1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
19 "git.arvados.org/arvados.git/lib/controller/rpc"
20 "git.arvados.org/arvados.git/sdk/go/arvados"
21 "git.arvados.org/arvados.git/sdk/go/arvadostest"
22 "github.com/gorilla/mux"
23 check "gopkg.in/check.v1"
26 // Gocheck boilerplate
27 func Test(t *testing.T) {
31 var _ = check.Suite(&RouterSuite{})
33 type RouterSuite struct {
35 stub arvadostest.APIStub
38 func (s *RouterSuite) SetUpTest(c *check.C) {
39 s.stub = arvadostest.APIStub{}
47 func (s *RouterSuite) TestOptions(c *check.C) {
48 token := arvadostest.ActiveToken
49 for _, trial := range []struct {
50 comment string // unparsed -- only used to help match test failures to trials
55 shouldStatus int // zero value means 200
57 withOptions interface{}
61 path: "/arvados/v1/collections/" + arvadostest.FooCollection,
62 shouldCall: "CollectionGet",
63 withOptions: arvados.GetOptions{UUID: arvadostest.FooCollection},
67 path: "/arvados/v1/collections/" + arvadostest.FooCollection,
68 shouldCall: "CollectionUpdate",
69 withOptions: arvados.UpdateOptions{UUID: arvadostest.FooCollection},
73 path: "/arvados/v1/collections/" + arvadostest.FooCollection,
74 shouldCall: "CollectionUpdate",
75 withOptions: arvados.UpdateOptions{UUID: arvadostest.FooCollection},
79 path: "/arvados/v1/collections/" + arvadostest.FooCollection,
80 shouldCall: "CollectionDelete",
81 withOptions: arvados.DeleteOptions{UUID: arvadostest.FooCollection},
85 path: "/arvados/v1/collections",
86 shouldCall: "CollectionCreate",
87 withOptions: arvados.CreateOptions{},
91 path: "/arvados/v1/collections",
92 shouldCall: "CollectionList",
93 withOptions: arvados.ListOptions{Limit: -1},
97 path: "/arvados/v1/api_client_authorizations",
98 shouldCall: "APIClientAuthorizationList",
99 withOptions: arvados.ListOptions{Limit: -1},
103 path: "/arvados/v1/collections?limit=123&offset=456&include_trash=true&include_old_versions=1",
104 shouldCall: "CollectionList",
105 withOptions: arvados.ListOptions{Limit: 123, Offset: 456, IncludeTrash: true, IncludeOldVersions: true},
109 path: "/arvados/v1/collections?limit=123&_method=GET",
110 body: `{"offset":456,"include_trash":true,"include_old_versions":true}`,
111 shouldCall: "CollectionList",
112 withOptions: arvados.ListOptions{Limit: 123, Offset: 456, IncludeTrash: true, IncludeOldVersions: true},
116 path: "/arvados/v1/collections?limit=123",
117 body: `{"offset":456,"include_trash":true,"include_old_versions":true}`,
118 header: http.Header{"X-Http-Method-Override": {"GET"}, "Content-Type": {"application/json"}},
119 shouldCall: "CollectionList",
120 withOptions: arvados.ListOptions{Limit: 123, Offset: 456, IncludeTrash: true, IncludeOldVersions: true},
124 path: "/arvados/v1/collections?limit=123",
125 body: "offset=456&include_trash=true&include_old_versions=1&_method=GET",
126 header: http.Header{"Content-Type": {"application/x-www-form-urlencoded"}},
127 shouldCall: "CollectionList",
128 withOptions: arvados.ListOptions{Limit: 123, Offset: 456, IncludeTrash: true, IncludeOldVersions: true},
131 comment: "form-encoded expression filter in query string",
133 path: "/arvados/v1/collections?filters=[%22(foo<bar)%22]",
