lib/controller/router/router_test.go

   1 // Copyright (C) The Arvados Authors. All rights reserved.
   2 //
   3 // SPDX-License-Identifier: AGPL-3.0
   4
   5 package router
   6
   7 import (
   8         "bytes"
   9         "encoding/json"
  10         "io"
  11         "net/http"
  12         "net/http/httptest"
  13         "net/url"
  14         "os"
  15         "strings"
  16         "testing"
  17         "time"
  18
  19         "git.arvados.org/arvados.git/lib/controller/rpc"
  20         "git.arvados.org/arvados.git/sdk/go/arvados"
  21         "git.arvados.org/arvados.git/sdk/go/arvadostest"
  22         "github.com/gorilla/mux"
  23         check "gopkg.in/check.v1"
  24 )
  25
  26 // Gocheck boilerplate
  27 func Test(t *testing.T) {
  28         check.TestingT(t)
  29 }
  30
  31 var _ = check.Suite(&RouterSuite{})
  32
  33 type RouterSuite struct {
  34         rtr  *router
  35         stub arvadostest.APIStub
  36 }
  37
  38 func (s *RouterSuite) SetUpTest(c *check.C) {
  39         s.stub = arvadostest.APIStub{}
  40         s.rtr = &router{
  41                 mux:     mux.NewRouter(),
  42                 backend: &s.stub,
  43         }
  44         s.rtr.addRoutes()
  45 }
  46
  47 func (s *RouterSuite) TestOptions(c *check.C) {
  48         token := arvadostest.ActiveToken
  49         for _, trial := range []struct {
  50                 comment         string // unparsed -- only used to help match test failures to trials
  51                 method          string
  52                 path            string
  53                 header          http.Header
  54                 body            string
  55                 unauthenticated bool
  56                 shouldStatus    int // zero value means 200
  57                 shouldCall      string
  58                 withOptions     interface{}
  59         }{
  60                 {
  61                         method:      "GET",
  62                         path:        "/arvados/v1/collections/" + arvadostest.FooCollection,
  63                         shouldCall:  "CollectionGet",
  64                         withOptions: arvados.GetOptions{UUID: arvadostest.FooCollection},
  65                 },
  66                 {
  67                         method:      "PUT",
  68                         path:        "/arvados/v1/collections/" + arvadostest.FooCollection,
  69                         shouldCall:  "CollectionUpdate",
  70                         withOptions: arvados.UpdateOptions{UUID: arvadostest.FooCollection},
  71                 },
  72                 {
  73                         method:      "PATCH",
  74                         path:        "/arvados/v1/collections/" + arvadostest.FooCollection,
  75                         shouldCall:  "CollectionUpdate",
  76                         withOptions: arvados.UpdateOptions{UUID: arvadostest.FooCollection},
  77                 },
  78                 {
  79                         method:      "DELETE",
  80                         path:        "/arvados/v1/collections/" + arvadostest.FooCollection,
  81                         shouldCall:  "CollectionDelete",
  82                         withOptions: arvados.DeleteOptions{UUID: arvadostest.FooCollection},
  83                 },
  84                 {
  85                         method:      "POST",
  86                         path:        "/arvados/v1/collections",
  87                         shouldCall:  "CollectionCreate",
  88                         withOptions: arvados.CreateOptions{},
  89                 },
  90                 {
  91                         method:      "GET",
  92                         path:        "/arvados/v1/collections",
  93                         shouldCall:  "CollectionList",
  94                         withOptions: arvados.ListOptions{Limit: -1},
  95                 },
  96                 {
  97                         method:      "GET",
  98                         path:        "/arvados/v1/api_client_authorizations",
  99                         shouldCall:  "APIClientAuthorizationList",
 100                         withOptions: arvados.ListOptions{Limit: -1},
 101                 },
 102                 {
 103                         method:      "GET",
 104                         path:        "/arvados/v1/collections?limit=123&offset=456&include_trash=true&include_old_versions=1",
 105                         shouldCall:  "CollectionList",
 106                         withOptions: arvados.ListOptions{Limit: 123, Offset: 456, IncludeTrash: true, IncludeOldVersions: true},
 107                 },
 108                 {
 109                         method:      "POST",
 110                         path:        "/arvados/v1/collections?limit=123&_method=GET",
 111                         body:        `{"offset":456,"include_trash":true,"include_old_versions":true}`,
