lib/controller/router/router_test.go

   1 // Copyright (C) The Arvados Authors. All rights reserved.
   2 //
   3 // SPDX-License-Identifier: AGPL-3.0
   4
   5 package router
   6
   7 import (
   8         "bytes"
   9         "encoding/json"
  10         "io"
  11         "net/http"
  12         "net/http/httptest"
  13         "net/url"
  14         "os"
  15         "strings"
  16         "testing"
  17         "time"
  18
  19         "git.arvados.org/arvados.git/lib/controller/rpc"
  20         "git.arvados.org/arvados.git/sdk/go/arvados"
  21         "git.arvados.org/arvados.git/sdk/go/arvadostest"
  22         "github.com/gorilla/mux"
  23         check "gopkg.in/check.v1"
  24 )
  25
  26 // Gocheck boilerplate
  27 func Test(t *testing.T) {
  28         check.TestingT(t)
  29 }
  30
  31 var _ = check.Suite(&RouterSuite{})
  32
  33 type RouterSuite struct {
  34         rtr  *router
  35         stub arvadostest.APIStub
  36 }
  37
  38 func (s *RouterSuite) SetUpTest(c *check.C) {
  39         s.stub = arvadostest.APIStub{}
  40         s.rtr = &router{
  41                 mux:     mux.NewRouter(),
  42                 backend: &s.stub,
  43         }
  44         s.rtr.addRoutes()
  45 }
  46
  47 func (s *RouterSuite) TestOptions(c *check.C) {
  48         token := arvadostest.ActiveToken
  49         for _, trial := range []struct {
  50                 comment      string // unparsed -- only used to help match test failures to trials
  51                 method       string
  52                 path         string
  53                 header       http.Header
  54                 body         string
  55                 shouldStatus int // zero value means 200
  56                 shouldCall   string
  57                 withOptions  interface{}
  58         }{
  59                 {
  60                         method:      "GET",
  61                         path:        "/arvados/v1/collections/" + arvadostest.FooCollection,
  62                         shouldCall:  "CollectionGet",
  63                         withOptions: arvados.GetOptions{UUID: arvadostest.FooCollection},
  64                 },
  65                 {
  66                         method:      "PUT",
  67                         path:        "/arvados/v1/collections/" + arvadostest.FooCollection,
  68                         shouldCall:  "CollectionUpdate",
  69                         withOptions: arvados.UpdateOptions{UUID: arvadostest.FooCollection},
  70                 },
  71                 {
  72                         method:      "PATCH",
  73                         path:        "/arvados/v1/collections/" + arvadostest.FooCollection,
  74                         shouldCall:  "CollectionUpdate",
  75                         withOptions: arvados.UpdateOptions{UUID: arvadostest.FooCollection},
  76                 },
  77                 {
  78                         method:      "DELETE",
  79                         path:        "/arvados/v1/collections/" + arvadostest.FooCollection,
  80                         shouldCall:  "CollectionDelete",
  81                         withOptions: arvados.DeleteOptions{UUID: arvadostest.FooCollection},
  82                 },
  83                 {
  84                         method:      "POST",
  85                         path:        "/arvados/v1/collections",
  86                         shouldCall:  "CollectionCreate",
  87                         withOptions: arvados.CreateOptions{},
  88                 },
  89                 {
  90                         method:      "GET",
  91                         path:        "/arvados/v1/collections",
  92                         shouldCall:  "CollectionList",
  93                         withOptions: arvados.ListOptions{Limit: -1},
  94                 },
  95                 {
  96                         method:      "GET",
  97                         path:        "/arvados/v1/api_client_authorizations",
  98                         shouldCall:  "APIClientAuthorizationList",
  99                         withOptions: arvados.ListOptions{Limit: -1},
 100                 },
 101                 {
 102                         method:      "GET",
 103                         path:        "/arvados/v1/collections?limit=123&offset=456&include_trash=true&include_old_versions=1",
 104                         shouldCall:  "CollectionList",
 105                         withOptions: arvados.ListOptions{Limit: 123, Offset: 456, IncludeTrash: true, IncludeOldVersions: true},
 106                 },
 107                 {