134 shouldCall: "CollectionList",
135 withOptions: arvados.ListOptions{Limit: -1, Filters: []arvados.Filter{{"(foo<bar)", "=", true}}},
138 comment: "form-encoded expression filter in POST body",
140 path: "/arvados/v1/collections",
141 body: "filters=[\"(foo<bar)\"]&_method=GET",
142 header: http.Header{"Content-Type": {"application/x-www-form-urlencoded"}},
143 shouldCall: "CollectionList",
144 withOptions: arvados.ListOptions{Limit: -1, Filters: []arvados.Filter{{"(foo<bar)", "=", true}}},
147 comment: "json-encoded expression filter in POST body",
149 path: "/arvados/v1/collections?_method=GET",
150 body: `{"filters":["(foo<bar)",["bar","=","baz"]],"limit":2}`,
151 header: http.Header{"Content-Type": {"application/json"}},
152 shouldCall: "CollectionList",
153 withOptions: arvados.ListOptions{Limit: 2, Filters: []arvados.Filter{{"(foo<bar)", "=", true}, {"bar", "=", "baz"}}},
156 comment: "json-encoded select param in query string",
158 path: "/arvados/v1/collections/" + arvadostest.FooCollection + "?select=[%22portable_data_hash%22]",
159 shouldCall: "CollectionGet",
160 withOptions: arvados.GetOptions{UUID: arvadostest.FooCollection, Select: []string{"portable_data_hash"}},
164 path: "/arvados/v1/collections",
165 shouldStatus: http.StatusMethodNotAllowed,
169 path: "/arvados/v1/collections",
170 shouldStatus: http.StatusMethodNotAllowed,
174 path: "/arvados/v1/collections",
175 shouldStatus: http.StatusMethodNotAllowed,
178 comment: "container log webdav GET root",
180 path: "/arvados/v1/containers/" + arvadostest.CompletedContainerUUID + "/log/",
181 shouldCall: "ContainerLog",
182 withOptions: arvados.ContainerLogOptions{
183 UUID: arvadostest.CompletedContainerUUID,
184 WebDAVOptions: arvados.WebDAVOptions{
186 Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
190 comment: "container log webdav GET root without trailing slash",
192 path: "/arvados/v1/containers/" + arvadostest.CompletedContainerUUID + "/log",
193 shouldCall: "ContainerLog",
194 withOptions: arvados.ContainerLogOptions{
195 UUID: arvadostest.CompletedContainerUUID,
196 WebDAVOptions: arvados.WebDAVOptions{
198 Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
202 comment: "container log webdav OPTIONS root",
204 path: "/arvados/v1/containers/" + arvadostest.CompletedContainerUUID + "/log/",
205 shouldCall: "ContainerLog",
206 withOptions: arvados.ContainerLogOptions{
207 UUID: arvadostest.CompletedContainerUUID,
208 WebDAVOptions: arvados.WebDAVOptions{
210 Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
214 comment: "container log webdav OPTIONS root without trailing slash",
216 path: "/arvados/v1/containers/" + arvadostest.CompletedContainerUUID + "/log",
217 shouldCall: "ContainerLog",
218 withOptions: arvados.ContainerLogOptions{
219 UUID: arvadostest.CompletedContainerUUID,
220 WebDAVOptions: arvados.WebDAVOptions{
222 Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
226 comment: "container log webdav PROPFIND root",
228 path: "/arvados/v1/containers/" + arvadostest.CompletedContainerUUID + "/log/",
229 shouldCall: "ContainerLog",
230 withOptions: arvados.ContainerLogOptions{
231 UUID: arvadostest.CompletedContainerUUID,
232 WebDAVOptions: arvados.WebDAVOptions{
