Merge branch 'master' into 6476-actions-show-not-need-token
[arvados.git] / apps / workbench / test / controllers / users_controller_test.rb
1 require 'test_helper'
2
3 class UsersControllerTest < ActionController::TestCase
4
5   test "valid token works in controller test" do
6     get :index, {}, session_for(:active)
7     assert_response :success
8   end
9
10   test "ignore previously valid token (for deleted user), don't crash" do
11     get :activity, {}, session_for(:valid_token_deleted_user)
12     assert_response :redirect
13     assert_match /^#{Rails.configuration.arvados_login_base}/, @response.redirect_url
14     assert_nil assigns(:my_jobs)
15     assert_nil assigns(:my_ssh_keys)
16   end
17
18   test "expired token redirects to api server login" do
19     get :show, {
20       id: api_fixture('users')['active']['uuid']
21     }, session_for(:expired_trustedclient)
22     assert_response :redirect
23     assert_match /^#{Rails.configuration.arvados_login_base}/, @response.redirect_url
24     assert_nil assigns(:my_jobs)
25     assert_nil assigns(:my_ssh_keys)
26   end
27
28   test "show welcome page if no token provided" do
29     get :index, {}
30     assert_response :redirect
31     assert_match /\/users\/welcome/, @response.redirect_url
32   end
33
34   test "show repositories with read, write, or manage permission" do
35     get :manage_account, {}, session_for(:active)
36     assert_response :success
37     repos = assigns(:my_repositories)
38     assert repos
39     assert_not_empty repos, "my_repositories should not be empty"
40     editables = repos.collect { |r| !!assigns(:repo_writable)[r.uuid] }
41     assert_includes editables, true, "should have a writable repository"
42     assert_includes editables, false, "should have a readonly repository"
43   end
44
45   test "show repositories lists linked as well as owned repositories" do
46     get :manage_account, {}, session_for(:active)
47     assert_response :success
48     repos = assigns(:my_repositories)
49     assert repos
50     repo_writables = assigns(:repo_writable)
51     assert_not_empty repo_writables, "repo_writables should not be empty"
52     assert_includes repo_writables, api_fixture('repositories')['repository4']['uuid']  # writable by active
53     assert_includes repo_writables, api_fixture('repositories')['repository2']['uuid']  # owned by active
54   end
55
56   test "request shell access" do
57     user = api_fixture('users')['spectator']
58
59     ActionMailer::Base.deliveries = []
60
61     post :request_shell_access, {
62       id: user['uuid'],
63       format: 'js'
64     }, session_for(:spectator)
65     assert_response :success
66
67     full_name = "#{user['first_name']} #{user['last_name']}"
68     expected = "Shell account request from #{full_name} (#{user['email']}, #{user['uuid']})"
69     found_email = 0
70     ActionMailer::Base.deliveries.each do |email|
71       if email.subject.include?(expected)
72         found_email += 1
73         break
74       end
75     end
76     assert_equal 1, found_email, "Expected 1 email after requesting shell access"
77   end
78
79   [
80     'admin',
81     'active',
82   ].each do |username|
83     test "access users page as #{username} and verify show button is available" do
84       admin_user = api_fixture('users','admin')
85       active_user = api_fixture('users','active')
86       get :index, {}, session_for(username)
87       if username == 'admin'
88         assert_match /<a href="\/projects\/#{admin_user['uuid']}">Home<\/a>/, @response.body
89         assert_match /<a href="\/projects\/#{active_user['uuid']}">Home<\/a>/, @response.body
90         assert_match /href="\/users\/#{admin_user['uuid']}" title="show user"><i class="fa fa-fw fa-user"><\/i> Show<\/a/, @response.body
91         assert_match /href="\/users\/#{active_user['uuid']}" title="show user"><i class="fa fa-fw fa-user"><\/i> Show<\/a/, @response.body
92         assert_includes @response.body, admin_user['email']
93         assert_includes @response.body, active_user['email']
94       else
95         refute_match  /Home<\/a>/, @response.body
96         refute_match /href="\/users\/#{admin_user['uuid']}" title="show user"><i class="fa fa-fw fa-user"><\/i> Show<\/a/, @response.body
97         assert_match /href="\/users\/#{active_user['uuid']}" title="show user"><i class="fa fa-fw fa-user"><\/i> Show<\/a/, @response.body
98         assert_includes @response.body, active_user['email']
99       end
100     end
101   end
102
103   [
104     'admin',
105     'active',
106   ].each do |username|
107     test "access settings drop down menu as #{username}" do
108       admin_user = api_fixture('users','admin')
109       active_user = api_fixture('users','active')
110       get :show, {
111         id: api_fixture('users')[username]['uuid']
112       }, session_for(username)
113       if username == 'admin'
114         assert_includes @response.body, admin_user['email']
115         refute_empty css_select('[id="system-menu"]')
116       else
117         assert_includes @response.body, active_user['email']
118         assert_empty css_select('[id="system-menu"]')
119       end
120     end
121   end
122 end