 112                         shouldCall:  "CollectionList",
 113                         withOptions: arvados.ListOptions{Limit: 123, Offset: 456, IncludeTrash: true, IncludeOldVersions: true},
 114                 },
 115                 {
 116                         method:      "POST",
 117                         path:        "/arvados/v1/collections?limit=123",
 118                         body:        `{"offset":456,"include_trash":true,"include_old_versions":true}`,
 119                         header:      http.Header{"X-Http-Method-Override": {"GET"}, "Content-Type": {"application/json"}},
 120                         shouldCall:  "CollectionList",
 121                         withOptions: arvados.ListOptions{Limit: 123, Offset: 456, IncludeTrash: true, IncludeOldVersions: true},
 122                 },
 123                 {
 124                         method:      "POST",
 125                         path:        "/arvados/v1/collections?limit=123",
 126                         body:        "offset=456&include_trash=true&include_old_versions=1&_method=GET",
 127                         header:      http.Header{"Content-Type": {"application/x-www-form-urlencoded"}},
 128                         shouldCall:  "CollectionList",
 129                         withOptions: arvados.ListOptions{Limit: 123, Offset: 456, IncludeTrash: true, IncludeOldVersions: true},
 130                 },
 131                 {
 132                         comment:     "form-encoded expression filter in query string",
 133                         method:      "GET",
 134                         path:        "/arvados/v1/collections?filters=[%22(foo<bar)%22]",
 135                         shouldCall:  "CollectionList",
 136                         withOptions: arvados.ListOptions{Limit: -1, Filters: []arvados.Filter{{"(foo<bar)", "=", true}}},
 137                 },
 138                 {
 139                         comment:     "form-encoded expression filter in POST body",
 140                         method:      "POST",
 141                         path:        "/arvados/v1/collections",
 142                         body:        "filters=[\"(foo<bar)\"]&_method=GET",
 143                         header:      http.Header{"Content-Type": {"application/x-www-form-urlencoded"}},
 144                         shouldCall:  "CollectionList",
 145                         withOptions: arvados.ListOptions{Limit: -1, Filters: []arvados.Filter{{"(foo<bar)", "=", true}}},
 146                 },
 147                 {
 148                         comment:     "json-encoded expression filter in POST body",
 149                         method:      "POST",
 150                         path:        "/arvados/v1/collections?_method=GET",
 151                         body:        `{"filters":["(foo<bar)",["bar","=","baz"]],"limit":2}`,
 152                         header:      http.Header{"Content-Type": {"application/json"}},
 153                         shouldCall:  "CollectionList",
 154                         withOptions: arvados.ListOptions{Limit: 2, Filters: []arvados.Filter{{"(foo<bar)", "=", true}, {"bar", "=", "baz"}}},
 155                 },
 156                 {
 157                         comment:     "json-encoded select param in query string",
 158                         method:      "GET",
 159                         path:        "/arvados/v1/collections/" + arvadostest.FooCollection + "?select=[%22portable_data_hash%22]",
 160                         shouldCall:  "CollectionGet",
 161                         withOptions: arvados.GetOptions{UUID: arvadostest.FooCollection, Select: []string{"portable_data_hash"}},
 162                 },
 163                 {
 164                         method:       "PATCH",
 165                         path:         "/arvados/v1/collections",
 166                         shouldStatus: http.StatusMethodNotAllowed,
 167                 },
 168                 {
 169                         method:       "PUT",
 170                         path:         "/arvados/v1/collections",
 171                         shouldStatus: http.StatusMethodNotAllowed,
 172                 },
 173                 {
 174                         method:       "DELETE",
 175                         path:         "/arvados/v1/collections",
 176                         shouldStatus: http.StatusMethodNotAllowed,
 177                 },
 178                 {
 179                         comment:    "container log webdav GET root",
 180                         method:     "GET",
 181                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "/",
 182                         shouldCall: "ContainerRequestLog",
 183                         withOptions: arvados.ContainerLogOptions{