234 Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
238 comment: "container log webdav PROPFIND root without trailing slash",
240 path: "/arvados/v1/containers/" + arvadostest.CompletedContainerUUID + "/log",
241 shouldCall: "ContainerLog",
242 withOptions: arvados.ContainerLogOptions{
243 UUID: arvadostest.CompletedContainerUUID,
244 WebDAVOptions: arvados.WebDAVOptions{
246 Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
250 comment: "container log webdav no_forward=true",
252 path: "/arvados/v1/containers/" + arvadostest.CompletedContainerUUID + "/log/?no_forward=true",
253 shouldCall: "ContainerLog",
254 withOptions: arvados.ContainerLogOptions{
255 UUID: arvadostest.CompletedContainerUUID,
257 WebDAVOptions: arvados.WebDAVOptions{
259 Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
263 comment: "/logX does not route to ContainerLog",
265 path: "/arvados/v1/containers/" + arvadostest.CompletedContainerUUID + "/logX",
266 shouldStatus: http.StatusNotFound,
270 // Reset calls captured in previous trial
271 s.stub = arvadostest.APIStub{}
273 c.Logf("trial: %+v", trial)
274 comment := check.Commentf("trial comment: %s", trial.comment)
276 _, rr := doRequest(c, s.rtr, token, trial.method, trial.path, trial.header, bytes.NewBufferString(trial.body), nil)
277 if trial.shouldStatus == 0 {
278 c.Check(rr.Code, check.Equals, http.StatusOK, comment)
280 c.Check(rr.Code, check.Equals, trial.shouldStatus, comment)
282 calls := s.stub.Calls(nil)
283 if trial.shouldCall == "" {
284 c.Check(calls, check.HasLen, 0, comment)
285 } else if len(calls) != 1 {
286 c.Check(calls, check.HasLen, 1, comment)
288 c.Check(calls[0].Method, isMethodNamed, trial.shouldCall, comment)
289 c.Check(calls[0].Options, check.DeepEquals, trial.withOptions, comment)
294 var _ = check.Suite(&RouterIntegrationSuite{})
296 type RouterIntegrationSuite struct {
300 func (s *RouterIntegrationSuite) SetUpTest(c *check.C) {
301 cluster := &arvados.Cluster{}
302 cluster.TLS.Insecure = true
303 arvadostest.SetServiceURL(&cluster.Services.RailsAPI, "https://"+os.Getenv("ARVADOS_TEST_API_HOST"))
304 url, _ := url.Parse("https://" + os.Getenv("ARVADOS_TEST_API_HOST"))
305 s.rtr = New(rpc.NewConn("zzzzz", url, true, rpc.PassthroughTokenProvider), Config{})
308 func (s *RouterIntegrationSuite) TearDownSuite(c *check.C) {
309 err := arvados.NewClientFromEnv().RequestAndDecode(nil, "POST", "database/reset", nil, nil)
310 c.Check(err, check.IsNil)
313 func (s *RouterIntegrationSuite) TestCollectionResponses(c *check.C) {
314 token := arvadostest.ActiveTokenV2
316 // Check "get collection" response has "kind" key
317 jresp := map[string]interface{}{}
318 _, rr := doRequest(c, s.rtr, token, "GET", `/arvados/v1/collections`, nil, bytes.NewBufferString(`{"include_trash":true}`), jresp)
319 c.Check(rr.Code, check.Equals, http.StatusOK)
320 c.Check(jresp["items"], check.FitsTypeOf, []interface{}{})
321 c.Check(jresp["kind"], check.Equals, "arvados#collectionList")
322 c.Check(jresp["items"].([]interface{})[0].(map[string]interface{})["kind"], check.Equals, "arvados#collection")
324 // Check items in list response have a "kind" key regardless
325 // of whether a uuid/pdh is selected.