 108                         method:      "POST",
 109                         path:        "/arvados/v1/collections?limit=123&_method=GET",
 110                         body:        `{"offset":456,"include_trash":true,"include_old_versions":true}`,
 111                         shouldCall:  "CollectionList",
 112                         withOptions: arvados.ListOptions{Limit: 123, Offset: 456, IncludeTrash: true, IncludeOldVersions: true},
 113                 },
 114                 {
 115                         method:      "POST",
 116                         path:        "/arvados/v1/collections?limit=123",
 117                         body:        `{"offset":456,"include_trash":true,"include_old_versions":true}`,
 118                         header:      http.Header{"X-Http-Method-Override": {"GET"}, "Content-Type": {"application/json"}},
 119                         shouldCall:  "CollectionList",
 120                         withOptions: arvados.ListOptions{Limit: 123, Offset: 456, IncludeTrash: true, IncludeOldVersions: true},
 121                 },
 122                 {
 123                         method:      "POST",
 124                         path:        "/arvados/v1/collections?limit=123",
 125                         body:        "offset=456&include_trash=true&include_old_versions=1&_method=GET",
 126                         header:      http.Header{"Content-Type": {"application/x-www-form-urlencoded"}},
 127                         shouldCall:  "CollectionList",
 128                         withOptions: arvados.ListOptions{Limit: 123, Offset: 456, IncludeTrash: true, IncludeOldVersions: true},
 129                 },
 130                 {
 131                         comment:     "form-encoded expression filter in query string",
 132                         method:      "GET",
 133                         path:        "/arvados/v1/collections?filters=[%22(foo<bar)%22]",
 134                         shouldCall:  "CollectionList",
 135                         withOptions: arvados.ListOptions{Limit: -1, Filters: []arvados.Filter{{"(foo<bar)", "=", true}}},
 136                 },
 137                 {
 138                         comment:     "form-encoded expression filter in POST body",
 139                         method:      "POST",
 140                         path:        "/arvados/v1/collections",
 141                         body:        "filters=[\"(foo<bar)\"]&_method=GET",
 142                         header:      http.Header{"Content-Type": {"application/x-www-form-urlencoded"}},
 143                         shouldCall:  "CollectionList",
 144                         withOptions: arvados.ListOptions{Limit: -1, Filters: []arvados.Filter{{"(foo<bar)", "=", true}}},
 145                 },
 146                 {
 147                         comment:     "json-encoded expression filter in POST body",
 148                         method:      "POST",
 149                         path:        "/arvados/v1/collections?_method=GET",
 150                         body:        `{"filters":["(foo<bar)",["bar","=","baz"]],"limit":2}`,
 151                         header:      http.Header{"Content-Type": {"application/json"}},
 152                         shouldCall:  "CollectionList",
 153                         withOptions: arvados.ListOptions{Limit: 2, Filters: []arvados.Filter{{"(foo<bar)", "=", true}, {"bar", "=", "baz"}}},
 154                 },
 155                 {
 156                         comment:     "json-encoded select param in query string",
 157                         method:      "GET",
 158                         path:        "/arvados/v1/collections/" + arvadostest.FooCollection + "?select=[%22portable_data_hash%22]",
 159                         shouldCall:  "CollectionGet",
 160                         withOptions: arvados.GetOptions{UUID: arvadostest.FooCollection, Select: []string{"portable_data_hash"}},
 161                 },
 162                 {
 163                         method:       "PATCH",
 164                         path:         "/arvados/v1/collections",
 165                         shouldStatus: http.StatusMethodNotAllowed,
 166                 },
 167                 {
 168                         method:       "PUT",
 169                         path:         "/arvados/v1/collections",
 170                         shouldStatus: http.StatusMethodNotAllowed,
 171                 },
 172                 {
 173                         method:       "DELETE",
 174                         path:         "/arvados/v1/collections",