 184                                 UUID: arvadostest.CompletedContainerRequestUUID,
 185                                 WebDAVOptions: arvados.WebDAVOptions{
 186                                         Method: "GET",
 187                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 188                                         Path:   "/" + arvadostest.CompletedContainerUUID + "/"}},
 189                 },
 190                 {
 191                         comment:    "container log webdav GET root without trailing slash",
 192                         method:     "GET",
 193                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "",
 194                         shouldCall: "ContainerRequestLog",
 195                         withOptions: arvados.ContainerLogOptions{
 196                                 UUID: arvadostest.CompletedContainerRequestUUID,
 197                                 WebDAVOptions: arvados.WebDAVOptions{
 198                                         Method: "GET",
 199                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 200                                         Path:   "/" + arvadostest.CompletedContainerUUID}},
 201                 },
 202                 {
 203                         comment:    "container log webdav OPTIONS root",
 204                         method:     "OPTIONS",
 205                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "/",
 206                         shouldCall: "ContainerRequestLog",
 207                         withOptions: arvados.ContainerLogOptions{
 208                                 UUID: arvadostest.CompletedContainerRequestUUID,
 209                                 WebDAVOptions: arvados.WebDAVOptions{
 210                                         Method: "OPTIONS",
 211                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 212                                         Path:   "/" + arvadostest.CompletedContainerUUID + "/"}},
 213                 },
 214                 {
 215                         comment:    "container log webdav OPTIONS root without trailing slash",
 216                         method:     "OPTIONS",
 217                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID,
 218                         shouldCall: "ContainerRequestLog",
 219                         withOptions: arvados.ContainerLogOptions{
 220                                 UUID: arvadostest.CompletedContainerRequestUUID,
 221                                 WebDAVOptions: arvados.WebDAVOptions{
 222                                         Method: "OPTIONS",
 223                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 224                                         Path:   "/" + arvadostest.CompletedContainerUUID}},
 225                 },
 226                 {
 227                         comment:         "container log webdav OPTIONS for CORS",
 228                         unauthenticated: true,
 229                         method:          "OPTIONS",
 230                         path:            "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "/",
 231                         header:          http.Header{"Access-Control-Request-Method": {"POST"}},
 232                         shouldCall:      "ContainerRequestLog",
 233                         withOptions: arvados.ContainerLogOptions{
 234                                 UUID: arvadostest.CompletedContainerRequestUUID,
 235                                 WebDAVOptions: arvados.WebDAVOptions{
 236                                         Method: "OPTIONS",
 237                                         Header: http.Header{
 238                                                 "Access-Control-Request-Method": {"POST"},
 239                                         },
 240                                         Path: "/" + arvadostest.CompletedContainerUUID + "/"}},
 241                 },
 242                 {
 243                         comment:    "container log webdav PROPFIND root",
 244                         method:     "PROPFIND",
 245                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "/",
 246                         shouldCall: "ContainerRequestLog",
 247                         withOptions: arvados.ContainerLogOptions{
 248                                 UUID: arvadostest.CompletedContainerRequestUUID,
 249                                 WebDAVOptions: arvados.WebDAVOptions{
 250                                         Method: "PROPFIND",
 251                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 252                                         Path:   "/" + arvadostest.CompletedContainerUUID + "/"}},
 253                 },
 254                 {
 255                         comment:    "container log webdav PROPFIND root without trailing slash",
 256                         method:     "PROPFIND",
