3 class ApiClientAuthorizationsApiTest < ActionDispatch::IntegrationTest
6 test "create system auth" do
7 post "/arvados/v1/api_client_authorizations/create_system_auth", {:format => :json, :scopes => ['test'].to_json}, {'HTTP_AUTHORIZATION' => "OAuth2 #{api_client_authorizations(:admin_trustedclient).api_token}"}
8 assert_response :success
11 test "create token for different user" do
12 post "/arvados/v1/api_client_authorizations", {
14 :api_client_authorization => {
15 :owner_uuid => users(:spectator).uuid
17 }, {'HTTP_AUTHORIZATION' => "OAuth2 #{api_client_authorizations(:admin_trustedclient).api_token}"}
18 assert_response :success
20 get "/arvados/v1/users/current", {
22 }, {'HTTP_AUTHORIZATION' => "OAuth2 #{jresponse['api_token']}"}
24 assert_equal users(:spectator).uuid, jresponse['uuid']
27 test "refuse to create token for different user if not trusted client" do
28 post "/arvados/v1/api_client_authorizations", {
30 :api_client_authorization => {
31 :owner_uuid => users(:spectator).uuid
33 }, {'HTTP_AUTHORIZATION' => "OAuth2 #{api_client_authorizations(:admin).api_token}"}
37 test "refuse to create token for different user if not admin" do
38 post "/arvados/v1/api_client_authorizations", {
40 :api_client_authorization => {
41 :owner_uuid => users(:spectator).uuid
43 }, {'HTTP_AUTHORIZATION' => "OAuth2 #{api_client_authorizations(:active_trustedclient).api_token}"}