 175                         shouldStatus: http.StatusMethodNotAllowed,
 176                 },
 177                 {
 178                         comment:    "container log webdav GET root",
 179                         method:     "GET",
 180                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "/",
 181                         shouldCall: "ContainerRequestLog",
 182                         withOptions: arvados.ContainerLogOptions{
 183                                 UUID: arvadostest.CompletedContainerRequestUUID,
 184                                 WebDAVOptions: arvados.WebDAVOptions{
 185                                         Method: "GET",
 186                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 187                                         Path:   "/" + arvadostest.CompletedContainerUUID + "/"}},
 188                 },
 189                 {
 190                         comment:    "container log webdav GET root without trailing slash",
 191                         method:     "GET",
 192                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "",
 193                         shouldCall: "ContainerRequestLog",
 194                         withOptions: arvados.ContainerLogOptions{
 195                                 UUID: arvadostest.CompletedContainerRequestUUID,
 196                                 WebDAVOptions: arvados.WebDAVOptions{
 197                                         Method: "GET",
 198                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 199                                         Path:   "/" + arvadostest.CompletedContainerUUID}},
 200                 },
 201                 {
 202                         comment:    "container log webdav OPTIONS root",
 203                         method:     "OPTIONS",
 204                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "/",
 205                         shouldCall: "ContainerRequestLog",
 206                         withOptions: arvados.ContainerLogOptions{
 207                                 UUID: arvadostest.CompletedContainerRequestUUID,
 208                                 WebDAVOptions: arvados.WebDAVOptions{
 209                                         Method: "OPTIONS",
 210                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 211                                         Path:   "/" + arvadostest.CompletedContainerUUID + "/"}},
 212                 },
 213                 {
 214                         comment:    "container log webdav OPTIONS root without trailing slash",
 215                         method:     "OPTIONS",
 216                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID,
 217                         shouldCall: "ContainerRequestLog",
 218                         withOptions: arvados.ContainerLogOptions{
 219                                 UUID: arvadostest.CompletedContainerRequestUUID,
 220                                 WebDAVOptions: arvados.WebDAVOptions{
 221                                         Method: "OPTIONS",
 222                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 223                                         Path:   "/" + arvadostest.CompletedContainerUUID}},
 224                 },
 225                 {
 226                         comment:    "container log webdav PROPFIND root",
 227                         method:     "PROPFIND",
 228                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "/",
 229                         shouldCall: "ContainerRequestLog",
 230                         withOptions: arvados.ContainerLogOptions{
 231                                 UUID: arvadostest.CompletedContainerRequestUUID,
 232                                 WebDAVOptions: arvados.WebDAVOptions{
 233                                         Method: "PROPFIND",
 234                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 235                                         Path:   "/" + arvadostest.CompletedContainerUUID + "/"}},
 236                 },
 237                 {
 238                         comment:    "container log webdav PROPFIND root without trailing slash",
 239                         method:     "PROPFIND",
 240                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "",
 241                         shouldCall: "ContainerRequestLog",
 242                         withOptions: arvados.ContainerLogOptions{
 243                                 UUID: arvadostest.CompletedContainerRequestUUID,
 244                                 WebDAVOptions: arvados.WebDAVOptions{