326 for _, selectj := range []string{
328 `,"select":["portable_data_hash"]`,
329 `,"select":["name"]`,
330 `,"select":["uuid"]`,
332 jresp := map[string]interface{}{}
333 _, rr = doRequest(c, s.rtr, token, "GET", `/arvados/v1/collections`, nil, bytes.NewBufferString(`{"where":{"uuid":["`+arvadostest.FooCollection+`"]}`+selectj+`}`), jresp)
334 c.Check(rr.Code, check.Equals, http.StatusOK)
335 c.Check(jresp["items"], check.FitsTypeOf, []interface{}{})
336 c.Check(jresp["items_available"], check.FitsTypeOf, float64(0))
337 c.Check(jresp["kind"], check.Equals, "arvados#collectionList")
338 item0 := jresp["items"].([]interface{})[0].(map[string]interface{})
339 c.Check(item0["kind"], check.Equals, "arvados#collection")
340 if selectj == "" || strings.Contains(selectj, "portable_data_hash") {
341 c.Check(item0["portable_data_hash"], check.Equals, arvadostest.FooCollectionPDH)
343 c.Check(item0["portable_data_hash"], check.IsNil)
345 if selectj == "" || strings.Contains(selectj, "name") {
346 c.Check(item0["name"], check.FitsTypeOf, "")
348 c.Check(item0["name"], check.IsNil)
350 if selectj == "" || strings.Contains(selectj, "uuid") {
351 c.Check(item0["uuid"], check.Equals, arvadostest.FooCollection)
353 c.Check(item0["uuid"], check.IsNil)
357 // Check "create collection" response has "kind" key
358 jresp = map[string]interface{}{}
359 _, rr = doRequest(c, s.rtr, token, "POST", `/arvados/v1/collections`, http.Header{"Content-Type": {"application/x-www-form-urlencoded"}}, bytes.NewBufferString(`ensure_unique_name=true`), jresp)
360 c.Check(rr.Code, check.Equals, http.StatusOK)
361 c.Check(jresp["uuid"], check.FitsTypeOf, "")
362 c.Check(jresp["kind"], check.Equals, "arvados#collection")
365 func (s *RouterIntegrationSuite) TestMaxRequestSize(c *check.C) {
366 token := arvadostest.ActiveTokenV2
367 for _, maxRequestSize := range []int{
368 // Ensure 5M limit is enforced.
370 // Ensure 50M limit is enforced, and that a >25M body
371 // is accepted even though the default Go request size
375 s.rtr.config.MaxRequestSize = maxRequestSize
377 for len(okstr) < maxRequestSize/2 {
378 okstr = okstr + okstr
381 hdr := http.Header{"Content-Type": {"application/x-www-form-urlencoded"}}
383 body := bytes.NewBufferString(url.Values{"foo_bar": {okstr}}.Encode())
384 _, rr := doRequest(c, s.rtr, token, "POST", `/arvados/v1/collections`, hdr, body, nil)
385 c.Check(rr.Code, check.Equals, http.StatusOK)
387 body = bytes.NewBufferString(url.Values{"foo_bar": {okstr + okstr}}.Encode())
388 _, rr = doRequest(c, s.rtr, token, "POST", `/arvados/v1/collections`, hdr, body, nil)
389 c.Check(rr.Code, check.Equals, http.StatusRequestEntityTooLarge)
393 func (s *RouterIntegrationSuite) TestContainerList(c *check.C) {
394 token := arvadostest.ActiveTokenV2
396 jresp := map[string]interface{}{}
397 _, rr := doRequest(c, s.rtr, token, "GET", `/arvados/v1/containers?limit=0`, nil, nil, jresp)
398 c.Check(rr.Code, check.Equals, http.StatusOK)
399 c.Check(jresp["items_available"], check.FitsTypeOf, float64(0))
400 c.Check(jresp["items_available"].(float64) > 2, check.Equals, true)