 257                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "",
 258                         shouldCall: "ContainerRequestLog",
 259                         withOptions: arvados.ContainerLogOptions{
 260                                 UUID: arvadostest.CompletedContainerRequestUUID,
 261                                 WebDAVOptions: arvados.WebDAVOptions{
 262                                         Method: "PROPFIND",
 263                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 264                                         Path:   "/" + arvadostest.CompletedContainerUUID}},
 265                 },
 266                 {
 267                         comment:    "container log webdav no_forward=true",
 268                         method:     "GET",
 269                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "/?no_forward=true",
 270                         shouldCall: "ContainerRequestLog",
 271                         withOptions: arvados.ContainerLogOptions{
 272                                 UUID:      arvadostest.CompletedContainerRequestUUID,
 273                                 NoForward: true,
 274                                 WebDAVOptions: arvados.WebDAVOptions{
 275                                         Method: "GET",
 276                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 277                                         Path:   "/" + arvadostest.CompletedContainerUUID + "/"}},
 278                 },
 279                 {
 280                         comment:      "/logX does not route to ContainerRequestLog",
 281                         method:       "GET",
 282                         path:         "/arvados/v1/containers/" + arvadostest.CompletedContainerRequestUUID + "/logX",
 283                         shouldStatus: http.StatusNotFound,
 284                         shouldCall:   "",
 285                 },
 286         } {
 287                 // Reset calls captured in previous trial
 288                 s.stub = arvadostest.APIStub{}
 289
 290                 c.Logf("trial: %+v", trial)
 291                 comment := check.Commentf("trial comment: %s", trial.comment)
 292
 293                 _, rr := doRequest(c, s.rtr, token, trial.method, trial.path, !trial.unauthenticated, trial.header, bytes.NewBufferString(trial.body), nil)
 294                 if trial.shouldStatus == 0 {
 295                         c.Check(rr.Code, check.Equals, http.StatusOK, comment)
 296                 } else {
 297                         c.Check(rr.Code, check.Equals, trial.shouldStatus, comment)
 298                 }
 299                 calls := s.stub.Calls(nil)
 300                 if trial.shouldCall == "" {
 301                         c.Check(calls, check.HasLen, 0, comment)
 302                 } else if len(calls) != 1 {
 303                         c.Check(calls, check.HasLen, 1, comment)
 304                 } else {
 305                         c.Check(calls[0].Method, isMethodNamed, trial.shouldCall, comment)
 306                         c.Check(calls[0].Options, check.DeepEquals, trial.withOptions, comment)
 307                 }
 308         }
 309 }
 310
 311 var _ = check.Suite(&RouterIntegrationSuite{})
 312
 313 type RouterIntegrationSuite struct {
 314         rtr *router
 315 }
 316
 317 func (s *RouterIntegrationSuite) SetUpTest(c *check.C) {
 318         cluster := &arvados.Cluster{}
 319         cluster.TLS.Insecure = true
 320         arvadostest.SetServiceURL(&cluster.Services.RailsAPI, "https://"+os.Getenv("ARVADOS_TEST_API_HOST"))
 321         url, _ := url.Parse("https://" + os.Getenv("ARVADOS_TEST_API_HOST"))
 322         s.rtr = New(rpc.NewConn("zzzzz", url, true, rpc.PassthroughTokenProvider), Config{})
 323 }
 324
 325 func (s *RouterIntegrationSuite) TearDownSuite(c *check.C) {
 326         err := arvados.NewClientFromEnv().RequestAndDecode(nil, "POST", "database/reset", nil, nil)
 327         c.Check(err, check.IsNil)
 328 }
 329
 330 func (s *RouterIntegrationSuite) TestCollectionResponses(c *check.C) {
 331         token := arvadostest.ActiveTokenV2
 332
 333         // Check "get collection" response has "kind" key
 334         jresp := map[string]interface{}{}
 335         _, rr := doRequest(c, s.rtr, token, "GET", `/arvados/v1/collections`, true, nil, bytes.NewBufferString(`{"include_trash":true}`), jresp)
 336         c.Check(rr.Code, check.Equals, http.StatusOK)
 337         c.Check(jresp["items"], check.FitsTypeOf, []interface{}{})
 338         c.Check(jresp["kind"], check.Equals, "arvados#collectionList")
 339         c.Check(jresp["items"].([]interface{})[0].(map[string]interface{})["kind"], check.Equals, "arvados#collection")
 340
 341         // Check items in list response have a "kind" key regardless
 342         // of whether a uuid/pdh is selected.