 245                                         Method: "PROPFIND",
 246                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 247                                         Path:   "/" + arvadostest.CompletedContainerUUID}},
 248                 },
 249                 {
 250                         comment:    "container log webdav no_forward=true",
 251                         method:     "GET",
 252                         path:       "/arvados/v1/container_requests/" + arvadostest.CompletedContainerRequestUUID + "/log/" + arvadostest.CompletedContainerUUID + "/?no_forward=true",
 253                         shouldCall: "ContainerRequestLog",
 254                         withOptions: arvados.ContainerLogOptions{
 255                                 UUID:      arvadostest.CompletedContainerRequestUUID,
 256                                 NoForward: true,
 257                                 WebDAVOptions: arvados.WebDAVOptions{
 258                                         Method: "GET",
 259                                         Header: http.Header{"Authorization": {"Bearer " + arvadostest.ActiveToken}},
 260                                         Path:   "/" + arvadostest.CompletedContainerUUID + "/"}},
 261                 },
 262                 {
 263                         comment:      "/logX does not route to ContainerRequestLog",
 264                         method:       "GET",
 265                         path:         "/arvados/v1/containers/" + arvadostest.CompletedContainerRequestUUID + "/logX",
 266                         shouldStatus: http.StatusNotFound,
 267                         shouldCall:   "",
 268                 },
 269         } {
 270                 // Reset calls captured in previous trial
 271                 s.stub = arvadostest.APIStub{}
 272
 273                 c.Logf("trial: %+v", trial)
 274                 comment := check.Commentf("trial comment: %s", trial.comment)
 275
 276                 _, rr := doRequest(c, s.rtr, token, trial.method, trial.path, trial.header, bytes.NewBufferString(trial.body), nil)
 277                 if trial.shouldStatus == 0 {
 278                         c.Check(rr.Code, check.Equals, http.StatusOK, comment)
 279                 } else {
 280                         c.Check(rr.Code, check.Equals, trial.shouldStatus, comment)
 281                 }
 282                 calls := s.stub.Calls(nil)
 283                 if trial.shouldCall == "" {
 284                         c.Check(calls, check.HasLen, 0, comment)
 285                 } else if len(calls) != 1 {
 286                         c.Check(calls, check.HasLen, 1, comment)
 287                 } else {
 288                         c.Check(calls[0].Method, isMethodNamed, trial.shouldCall, comment)
 289                         c.Check(calls[0].Options, check.DeepEquals, trial.withOptions, comment)
 290                 }
 291         }
 292 }
 293
 294 var _ = check.Suite(&RouterIntegrationSuite{})
 295
 296 type RouterIntegrationSuite struct {
 297         rtr *router
 298 }
 299
 300 func (s *RouterIntegrationSuite) SetUpTest(c *check.C) {
 301         cluster := &arvados.Cluster{}
 302         cluster.TLS.Insecure = true
 303         arvadostest.SetServiceURL(&cluster.Services.RailsAPI, "https://"+os.Getenv("ARVADOS_TEST_API_HOST"))
 304         url, _ := url.Parse("https://" + os.Getenv("ARVADOS_TEST_API_HOST"))
 305         s.rtr = New(rpc.NewConn("zzzzz", url, true, rpc.PassthroughTokenProvider), Config{})
 306 }
 307
 308 func (s *RouterIntegrationSuite) TearDownSuite(c *check.C) {
 309         err := arvados.NewClientFromEnv().RequestAndDecode(nil, "POST", "database/reset", nil, nil)
 310         c.Check(err, check.IsNil)
 311 }
 312
 313 func (s *RouterIntegrationSuite) TestCollectionResponses(c *check.C) {
 314         token := arvadostest.ActiveTokenV2
 315
 316         // Check "get collection" response has "kind" key
 317         jresp := map[string]interface{}{}
 318         _, rr := doRequest(c, s.rtr, token, "GET", `/arvados/v1/collections`, nil, bytes.NewBufferString(`{"include_trash":true}`), jresp)
 319         c.Check(rr.Code, check.Equals, http.StatusOK)
 320         c.Check(jresp["items"], check.FitsTypeOf, []interface{}{})
 321         c.Check(jresp["kind"], check.Equals, "arvados#collectionList")
 322         c.Check(jresp["items"].([]interface{})[0].(map[string]interface{})["kind"], check.Equals, "arvados#collection")
 323
 324         // Check items in list response have a "kind" key regardless
 325         // of whether a uuid/pdh is selected.
