legit #{o_class} to legit #{new_o_class} owner" do
51 o = if o_class == Group
52 o_class.create! group_class: "project"
56 i = Specimen.create!(owner_uuid: o.uuid)
58 new_o = if new_o_class == Group
59 new_o_class.create! group_class: "project"
64 assert(Specimen.where(uuid: i.uuid).any?,
65 "new item should really be in DB")
66 assert(i.update_attributes(owner_uuid: new_o.uuid),
67 "should change owner_uuid from #{o.uuid} to #{new_o.uuid}")
71 test "delete #{o_class} that owns nothing" do
73 o = o_class.create! group_class: "project"
77 assert(o_class.where(uuid: o.uuid).any?,
78 "new #{o_class} should really be in DB")
79 assert(o.destroy, "should delete #{o_class} that owns nothing")
80 assert_equal(false, o_class.where(uuid: o.uuid).any?,
81 "#{o.uuid} should not be in DB after deleting")
84 test "change uuid of #{o_class} that owns nothing" do
85 # (we're relying on our admin credentials here)
87 o = o_class.create! group_class: "project"
91 assert(o_class.where(uuid: o.uuid).any?,
92 "new #{o_class} should really be in DB")
94 new_uuid = o.uuid.sub(/..........$/, rand(2**256).to_s(36)[0..9])
95 if o.respond_to? :update_uuid
96 o.update_uuid(new_uuid: new_uuid)
98 assert(o.update_attributes(uuid: new_uuid),
99 "should change #{o_class} uuid from #{old_uuid} to #{new_uuid}")
101 assert_equal(false, o_class.where(uuid: old_uuid).any?,
102 "#{old_uuid} should disappear when renamed to #{new_uuid}")
106 ['users(:active)', 'groups(:aproject)'].each do |ofixt|
107 test "delete #{ofixt} that owns other objects" do
109 assert_equal(true, Specimen.where(owner_uuid: o.uuid).any?,
110 "need something to be owned by #{o.uuid} for this test")
112 skip_check_permissions_against_full_refresh do
113 assert_raises(ActiveRecord::DeleteRestrictionError,
114 "should not delete #{ofixt} that owns objects") do
120 test "change uuid of #{ofixt} that owns other objects" do
122 assert_equal(true, Specimen.where(owner_uuid: o.uuid).any?,
123 "need something to be owned by #{o.uuid} for this test")
124 new_uuid = o.uuid.sub(/..........$/, rand(2**256).to_s(36)[0..9])
125 assert(!o.update_attributes(uuid: new_uuid),
126 "should not change uuid of #{ofixt} that owns objects")
130 test "delete User that owns self" do
132 assert User.where(uuid: o.uuid).any?, "new User should really be in DB"
133 assert_equal(true, o.update_attributes(owner_uuid: o.uuid),
134 "setting owner to self should work")
136 skip_check_permissions_against_full_refresh do
137 assert(o.destroy, "should delete User that owns self")
140 assert_equal(false, User.where(uuid: o.uuid).any?,
141 "#{o.uuid} should not be in DB after deleting")
142 check_permissions_against_full_refresh
145 test "change uuid of User that owns self" do
147 assert User.where(uuid: o.uuid).any?, "new User should really be in DB"
148 assert_equal(true, o.update_attributes(owner_uuid: o.uuid),
149 "setting owner to self should work")
151 new_uuid = o.uuid.sub(/..........$/, rand(2**256).to_s(36)[0..9])
152 o.update_uuid(new_uuid: new_uuid)
153 o = User.find_by_uuid(new_uuid)
154 assert_equal(false, User.where(uuid: old_uuid).any?,
155 "#{old_uuid} should not be in DB after deleting")
156 assert_equal(true, User.where(uuid: new_uuid).any?,
157 "#{new_uuid} should be in DB after renaming")
158 assert_equal(new_uuid, User.where(uuid: new_uuid).first.owner_uuid,
159 "#{new_uuid} should be its own owner in DB after renaming")