 343         for _, selectj := range []string{
 344                 ``,
 345                 `,"select":["portable_data_hash"]`,
 346                 `,"select":["name"]`,
 347                 `,"select":["uuid"]`,
 348         } {
 349                 jresp := map[string]interface{}{}
 350                 _, rr = doRequest(c, s.rtr, token, "GET", `/arvados/v1/collections`, true, nil, bytes.NewBufferString(`{"where":{"uuid":["`+arvadostest.FooCollection+`"]}`+selectj+`}`), jresp)
 351                 c.Check(rr.Code, check.Equals, http.StatusOK)
 352                 c.Check(jresp["items"], check.FitsTypeOf, []interface{}{})
 353                 c.Check(jresp["items_available"], check.FitsTypeOf, float64(0))
 354                 c.Check(jresp["kind"], check.Equals, "arvados#collectionList")
 355                 item0 := jresp["items"].([]interface{})[0].(map[string]interface{})
 356                 c.Check(item0["kind"], check.Equals, "arvados#collection")
 357                 if selectj == "" || strings.Contains(selectj, "portable_data_hash") {
 358                         c.Check(item0["portable_data_hash"], check.Equals, arvadostest.FooCollectionPDH)
 359                 } else {
 360                         c.Check(item0["portable_data_hash"], check.IsNil)
 361                 }
 362                 if selectj == "" || strings.Contains(selectj, "name") {
 363                         c.Check(item0["name"], check.FitsTypeOf, "")
 364                 } else {
 365                         c.Check(item0["name"], check.IsNil)
 366                 }
 367                 if selectj == "" || strings.Contains(selectj, "uuid") {
 368                         c.Check(item0["uuid"], check.Equals, arvadostest.FooCollection)
 369                 } else {
 370                         c.Check(item0["uuid"], check.IsNil)
 371                 }
 372         }
 373
 374         // Check "create collection" response has "kind" key
 375         jresp = map[string]interface{}{}
 376         _, rr = doRequest(c, s.rtr, token, "POST", `/arvados/v1/collections`, true, http.Header{"Content-Type": {"application/x-www-form-urlencoded"}}, bytes.NewBufferString(`ensure_unique_name=true`), jresp)
 377         c.Check(rr.Code, check.Equals, http.StatusOK)
 378         c.Check(jresp["uuid"], check.FitsTypeOf, "")
 379         c.Check(jresp["kind"], check.Equals, "arvados#collection")
 380 }
 381
 382 func (s *RouterIntegrationSuite) TestMaxRequestSize(c *check.C) {
 383         token := arvadostest.ActiveTokenV2
 384         for _, maxRequestSize := range []int{
 385                 // Ensure 5M limit is enforced.
 386                 5000000,
 387                 // Ensure 50M limit is enforced, and that a >25M body
 388                 // is accepted even though the default Go request size
 389                 // limit is 10M.
 390                 50000000,
 391         } {
 392                 s.rtr.config.MaxRequestSize = maxRequestSize
 393                 okstr := "a"
 394                 for len(okstr) < maxRequestSize/2 {
 395                         okstr = okstr + okstr
 396                 }
 397
 398                 hdr := http.Header{"Content-Type": {"application/x-www-form-urlencoded"}}
 399
 400                 body := bytes.NewBufferString(url.Values{"foo_bar": {okstr}}.Encode())
 401                 _, rr := doRequest(c, s.rtr, token, "POST", `/arvados/v1/collections`, true, hdr, body, nil)
 402                 c.Check(rr.Code, check.Equals, http.StatusOK)
 403
 404                 body = bytes.NewBufferString(url.Values{"foo_bar": {okstr + okstr}}.Encode())
 405                 _, rr = doRequest(c, s.rtr, token, "POST", `/arvados/v1/collections`, true, hdr, body, nil)
 406                 c.Check(rr.Code, check.Equals, http.StatusRequestEntityTooLarge)
 407         }
 408 }
 409
 410 func (s *RouterIntegrationSuite) TestContainerList(c *check.C) {
 411         token := arvadostest.ActiveTokenV2
 412
 413         jresp := map[string]interface{}{}
 414         _, rr := doRequest(c, s.rtr, token, "GET", `/arvados/v1/containers?limit=0`, true, nil, nil, jresp)
 415         c.Check(rr.Code, check.Equals, http.StatusOK)
 416         c.Check(jresp["items_available"], check.FitsTypeOf, float64(0))