 326         for _, selectj := range []string{
 327                 ``,
 328                 `,"select":["portable_data_hash"]`,
 329                 `,"select":["name"]`,
 330                 `,"select":["uuid"]`,
 331         } {
 332                 jresp := map[string]interface{}{}
 333                 _, rr = doRequest(c, s.rtr, token, "GET", `/arvados/v1/collections`, nil, bytes.NewBufferString(`{"where":{"uuid":["`+arvadostest.FooCollection+`"]}`+selectj+`}`), jresp)
 334                 c.Check(rr.Code, check.Equals, http.StatusOK)
 335                 c.Check(jresp["items"], check.FitsTypeOf, []interface{}{})
 336                 c.Check(jresp["items_available"], check.FitsTypeOf, float64(0))
 337                 c.Check(jresp["kind"], check.Equals, "arvados#collectionList")
 338                 item0 := jresp["items"].([]interface{})[0].(map[string]interface{})
 339                 c.Check(item0["kind"], check.Equals, "arvados#collection")
 340                 if selectj == "" || strings.Contains(selectj, "portable_data_hash") {
 341                         c.Check(item0["portable_data_hash"], check.Equals, arvadostest.FooCollectionPDH)
 342                 } else {
 343                         c.Check(item0["portable_data_hash"], check.IsNil)
 344                 }
 345                 if selectj == "" || strings.Contains(selectj, "name") {
 346                         c.Check(item0["name"], check.FitsTypeOf, "")
 347                 } else {
 348                         c.Check(item0["name"], check.IsNil)
 349                 }
 350                 if selectj == "" || strings.Contains(selectj, "uuid") {
 351                         c.Check(item0["uuid"], check.Equals, arvadostest.FooCollection)
 352                 } else {
 353                         c.Check(item0["uuid"], check.IsNil)
 354                 }
 355         }
 356
 357         // Check "create collection" response has "kind" key
 358         jresp = map[string]interface{}{}
 359         _, rr = doRequest(c, s.rtr, token, "POST", `/arvados/v1/collections`, http.Header{"Content-Type": {"application/x-www-form-urlencoded"}}, bytes.NewBufferString(`ensure_unique_name=true`), jresp)
 360         c.Check(rr.Code, check.Equals, http.StatusOK)
 361         c.Check(jresp["uuid"], check.FitsTypeOf, "")
 362         c.Check(jresp["kind"], check.Equals, "arvados#collection")
 363 }
 364
 365 func (s *RouterIntegrationSuite) TestMaxRequestSize(c *check.C) {
 366         token := arvadostest.ActiveTokenV2
 367         for _, maxRequestSize := range []int{
 368                 // Ensure 5M limit is enforced.
 369                 5000000,
 370                 // Ensure 50M limit is enforced, and that a >25M body
 371                 // is accepted even though the default Go request size
 372                 // limit is 10M.
 373                 50000000,
 374         } {
 375                 s.rtr.config.MaxRequestSize = maxRequestSize
 376                 okstr := "a"
 377                 for len(okstr) < maxRequestSize/2 {
 378                         okstr = okstr + okstr
 379                 }
 380
 381                 hdr := http.Header{"Content-Type": {"application/x-www-form-urlencoded"}}
 382
 383                 body := bytes.NewBufferString(url.Values{"foo_bar": {okstr}}.Encode())
 384                 _, rr := doRequest(c, s.rtr, token, "POST", `/arvados/v1/collections`, hdr, body, nil)
 385                 c.Check(rr.Code, check.Equals, http.StatusOK)
 386
 387                 body = bytes.NewBufferString(url.Values{"foo_bar": {okstr + okstr}}.Encode())
 388                 _, rr = doRequest(c, s.rtr, token, "POST", `/arvados/v1/collections`, hdr, body, nil)
 389                 c.Check(rr.Code, check.Equals, http.StatusRequestEntityTooLarge)
 390         }
 391 }
 392
 393 func (s *RouterIntegrationSuite) TestContainerList(c *check.C) {
 394         token := arvadostest.ActiveTokenV2
 395
 396         jresp := map[string]interface{}{}
 397         _, rr := doRequest(c, s.rtr, token, "GET", `/arvados/v1/containers?limit=0`, nil, nil, jresp)
 398         c.Check(rr.Code, check.Equals, http.StatusOK)