401 c.Check(jresp["items"], check.NotNil)
402 c.Check(jresp["items"], check.HasLen, 0)
404 jresp = map[string]interface{}{}
405 _, rr = doRequest(c, s.rtr, token, "GET", `/arvados/v1/containers?filters=[["uuid","in",[]]]`, nil, nil, jresp)
406 c.Check(rr.Code, check.Equals, http.StatusOK)
407 c.Check(jresp["items_available"], check.Equals, float64(0))
408 c.Check(jresp["items"], check.NotNil)
409 c.Check(jresp["items"], check.HasLen, 0)
411 jresp = map[string]interface{}{}
412 _, rr = doRequest(c, s.rtr, token, "GET", `/arvados/v1/containers?limit=2&select=["uuid","command"]`, nil, nil, jresp)
413 c.Check(rr.Code, check.Equals, http.StatusOK)
414 c.Check(jresp["items_available"], check.FitsTypeOf, float64(0))
415 c.Check(jresp["items_available"].(float64) > 2, check.Equals, true)
416 c.Check(jresp["items"], check.HasLen, 2)
417 item0 := jresp["items"].([]interface{})[0].(map[string]interface{})
418 c.Check(item0["uuid"], check.HasLen, 27)
419 c.Check(item0["command"], check.FitsTypeOf, []interface{}{})
420 c.Check(item0["command"].([]interface{})[0], check.FitsTypeOf, "")
421 c.Check(item0["mounts"], check.IsNil)
423 jresp = map[string]interface{}{}
424 _, rr = doRequest(c, s.rtr, token, "GET", `/arvados/v1/containers`, nil, nil, jresp)
425 c.Check(rr.Code, check.Equals, http.StatusOK)
426 c.Check(jresp["items_available"], check.FitsTypeOf, float64(0))
427 c.Check(jresp["items_available"].(float64) > 2, check.Equals, true)
428 avail := int(jresp["items_available"].(float64))
429 c.Check(jresp["items"], check.HasLen, avail)
430 item0 = jresp["items"].([]interface{})[0].(map[string]interface{})
431 c.Check(item0["uuid"], check.HasLen, 27)
432 c.Check(item0["command"], check.FitsTypeOf, []interface{}{})
433 c.Check(item0["command"].([]interface{})[0], check.FitsTypeOf, "")
434 c.Check(item0["mounts"], check.NotNil)
437 func (s *RouterIntegrationSuite) TestContainerLock(c *check.C) {
438 uuid := arvadostest.QueuedContainerUUID
439 token := arvadostest.AdminToken
441 jresp := map[string]interface{}{}
442 _, rr := doRequest(c, s.rtr, token, "POST", "/arvados/v1/containers/"+uuid+"/lock", nil, nil, jresp)
443 c.Check(rr.Code, check.Equals, http.StatusOK)
444 c.Check(jresp["uuid"], check.HasLen, 27)
445 c.Check(jresp["state"], check.Equals, "Locked")
447 _, rr = doRequest(c, s.rtr, token, "POST", "/arvados/v1/containers/"+uuid+"/lock", nil, nil, nil)
448 c.Check(rr.Code, check.Equals, http.StatusUnprocessableEntity)
449 c.Check(rr.Body.String(), check.Not(check.Matches), `.*"uuid":.*`)
451 jresp = map[string]interface{}{}
452 _, rr = doRequest(c, s.rtr, token, "POST", "/arvados/v1/containers/"+uuid+"/unlock", nil, nil, jresp)
453 c.Check(rr.Code, check.Equals, http.StatusOK)
454 c.Check(jresp["uuid"], check.HasLen, 27)
455 c.Check(jresp["state"], check.Equals, "Queued")
456 c.Check(jresp["environment"], check.IsNil)
458 jresp = map[string]interface{}{}
459 _, rr = doRequest(c, s.rtr, token, "POST", "/arvados/v1/containers/"+uuid+"/unlock", nil, nil, jresp)
460 c.Check(rr.Code, check.Equals, http.StatusUnprocessableEntity)