 417         c.Check(jresp["items_available"].(float64) > 2, check.Equals, true)
 418         c.Check(jresp["items"], check.NotNil)
 419         c.Check(jresp["items"], check.HasLen, 0)
 420
 421         jresp = map[string]interface{}{}
 422         _, rr = doRequest(c, s.rtr, token, "GET", `/arvados/v1/containers?filters=[["uuid","in",[]]]`, true, nil, nil, jresp)
 423         c.Check(rr.Code, check.Equals, http.StatusOK)
 424         c.Check(jresp["items_available"], check.Equals, float64(0))
 425         c.Check(jresp["items"], check.NotNil)
 426         c.Check(jresp["items"], check.HasLen, 0)
 427
 428         jresp = map[string]interface{}{}
 429         _, rr = doRequest(c, s.rtr, token, "GET", `/arvados/v1/containers?limit=2&select=["uuid","command"]`, true, nil, nil, jresp)
 430         c.Check(rr.Code, check.Equals, http.StatusOK)
 431         c.Check(jresp["items_available"], check.FitsTypeOf, float64(0))
 432         c.Check(jresp["items_available"].(float64) > 2, check.Equals, true)
 433         c.Check(jresp["items"], check.HasLen, 2)
 434         item0 := jresp["items"].([]interface{})[0].(map[string]interface{})
 435         c.Check(item0["uuid"], check.HasLen, 27)
 436         c.Check(item0["command"], check.FitsTypeOf, []interface{}{})
 437         c.Check(item0["command"].([]interface{})[0], check.FitsTypeOf, "")
 438         c.Check(item0["mounts"], check.IsNil)
 439
 440         jresp = map[string]interface{}{}
 441         _, rr = doRequest(c, s.rtr, token, "GET", `/arvados/v1/containers`, true, nil, nil, jresp)
 442         c.Check(rr.Code, check.Equals, http.StatusOK)
 443         c.Check(jresp["items_available"], check.FitsTypeOf, float64(0))
 444         c.Check(jresp["items_available"].(float64) > 2, check.Equals, true)
 445         avail := int(jresp["items_available"].(float64))
 446         c.Check(jresp["items"], check.HasLen, avail)
 447         item0 = jresp["items"].([]interface{})[0].(map[string]interface{})
 448         c.Check(item0["uuid"], check.HasLen, 27)
 449         c.Check(item0["command"], check.FitsTypeOf, []interface{}{})
 450         c.Check(item0["command"].([]interface{})[0], check.FitsTypeOf, "")
 451         c.Check(item0["mounts"], check.NotNil)
 452 }
 453
 454 func (s *RouterIntegrationSuite) TestContainerLock(c *check.C) {
 455         uuid := arvadostest.QueuedContainerUUID
 456         token := arvadostest.AdminToken
 457
 458         jresp := map[string]interface{}{}
 459         _, rr := doRequest(c, s.rtr, token, "POST", "/arvados/v1/containers/"+uuid+"/lock", true, nil, nil, jresp)
 460         c.Check(rr.Code, check.Equals, http.StatusOK)
 461         c.Check(jresp["uuid"], check.HasLen, 27)
 462         c.Check(jresp["state"], check.Equals, "Locked")
 463
 464         _, rr = doRequest(c, s.rtr, token, "POST", "/arvados/v1/containers/"+uuid+"/lock", true, nil, nil, nil)
 465         c.Check(rr.Code, check.Equals, http.StatusUnprocessableEntity)
 466         c.Check(rr.Body.String(), check.Not(check.Matches), `.*"uuid":.*`)
 467
 468         jresp = map[string]interface{}{}
 469         _, rr = doRequest(c, s.rtr, token, "POST", "/arvados/v1/containers/"+uuid+"/unlock", true, nil, nil, jresp)
 470         c.Check(rr.Code, check.Equals, http.StatusOK)
 471         c.Check(jresp["uuid"], check.HasLen, 27)
 472         c.Check(jresp["state"], check.Equals, "Queued")
 473         c.Check(jresp["environment"], check.IsNil)
 474
 475         jresp = map[string]interface{}{}
 476         _, rr = doRequest(c, s.rtr, token, "POST", "/arvados/v1/containers/"+uuid+"/unlock", true, nil, nil, jresp)
 477         c.Check(rr.Code, check.Equals, http.StatusUnprocessableEntity)
 478         c.Check(jresp["uuid"], check.IsNil)
 479 }
 480
 481 func (s *RouterIntegrationSuite) TestWritableBy(c *check.C) {
 482         jresp := map[string]interface{}{}
 483         _, rr := doRequest(c, s.rtr, arvadostest.ActiveTokenV2, "GET", `/arvados/v1/users/`+arvadostest.ActiveUserUUID, true, nil, nil, jresp)
 484         c.Check(rr.Code, check.Equals, http.StatusOK)
 485         c.Check(jresp["writable_by"], check.DeepEquals, []interface{}{"zzzzz-tpzed-000000000000000", "zzzzz-tpzed-xurymjxw79nv3jz", "zzzzz-j7d0g-48foin4vonvc2at"})