 399         c.Check(jresp["items_available"], check.FitsTypeOf, float64(0))
 400         c.Check(jresp["items_available"].(float64) > 2, check.Equals, true)
 401         c.Check(jresp["items"], check.NotNil)
 402         c.Check(jresp["items"], check.HasLen, 0)
 403
 404         jresp = map[string]interface{}{}
 405         _, rr = doRequest(c, s.rtr, token, "GET", `/arvados/v1/containers?filters=[["uuid","in",[]]]`, nil, nil, jresp)
 406         c.Check(rr.Code, check.Equals, http.StatusOK)
 407         c.Check(jresp["items_available"], check.Equals, float64(0))
 408         c.Check(jresp["items"], check.NotNil)
 409         c.Check(jresp["items"], check.HasLen, 0)
 410
 411         jresp = map[string]interface{}{}
 412         _, rr = doRequest(c, s.rtr, token, "GET", `/arvados/v1/containers?limit=2&select=["uuid","command"]`, nil, nil, jresp)
 413         c.Check(rr.Code, check.Equals, http.StatusOK)
 414         c.Check(jresp["items_available"], check.FitsTypeOf, float64(0))
 415         c.Check(jresp["items_available"].(float64) > 2, check.Equals, true)
 416         c.Check(jresp["items"], check.HasLen, 2)
 417         item0 := jresp["items"].([]interface{})[0].(map[string]interface{})
 418         c.Check(item0["uuid"], check.HasLen, 27)
 419         c.Check(item0["command"], check.FitsTypeOf, []interface{}{})
 420         c.Check(item0["command"].([]interface{})[0], check.FitsTypeOf, "")
 421         c.Check(item0["mounts"], check.IsNil)
 422
 423         jresp = map[string]interface{}{}
 424         _, rr = doRequest(c, s.rtr, token, "GET", `/arvados/v1/containers`, nil, nil, jresp)
 425         c.Check(rr.Code, check.Equals, http.StatusOK)
 426         c.Check(jresp["items_available"], check.FitsTypeOf, float64(0))
 427         c.Check(jresp["items_available"].(float64) > 2, check.Equals, true)
 428         avail := int(jresp["items_available"].(float64))
 429         c.Check(jresp["items"], check.HasLen, avail)
 430         item0 = jresp["items"].([]interface{})[0].(map[string]interface{})
 431         c.Check(item0["uuid"], check.HasLen, 27)
 432         c.Check(item0["command"], check.FitsTypeOf, []interface{}{})
 433         c.Check(item0["command"].([]interface{})[0], check.FitsTypeOf, "")
 434         c.Check(item0["mounts"], check.NotNil)
 435 }
 436
 437 func (s *RouterIntegrationSuite) TestContainerLock(c *check.C) {
 438         uuid := arvadostest.QueuedContainerUUID
 439         token := arvadostest.AdminToken
 440
 441         jresp := map[string]interface{}{}
 442         _, rr := doRequest(c, s.rtr, token, "POST", "/arvados/v1/containers/"+uuid+"/lock", nil, nil, jresp)
 443         c.Check(rr.Code, check.Equals, http.StatusOK)
 444         c.Check(jresp["uuid"], check.HasLen, 27)
 445         c.Check(jresp["state"], check.Equals, "Locked")
 446
 447         _, rr = doRequest(c, s.rtr, token, "POST", "/arvados/v1/containers/"+uuid+"/lock", nil, nil, nil)
 448         c.Check(rr.Code, check.Equals, http.StatusUnprocessableEntity)
 449         c.Check(rr.Body.String(), check.Not(check.Matches), `.*"uuid":.*`)
 450
 451         jresp = map[string]interface{}{}
 452         _, rr = doRequest(c, s.rtr, token, "POST", "/arvados/v1/containers/"+uuid+"/unlock", nil, nil, jresp)
 453         c.Check(rr.Code, check.Equals, http.StatusOK)
 454         c.Check(jresp["uuid"], check.HasLen, 27)
 455         c.Check(jresp["state"], check.Equals, "Queued")
 456         c.Check(jresp["environment"], check.IsNil)
 457
 458         jresp = map[string]interface{}{}
 459         _, rr = doRequest(c, s.rtr, token, "POST", "/arvados/v1/containers/"+uuid+"/unlock", nil, nil, jresp)
 460         c.Check(rr.Code, check.Equals, http.StatusUnprocessableEntity)
 461         c.Check(jresp["uuid"], check.IsNil)
 462 }
 463
 464 func (s *RouterIntegrationSuite) TestWritableBy(c *check.C) {
 465         jresp := map[string]interface{}{}
 466         _, rr := doRequest(c, s.rtr, arvadostest.ActiveTokenV2, "GET", `/arvados/v1/users/`+arvadostest.ActiveUserUUID, nil, nil, jresp)
 467         c.Check(rr.Code, check.Equals, http.StatusOK)