461 c.Check(jresp["uuid"], check.IsNil)
464 func (s *RouterIntegrationSuite) TestWritableBy(c *check.C) {
465 jresp := map[string]interface{}{}
466 _, rr := doRequest(c, s.rtr, arvadostest.ActiveTokenV2, "GET", `/arvados/v1/users/`+arvadostest.ActiveUserUUID, nil, nil, jresp)
467 c.Check(rr.Code, check.Equals, http.StatusOK)
468 c.Check(jresp["writable_by"], check.DeepEquals, []interface{}{"zzzzz-tpzed-000000000000000", "zzzzz-tpzed-xurymjxw79nv3jz", "zzzzz-j7d0g-48foin4vonvc2at"})
471 func (s *RouterIntegrationSuite) TestFullTimestampsInResponse(c *check.C) {
472 uuid := arvadostest.CollectionReplicationDesired2Confirmed2UUID
473 token := arvadostest.ActiveTokenV2
475 jresp := map[string]interface{}{}
476 _, rr := doRequest(c, s.rtr, token, "GET", `/arvados/v1/collections/`+uuid, nil, nil, jresp)
477 c.Check(rr.Code, check.Equals, http.StatusOK)
478 c.Check(jresp["uuid"], check.Equals, uuid)
479 expectNS := map[string]int{
480 "created_at": 596506000, // fixture says 596506247, but truncated by postgresql
481 "modified_at": 596338000, // fixture says 596338465, but truncated by postgresql
483 for key, ns := range expectNS {
484 mt, ok := jresp[key].(string)
485 c.Logf("jresp[%q] == %q", key, mt)
486 c.Assert(ok, check.Equals, true)
487 t, err := time.Parse(time.RFC3339Nano, mt)
488 c.Check(err, check.IsNil)
489 c.Check(t.Nanosecond(), check.Equals, ns)
493 func (s *RouterIntegrationSuite) TestSelectParam(c *check.C) {
494 uuid := arvadostest.QueuedContainerUUID
495 token := arvadostest.ActiveTokenV2
497 for _, sel := range [][]string{
499 {"uuid", "command", "uuid"},
501 j, err := json.Marshal(sel)
502 c.Assert(err, check.IsNil)
503 jresp := map[string]interface{}{}
504 _, rr := doRequest(c, s.rtr, token, "GET", "/arvados/v1/containers/"+uuid+"?select="+string(j), nil, nil, jresp)
505 c.Check(rr.Code, check.Equals, http.StatusOK)
507 c.Check(jresp["kind"], check.Equals, "arvados#container")
508 c.Check(jresp["uuid"], check.HasLen, 27)
509 c.Check(jresp["command"], check.HasLen, 2)
510 c.Check(jresp["mounts"], check.IsNil)
511 _, hasMounts := jresp["mounts"]
512 c.Check(hasMounts, check.Equals, false)
515 uuid = arvadostest.FooCollection
516 j, err := json.Marshal([]string{"uuid", "description"})
517 c.Assert(err, check.IsNil)
518 for _, method := range []string{"PUT", "POST"} {
519 desc := "Today is " + time.Now().String()
520 reqBody := "{\"description\":\"" + desc + "\"}"
521 jresp := map[string]interface{}{}
522 var rr *httptest.ResponseRecorder
524 _, rr = doRequest(c, s.rtr, token, method, "/arvados/v1/collections/"+uuid+"?select="+string(j), nil, bytes.NewReader([]byte(reqBody)), jresp)
526 _, rr = doRequest(c, s.rtr, token, method, "/arvados/v1/collections?select="+string(j), nil, bytes.NewReader([]byte(reqBody)), jresp)
528 c.Check(rr.Code, check.Equals, http.StatusOK)
529 c.Check(jresp["kind"], check.Equals, "arvados#collection")
530 c.Check(jresp["uuid"], check.HasLen, 27)
531 c.Check(jresp["description"], check.Equals, desc)
532 c.Check(jresp["manifest_text"], check.IsNil)
536 func (s *RouterIntegrationSuite) TestHEAD(c *check.C) {