 486 }
 487
 488 func (s *RouterIntegrationSuite) TestFullTimestampsInResponse(c *check.C) {
 489         uuid := arvadostest.CollectionReplicationDesired2Confirmed2UUID
 490         token := arvadostest.ActiveTokenV2
 491
 492         jresp := map[string]interface{}{}
 493         _, rr := doRequest(c, s.rtr, token, "GET", `/arvados/v1/collections/`+uuid, true, nil, nil, jresp)
 494         c.Check(rr.Code, check.Equals, http.StatusOK)
 495         c.Check(jresp["uuid"], check.Equals, uuid)
 496         expectNS := map[string]int{
 497                 "created_at":  596506000, // fixture says 596506247, but truncated by postgresql
 498                 "modified_at": 596338000, // fixture says 596338465, but truncated by postgresql
 499         }
 500         for key, ns := range expectNS {
 501                 mt, ok := jresp[key].(string)
 502                 c.Logf("jresp[%q] == %q", key, mt)
 503                 c.Assert(ok, check.Equals, true)
 504                 t, err := time.Parse(time.RFC3339Nano, mt)
 505                 c.Check(err, check.IsNil)
 506                 c.Check(t.Nanosecond(), check.Equals, ns)
 507         }
 508 }
 509
 510 func (s *RouterIntegrationSuite) TestSelectParam(c *check.C) {
 511         uuid := arvadostest.QueuedContainerUUID
 512         token := arvadostest.ActiveTokenV2
 513         // GET
 514         for _, sel := range [][]string{
 515                 {"uuid", "command"},
 516                 {"uuid", "command", "uuid"},
 517         } {
 518                 j, err := json.Marshal(sel)
 519                 c.Assert(err, check.IsNil)
 520                 jresp := map[string]interface{}{}
 521                 _, rr := doRequest(c, s.rtr, token, "GET", "/arvados/v1/containers/"+uuid+"?select="+string(j), true, nil, nil, jresp)
 522                 c.Check(rr.Code, check.Equals, http.StatusOK)
 523
 524                 c.Check(jresp["kind"], check.Equals, "arvados#container")
 525                 c.Check(jresp["uuid"], check.HasLen, 27)
 526                 c.Check(jresp["command"], check.HasLen, 2)
 527                 c.Check(jresp["mounts"], check.IsNil)
 528                 _, hasMounts := jresp["mounts"]
 529                 c.Check(hasMounts, check.Equals, false)
 530         }
 531         // POST & PUT
 532         uuid = arvadostest.FooCollection
 533         j, err := json.Marshal([]string{"uuid", "description"})
 534         c.Assert(err, check.IsNil)
 535         for _, method := range []string{"PUT", "POST"} {
 536                 desc := "Today is " + time.Now().String()
 537                 reqBody := "{\"description\":\"" + desc + "\"}"
 538                 jresp := map[string]interface{}{}
 539                 var rr *httptest.ResponseRecorder
 540                 if method == "PUT" {
 541                         _, rr = doRequest(c, s.rtr, token, method, "/arvados/v1/collections/"+uuid+"?select="+string(j), true, nil, bytes.NewReader([]byte(reqBody)), jresp)
 542                 } else {
 543                         _, rr = doRequest(c, s.rtr, token, method, "/arvados/v1/collections?select="+string(j), true, nil, bytes.NewReader([]byte(reqBody)), jresp)
 544                 }
 545                 c.Check(rr.Code, check.Equals, http.StatusOK)
 546                 c.Check(jresp["kind"], check.Equals, "arvados#collection")
 547                 c.Check(jresp["uuid"], check.HasLen, 27)
 548                 c.Check(jresp["description"], check.Equals, desc)
 549                 c.Check(jresp["manifest_text"], check.IsNil)
 550         }
 551 }
 552
 553 func (s *RouterIntegrationSuite) TestHEAD(c *check.C) {
 554         _, rr := doRequest(c, s.rtr, arvadostest.ActiveTokenV2, "HEAD", "/arvados/v1/containers/"+arvadostest.QueuedContainerUUID, true, nil, nil, nil)
 555         c.Check(rr.Code, check.Equals, http.StatusOK)
 556 }
 557
 558 func (s *RouterIntegrationSuite) TestRouteNotFound(c *check.C) {
 559         token := arvadostest.ActiveTokenV2
 560         req := (&testReq{
 561                 method: "POST",
 562                 path:   "arvados/v1/collections/" + arvadostest.FooCollection + "/error404pls",
 563                 token:  token,
 564         }).Request()
 565         rr := httptest.NewRecorder()