 468         c.Check(jresp["writable_by"], check.DeepEquals, []interface{}{"zzzzz-tpzed-000000000000000", "zzzzz-tpzed-xurymjxw79nv3jz", "zzzzz-j7d0g-48foin4vonvc2at"})
 469 }
 470
 471 func (s *RouterIntegrationSuite) TestFullTimestampsInResponse(c *check.C) {
 472         uuid := arvadostest.CollectionReplicationDesired2Confirmed2UUID
 473         token := arvadostest.ActiveTokenV2
 474
 475         jresp := map[string]interface{}{}
 476         _, rr := doRequest(c, s.rtr, token, "GET", `/arvados/v1/collections/`+uuid, nil, nil, jresp)
 477         c.Check(rr.Code, check.Equals, http.StatusOK)
 478         c.Check(jresp["uuid"], check.Equals, uuid)
 479         expectNS := map[string]int{
 480                 "created_at":  596506000, // fixture says 596506247, but truncated by postgresql
 481                 "modified_at": 596338000, // fixture says 596338465, but truncated by postgresql
 482         }
 483         for key, ns := range expectNS {
 484                 mt, ok := jresp[key].(string)
 485                 c.Logf("jresp[%q] == %q", key, mt)
 486                 c.Assert(ok, check.Equals, true)
 487                 t, err := time.Parse(time.RFC3339Nano, mt)
 488                 c.Check(err, check.IsNil)
 489                 c.Check(t.Nanosecond(), check.Equals, ns)
 490         }
 491 }
 492
 493 func (s *RouterIntegrationSuite) TestSelectParam(c *check.C) {
 494         uuid := arvadostest.QueuedContainerUUID
 495         token := arvadostest.ActiveTokenV2
 496         // GET
 497         for _, sel := range [][]string{
 498                 {"uuid", "command"},
 499                 {"uuid", "command", "uuid"},
 500         } {
 501                 j, err := json.Marshal(sel)
 502                 c.Assert(err, check.IsNil)
 503                 jresp := map[string]interface{}{}
 504                 _, rr := doRequest(c, s.rtr, token, "GET", "/arvados/v1/containers/"+uuid+"?select="+string(j), nil, nil, jresp)
 505                 c.Check(rr.Code, check.Equals, http.StatusOK)
 506
 507                 c.Check(jresp["kind"], check.Equals, "arvados#container")
 508                 c.Check(jresp["uuid"], check.HasLen, 27)
 509                 c.Check(jresp["command"], check.HasLen, 2)
 510                 c.Check(jresp["mounts"], check.IsNil)
 511                 _, hasMounts := jresp["mounts"]
 512                 c.Check(hasMounts, check.Equals, false)
 513         }
 514         // POST & PUT
 515         uuid = arvadostest.FooCollection
 516         j, err := json.Marshal([]string{"uuid", "description"})
 517         c.Assert(err, check.IsNil)
 518         for _, method := range []string{"PUT", "POST"} {
 519                 desc := "Today is " + time.Now().String()
 520                 reqBody := "{\"description\":\"" + desc + "\"}"
 521                 jresp := map[string]interface{}{}
 522                 var rr *httptest.ResponseRecorder
 523                 if method == "PUT" {
 524                         _, rr = doRequest(c, s.rtr, token, method, "/arvados/v1/collections/"+uuid+"?select="+string(j), nil, bytes.NewReader([]byte(reqBody)), jresp)
 525                 } else {
 526                         _, rr = doRequest(c, s.rtr, token, method, "/arvados/v1/collections?select="+string(j), nil, bytes.NewReader([]byte(reqBody)), jresp)
 527                 }
 528                 c.Check(rr.Code, check.Equals, http.StatusOK)
 529                 c.Check(jresp["kind"], check.Equals, "arvados#collection")
 530                 c.Check(jresp["uuid"], check.HasLen, 27)
 531                 c.Check(jresp["description"], check.Equals, desc)
 532                 c.Check(jresp["manifest_text"], check.IsNil)
 533         }
 534 }
 535
 536 func (s *RouterIntegrationSuite) TestHEAD(c *check.C) {
 537         _, rr := doRequest(c, s.rtr, arvadostest.ActiveTokenV2, "HEAD", "/arvados/v1/containers/"+arvadostest.QueuedContainerUUID, nil, nil, nil)
 538         c.Check(rr.Code, check.Equals, http.StatusOK)
 539 }
 540
 541 func (s *RouterIntegrationSuite) TestRouteNotFound(c *check.C) {
 542         token := arvadostest.ActiveTokenV2
 543         req := (&testReq{
 544                 method: "POST",
 545                 path:   "arvados/v1/collections/" + arvadostest.FooCollection + "/error404pls",