537 _, rr := doRequest(c, s.rtr, arvadostest.ActiveTokenV2, "HEAD", "/arvados/v1/containers/"+arvadostest.QueuedContainerUUID, nil, nil, nil)
538 c.Check(rr.Code, check.Equals, http.StatusOK)
541 func (s *RouterIntegrationSuite) TestRouteNotFound(c *check.C) {
542 token := arvadostest.ActiveTokenV2
545 path: "arvados/v1/collections/" + arvadostest.FooCollection + "/error404pls",
548 rr := httptest.NewRecorder()
549 s.rtr.ServeHTTP(rr, req)
550 c.Check(rr.Code, check.Equals, http.StatusNotFound)
551 c.Logf("body: %q", rr.Body.String())
552 var j map[string]interface{}
553 err := json.Unmarshal(rr.Body.Bytes(), &j)
554 c.Check(err, check.IsNil)
555 c.Logf("decoded: %v", j)
556 c.Assert(j["errors"], check.FitsTypeOf, []interface{}{})
557 c.Check(j["errors"].([]interface{})[0], check.Equals, "API endpoint not found")
560 func (s *RouterIntegrationSuite) TestCORS(c *check.C) {
561 token := arvadostest.ActiveTokenV2
564 path: "arvados/v1/collections/" + arvadostest.FooCollection,
565 header: http.Header{"Origin": {"https://example.com"}},
568 rr := httptest.NewRecorder()
569 s.rtr.ServeHTTP(rr, req)
570 c.Check(rr.Code, check.Equals, http.StatusOK)
571 c.Check(rr.Body.String(), check.HasLen, 0)
572 c.Check(rr.Result().Header.Get("Access-Control-Allow-Origin"), check.Equals, "*")
573 for _, hdr := range []string{"Authorization", "Content-Type"} {
574 c.Check(rr.Result().Header.Get("Access-Control-Allow-Headers"), check.Matches, ".*"+hdr+".*")
576 for _, method := range []string{"GET", "HEAD", "PUT", "POST", "PATCH", "DELETE"} {
577 c.Check(rr.Result().Header.Get("Access-Control-Allow-Methods"), check.Matches, ".*"+method+".*")
580 for _, unsafe := range []string{"login", "logout", "auth", "auth/foo", "login/?blah"} {
584 header: http.Header{"Origin": {"https://example.com"}},
587 rr := httptest.NewRecorder()
588 s.rtr.ServeHTTP(rr, req)
589 c.Check(rr.Code, check.Equals, http.StatusOK)
590 c.Check(rr.Body.String(), check.HasLen, 0)
591 c.Check(rr.Result().Header.Get("Access-Control-Allow-Origin"), check.Equals, "")
592 c.Check(rr.Result().Header.Get("Access-Control-Allow-Methods"), check.Equals, "")
593 c.Check(rr.Result().Header.Get("Access-Control-Allow-Headers"), check.Equals, "")
598 header: http.Header{"Origin": {"https://example.com"}},
601 rr = httptest.NewRecorder()
602 s.rtr.ServeHTTP(rr, req)
603 c.Check(rr.Result().Header.Get("Access-Control-Allow-Origin"), check.Equals, "")
604 c.Check(rr.Result().Header.Get("Access-Control-Allow-Methods"), check.Equals, "")
605 c.Check(rr.Result().Header.Get("Access-Control-Allow-Headers"), check.Equals, "")
609 func doRequest(c *check.C, rtr http.Handler, token, method, path string, hdrs http.Header, body io.Reader, jresp map[string]interface{}) (*http.Request, *httptest.ResponseRecorder) {
610 req := httptest.NewRequest(method, path, body)
611 for k, v := range hdrs {
614 req.Header.Set("Authorization", "Bearer "+token)
615 rr := httptest.NewRecorder()
616 rtr.ServeHTTP(rr, req)
617 c.Logf("response body: %s", rr.Body.String())
619 err := json.Unmarshal(rr.Body.Bytes(), &jresp)
620 c.Check(err, check.IsNil)