Merge branch '8508-datamanager-test-badpaths' of https://github.com/wtsi-hgi/arvados...
[arvados.git] / services / api / test / unit / group_test.rb
1 require 'test_helper'
2
3 class GroupTest < ActiveSupport::TestCase
4
5   test "cannot set owner_uuid to object with existing ownership cycle" do
6     set_user_from_auth :active_trustedclient
7
8     # First make sure we have lots of permission on the bad group by
9     # renaming it to "{current name} is mine all mine"
10     g = groups(:bad_group_has_ownership_cycle_b)
11     g.name += " is mine all mine"
12     assert g.save, "active user should be able to modify group #{g.uuid}"
13
14     # Use the group as the owner of a new object
15     s = Specimen.
16       create(owner_uuid: groups(:bad_group_has_ownership_cycle_b).uuid)
17     assert s.valid?, "ownership should pass validation #{s.errors.messages}"
18     assert_equal false, s.save, "should not save object with #{g.uuid} as owner"
19
20     # Use the group as the new owner of an existing object
21     s = specimens(:in_aproject)
22     s.owner_uuid = groups(:bad_group_has_ownership_cycle_b).uuid
23     assert s.valid?, "ownership should pass validation"
24     assert_equal false, s.save, "should not save object with #{g.uuid} as owner"
25   end
26
27   test "cannot create a new ownership cycle" do
28     set_user_from_auth :active_trustedclient
29
30     g_foo = Group.create!(name: "foo")
31     g_bar = Group.create!(name: "bar")
32
33     g_foo.owner_uuid = g_bar.uuid
34     assert g_foo.save, lambda { g_foo.errors.messages }
35     g_bar.owner_uuid = g_foo.uuid
36     assert g_bar.valid?, "ownership cycle should not prevent validation"
37     assert_equal false, g_bar.save, "should not create an ownership loop"
38     assert g_bar.errors.messages[:owner_uuid].join(" ").match(/ownership cycle/)
39   end
40
41   test "cannot create a single-object ownership cycle" do
42     set_user_from_auth :active_trustedclient
43
44     g_foo = Group.create!(name: "foo")
45     assert g_foo.save
46
47     # Ensure I have permission to manage this group even when its owner changes
48     perm_link = Link.create!(tail_uuid: users(:active).uuid,
49                             head_uuid: g_foo.uuid,
50                             link_class: 'permission',
51                             name: 'can_manage')
52     assert perm_link.save
53
54     g_foo.owner_uuid = g_foo.uuid
55     assert_equal false, g_foo.save, "should not create an ownership loop"
56     assert g_foo.errors.messages[:owner_uuid].join(" ").match(/ownership cycle/)
57   end
58
59 end