 546                 token:  token,
 547         }).Request()
 548         rr := httptest.NewRecorder()
 549         s.rtr.ServeHTTP(rr, req)
 550         c.Check(rr.Code, check.Equals, http.StatusNotFound)
 551         c.Logf("body: %q", rr.Body.String())
 552         var j map[string]interface{}
 553         err := json.Unmarshal(rr.Body.Bytes(), &j)
 554         c.Check(err, check.IsNil)
 555         c.Logf("decoded: %v", j)
 556         c.Assert(j["errors"], check.FitsTypeOf, []interface{}{})
 557         c.Check(j["errors"].([]interface{})[0], check.Equals, "API endpoint not found")
 558 }
 559
 560 func (s *RouterIntegrationSuite) TestCORS(c *check.C) {
 561         token := arvadostest.ActiveTokenV2
 562         req := (&testReq{
 563                 method: "OPTIONS",
 564                 path:   "arvados/v1/collections/" + arvadostest.FooCollection,
 565                 header: http.Header{"Origin": {"https://example.com"}},
 566                 token:  token,
 567         }).Request()
 568         rr := httptest.NewRecorder()
 569         s.rtr.ServeHTTP(rr, req)
 570         c.Check(rr.Code, check.Equals, http.StatusOK)
 571         c.Check(rr.Body.String(), check.HasLen, 0)
 572         c.Check(rr.Result().Header.Get("Access-Control-Allow-Origin"), check.Equals, "*")
 573         for _, hdr := range []string{"Authorization", "Content-Type"} {
 574                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Headers"), check.Matches, ".*"+hdr+".*")
 575         }
 576         for _, method := range []string{"GET", "HEAD", "PUT", "POST", "PATCH", "DELETE"} {
 577                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Methods"), check.Matches, ".*"+method+".*")
 578         }
 579
 580         for _, unsafe := range []string{"login", "logout", "auth", "auth/foo", "login/?blah"} {
 581                 req := (&testReq{
 582                         method: "OPTIONS",
 583                         path:   unsafe,
 584                         header: http.Header{"Origin": {"https://example.com"}},
 585                         token:  token,
 586                 }).Request()
 587                 rr := httptest.NewRecorder()
 588                 s.rtr.ServeHTTP(rr, req)
 589                 c.Check(rr.Code, check.Equals, http.StatusOK)
 590                 c.Check(rr.Body.String(), check.HasLen, 0)
 591                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Origin"), check.Equals, "")
 592                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Methods"), check.Equals, "")
 593                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Headers"), check.Equals, "")
 594
 595                 req = (&testReq{
 596                         method: "POST",
 597                         path:   unsafe,
 598                         header: http.Header{"Origin": {"https://example.com"}},
 599                         token:  token,
 600                 }).Request()
 601                 rr = httptest.NewRecorder()
 602                 s.rtr.ServeHTTP(rr, req)
 603                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Origin"), check.Equals, "")
 604                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Methods"), check.Equals, "")
 605                 c.Check(rr.Result().Header.Get("Access-Control-Allow-Headers"), check.Equals, "")
 606         }
 607 }
 608
 609 func doRequest(c *check.C, rtr http.Handler, token, method, path string, hdrs http.Header, body io.Reader, jresp map[string]interface{}) (*http.Request, *httptest.ResponseRecorder) {
 610         req := httptest.NewRequest(method, path, body)
 611         for k, v := range hdrs {
 612                 req.Header[k] = v
 613         }
 614         req.Header.Set("Authorization", "Bearer "+token)
 615         rr := httptest.NewRecorder()
 616         rtr.ServeHTTP(rr, req)
 617         c.Logf("response body: %s", rr.Body.String())
 618         if jresp != nil {
 619                 err := json.Unmarshal(rr.Body.Bytes(), &jresp)
 620                 c.Check(err, check.IsNil)
 621         }
 622         return req, rr
 623 }