 566         s.rtr.ServeHTTP(rr, req)
 567         c.Check(rr.Code, check.Equals, http.StatusNotFound)
 568         c.Logf("body: %q", rr.Body.String())
 569         var j map[string]interface{}
 570         err := json.Unmarshal(rr.Body.Bytes(), &j)
 571         c.Check(err, check.IsNil)
 572         c.Logf("decoded: %v", j)
 573         c.Assert(j["errors"], check.FitsTypeOf, []interface{}{})
 574         c.Check(j["errors"].([]interface{})[0], check.Equals, "API endpoint not found")
 575 }
 576
 577 func (s *RouterIntegrationSuite) TestCORS(c *check.C) {
 578         token := arvadostest.ActiveTokenV2
 579         req := (&testReq{
 580                 method: "OPTIONS",
 581                 path:   "arvados/v1/collections/" + arvadostest.FooCollection,
 582                 header: http.Header{"Origin": {"https://example.com"}},
 583                 token:  token,
 584         }).Request()
 585         rr := httptest.NewRecorder()
 586         s.rtr.ServeHTTP(rr, req)
 587         c.Check(rr.Code, check.Equals, http.StatusOK)
 588         c.Check(rr.Body.String(), check.HasLen, 0)
 589         c.Check(rr.Result().Header.Get("Access-Control-Allow-Origin"), check.Equals, "*")
 590         for _, hdr := range []string{"Authorization", "Content-Type"} {
 591                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Headers"), check.Matches, ".*"+hdr+".*")
 592         }
 593         for _, method := range []string{"GET", "HEAD", "PUT", "POST", "PATCH", "DELETE"} {
 594                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Methods"), check.Matches, ".*"+method+".*")
 595         }
 596
 597         for _, unsafe := range []string{"login", "logout", "auth", "auth/foo", "login/?blah"} {
 598                 req := (&testReq{
 599                         method: "OPTIONS",
 600                         path:   unsafe,
 601                         header: http.Header{"Origin": {"https://example.com"}},
 602                         token:  token,
 603                 }).Request()
 604                 rr := httptest.NewRecorder()
 605                 s.rtr.ServeHTTP(rr, req)
 606                 c.Check(rr.Code, check.Equals, http.StatusOK)
 607                 c.Check(rr.Body.String(), check.HasLen, 0)
 608                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Origin"), check.Equals, "")
 609                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Methods"), check.Equals, "")
 610                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Headers"), check.Equals, "")
 611
 612                 req = (&testReq{
 613                         method: "POST",
 614                         path:   unsafe,
 615                         header: http.Header{"Origin": {"https://example.com"}},
 616                         token:  token,
 617                 }).Request()
 618                 rr = httptest.NewRecorder()
 619                 s.rtr.ServeHTTP(rr, req)
 620                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Origin"), check.Equals, "")
 621                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Methods"), check.Equals, "")
 622                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Headers"), check.Equals, "")
 623         }
 624 }
 625
 626 func doRequest(c *check.C, rtr http.Handler, token, method, path string, auth bool, hdrs http.Header, body io.Reader, jresp map[string]interface{}) (*http.Request, *httptest.ResponseRecorder) {
 627         req := httptest.NewRequest(method, path, body)
 628         for k, v := range hdrs {
 629                 req.Header[k] = v
 630         }
 631         if auth {
 632                 req.Header.Set("Authorization", "Bearer "+token)
 633         }
 634         rr := httptest.NewRecorder()
 635         rtr.ServeHTTP(rr, req)
 636         respbody := rr.Body.String()
 637         if len(respbody) > 10000 {
 638                 respbody = respbody[:10000] + "[...]"
 639         }
 640         c.Logf("response body: %s", respbody)
 641         if jresp != nil {
 642                 err := json.Unmarshal(rr.Body.Bytes(), &jresp)
 643                 c.Check(err, check.IsNil)
 644         }
 645         return req, rr
 646 }