1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: AGPL-3.0
7 class ApiClientAuthorizationsApiTest < ActionDispatch::IntegrationTest
10 test "create system auth" do
11 post "/arvados/v1/api_client_authorizations/create_system_auth",
12 params: {:format => :json, :scopes => ['test'].to_json},
13 headers: {'HTTP_AUTHORIZATION' => "OAuth2 #{api_client_authorizations(:admin_trustedclient).api_token}"}
14 assert_response :success
17 test "create token for different user" do
18 post "/arvados/v1/api_client_authorizations",
21 :api_client_authorization => {
22 :owner_uuid => users(:spectator).uuid
25 headers: {'HTTP_AUTHORIZATION' => "OAuth2 #{api_client_authorizations(:admin_trustedclient).api_token}"}
26 assert_response :success
28 get "/arvados/v1/users/current",
29 params: {:format => :json},
30 headers: {'HTTP_AUTHORIZATION' => "OAuth2 #{json_response['api_token']}"}
32 assert_equal users(:spectator).uuid, json_response['uuid']
35 test "refuse to create token for different user if not trusted client" do
36 post "/arvados/v1/api_client_authorizations",
39 :api_client_authorization => {
40 :owner_uuid => users(:spectator).uuid
43 headers: {'HTTP_AUTHORIZATION' => "OAuth2 #{api_client_authorizations(:admin).api_token}"}
47 test "refuse to create token for different user if not admin" do
48 post "/arvados/v1/api_client_authorizations",
51 :api_client_authorization => {
52 :owner_uuid => users(:spectator).uuid
55 headers: {'HTTP_AUTHORIZATION' => "OAuth2 #{api_client_authorizations(:active_trustedclient).api_token}"}
projects / arvados.git / blob