18562: Add upgrade note about new config key.
[arvados.git] / apps / workbench / test / controllers / users_controller_test.rb
1 # Copyright (C) The Arvados Authors. All rights reserved.
2 #
3 # SPDX-License-Identifier: AGPL-3.0
4
5 require 'test_helper'
6
7 class UsersControllerTest < ActionController::TestCase
8
9   test "valid token works in controller test" do
10     get :index, params: {}, session: session_for(:active)
11     assert_response :success
12   end
13
14   test "ignore previously valid token (for deleted user), don't crash" do
15     get :activity, params: {}, session: session_for(:valid_token_deleted_user)
16     assert_response :redirect
17     assert_match /^#{Rails.configuration.Services.Controller.ExternalURL}\/login/, @response.redirect_url
18     assert_nil assigns(:my_jobs)
19     assert_nil assigns(:my_ssh_keys)
20   end
21
22   test "expired token redirects to api server login" do
23     get :show, params: {
24       id: api_fixture('users')['active']['uuid']
25     }, session: session_for(:expired_trustedclient)
26     assert_response :redirect
27     assert_match /^#{Rails.configuration.Services.Controller.ExternalURL}\/login/, @response.redirect_url
28     assert_nil assigns(:my_jobs)
29     assert_nil assigns(:my_ssh_keys)
30   end
31
32   test "show welcome page if no token provided" do
33     get :index, params: {}
34     assert_response :redirect
35     assert_match /\/users\/welcome/, @response.redirect_url
36   end
37
38   test "'log in as user' feature uses a v2 token" do
39     post :sudo, params: {
40       id: api_fixture('users')['active']['uuid']
41     }, session: session_for('admin_trustedclient')
42     assert_response :redirect
43     assert_match /api_token=v2%2F/, @response.redirect_url
44   end
45
46   test "request shell access" do
47     user = api_fixture('users')['spectator']
48
49     ActionMailer::Base.deliveries = []
50
51     post :request_shell_access, params: {
52       id: user['uuid'],
53       format: 'js'
54     }, session: session_for(:spectator)
55     assert_response :success
56
57     full_name = "#{user['first_name']} #{user['last_name']}"
58     expected = "Shell account request from #{full_name} (#{user['email']}, #{user['uuid']})"
59     found_email = 0
60     ActionMailer::Base.deliveries.each do |email|
61       if email.subject.include?(expected)
62         found_email += 1
63         break
64       end
65     end
66     assert_equal 1, found_email, "Expected 1 email after requesting shell access"
67   end
68
69   [
70     'admin',
71     'active',
72   ].each do |username|
73     test "access users page as #{username} and verify show button is available" do
74       admin_user = api_fixture('users','admin')
75       active_user = api_fixture('users','active')
76       get :index, params: {}, session: session_for(username)
77       if username == 'admin'
78         assert_match /<a href="\/projects\/#{admin_user['uuid']}">Home<\/a>/, @response.body
79         assert_match /<a href="\/projects\/#{active_user['uuid']}">Home<\/a>/, @response.body
80         assert_match /href="\/users\/#{admin_user['uuid']}"><i class="fa fa-fw fa-user"><\/i> Show<\/a/, @response.body
81         assert_match /href="\/users\/#{active_user['uuid']}"><i class="fa fa-fw fa-user"><\/i> Show<\/a/, @response.body
82         assert_includes @response.body, admin_user['email']
83         assert_includes @response.body, active_user['email']
84       else
85         refute_match  /Home<\/a>/, @response.body
86         refute_match /href="\/users\/#{admin_user['uuid']}"><i class="fa fa-fw fa-user"><\/i> Show<\/a/, @response.body
87         assert_match /href="\/users\/#{active_user['uuid']}"><i class="fa fa-fw fa-user"><\/i> Show<\/a/, @response.body
88         assert_includes @response.body, active_user['email']
89       end
90     end
91   end
92
93   [
94     'admin',
95     'active',
96   ].each do |username|
97     test "access settings drop down menu as #{username}" do
98       admin_user = api_fixture('users','admin')
99       active_user = api_fixture('users','active')
100       get :show, params: {
101         id: api_fixture('users')[username]['uuid']
102       }, session: session_for(username)
103       if username == 'admin'
104         assert_includes @response.body, admin_user['email']
105         refute_empty css_select('[id="system-menu"]')
106       else
107         assert_includes @response.body, active_user['email']
108         assert_empty css_select('[id="system-menu"]')
109       end
110     end
111   end
112 end