3 class Arvados::V1::UsersControllerTest < ActionController::TestCase
6 @all_links_at_start = Link.all
7 @vm_uuid = virtual_machines(:testvm).uuid
10 test "activate a user after signing UA" do
11 authorize_with :inactive_but_signed_user_agreement
13 assert_response :success
14 me = JSON.parse(@response.body)
15 post :activate, uuid: me['uuid']
16 assert_response :success
17 assert_not_nil assigns(:object)
18 me = JSON.parse(@response.body)
19 assert_equal true, me['is_active']
22 test "refuse to activate a user before signing UA" do
23 authorize_with :inactive
25 assert_response :success
26 me = JSON.parse(@response.body)
27 post :activate, uuid: me['uuid']
30 assert_response :success
31 me = JSON.parse(@response.body)
32 assert_equal false, me['is_active']
35 test "activate an already-active user" do
36 authorize_with :active
38 assert_response :success
39 me = JSON.parse(@response.body)
40 post :activate, uuid: me['uuid']
41 assert_response :success
42 me = JSON.parse(@response.body)
43 assert_equal true, me['is_active']
46 test "create new user with user as input" do
49 first_name: "test_first_name",
50 last_name: "test_last_name",
53 assert_response :success
54 created = JSON.parse(@response.body)
55 assert_equal 'test_first_name', created['first_name']
56 assert_not_nil created['uuid'], 'expected uuid for the newly created user'
57 assert_not_nil created['email'], 'expected non-nil email'
58 assert_nil created['identity_url'], 'expected no identity_url'
61 test "create user with user, vm and repo as input" do
63 repo_name = 'test_repo'
67 openid_prefix: 'https://www.google.com/accounts/o8/id',
69 uuid: "this_is_agreeable",
70 first_name: "in_create_test_first_name",
71 last_name: "test_last_name",
75 assert_response :success
77 response_items = JSON.parse(@response.body)['items']
78 created = response_items['user']
80 assert_equal 'in_create_test_first_name', created['first_name']
81 assert_not_nil created['uuid'], 'expected non-null uuid for the new user'
82 assert_equal 'this_is_agreeable', created['uuid']
83 assert_not_nil created['email'], 'expected non-nil email'
84 assert_nil created['identity_url'], 'expected no identity_url'
86 # since no such vm exists, expect only three new links:
87 # oid_login_perm, repo link and link add user to 'All users' group
88 verify_num_links @all_links_at_start, 3
90 verify_link response_items, 'oid_login_perm', true, 'permission', 'can_login',
91 created['uuid'], created['email'], 'arvados#user', false, 'User'
93 verify_link response_items, 'repo_perm', true, 'permission', 'can_write',
94 repo_name, created['uuid'], 'arvados#repository', true, 'Repository'
96 verify_link response_items, 'group_perm', true, 'permission', 'can_read',
97 'All users', created['uuid'], 'arvados#group', true, 'Group'
99 verify_link response_items, 'vm_login_perm', false, 'permission', 'can_login',
100 nil, created['uuid'], 'arvados#virtualMachine', false, 'VirtualMachine'
103 test "create user with bogus uuid, vm and repo as input" do
104 authorize_with :admin
107 uuid: 'not_an_existing_uuid_and_not_email_format',
108 repo_name: 'test_repo',
110 openid_prefix: 'https://www.google.com/accounts/o8/id'
112 response_body = JSON.parse(@response.body)
113 response_errors = response_body['errors']
114 assert_not_nil response_errors, 'Expected error in response'
115 assert (response_errors.first.include? 'Path not found'), 'Expected 404'
118 test "invoke setup with existing uuid, vm and repo and verify links" do
119 authorize_with :inactive
121 assert_response :success
122 inactive_user = JSON.parse(@response.body)
124 authorize_with :admin
127 user: {uuid: inactive_user['uuid']},
128 repo_name: 'test_repo',
130 openid_prefix: 'https://www.google.com/accounts/o8/id'
133 assert_response :success
135 response_items = JSON.parse(@response.body)['items']
136 resp_obj = response_items['user']
138 assert_not_nil resp_obj['uuid'], 'expected uuid for the new user'
139 assert_equal inactive_user['uuid'], resp_obj['uuid']
140 assert_equal inactive_user['email'], resp_obj['email'],
141 'expecting inactive user email'
143 # expect repo and vm links
144 verify_link response_items, 'repo_perm', true, 'permission', 'can_write',
145 'test_repo', resp_obj['uuid'], 'arvados#repository', true, 'Repository'
147 verify_link response_items, 'vm_login_perm', true, 'permission', 'can_login',
148 @vm_uuid, resp_obj['uuid'], 'arvados#virtualMachine', false, 'VirtualMachine'
151 test "create user with valid email and repo as input" do
152 authorize_with :admin
155 repo_name: 'test_repo',
156 user: {email: 'abc@xyz.com'},
157 openid_prefix: 'https://www.google.com/accounts/o8/id'
160 assert_response :success
161 response_object = JSON.parse(@response.body)['items']['user']
162 assert_not_nil response_object['uuid'], 'expected uuid for the new user'
163 assert_equal response_object['email'], 'abc@xyz.com', 'expected given email'
165 # three extra links; login link, group link and repo link
166 verify_num_links @all_links_at_start, 3
169 test "create user with valid email, repo and fake vm as input" do
170 authorize_with :admin
173 repo_name: 'test_repo',
174 vm_uuid: 'no_such_vm',
175 user: {email: 'abc@xyz.com'},
176 openid_prefix: 'https://www.google.com/accounts/o8/id'
179 response_body = JSON.parse(@response.body)
180 response_errors = response_body['errors']
181 assert_not_nil response_errors, 'Expected error in response'
182 assert (response_errors.first.include? "No vm found for no_such_vm"),
183 'Expected RuntimeError: No vm found for no_such_vm'
186 test "create user with valid email, repo and real vm as input" do
187 authorize_with :admin
190 repo_name: 'test_repo',
191 openid_prefix: 'https://www.google.com/accounts/o8/id',
193 user: {email: 'abc@xyz.com'}
196 assert_response :success
197 response_object = JSON.parse(@response.body)['items']['user']
198 assert_not_nil response_object['uuid'], 'expected uuid for the new user'
199 assert_equal response_object['email'], 'abc@xyz.com', 'expected given email'
201 # three extra links; login link, group link and repo link
202 verify_num_links @all_links_at_start, 4
205 test "create user with valid email, no vm and repo as input" do
206 authorize_with :admin
209 user: {email: 'abc@xyz.com'},
210 openid_prefix: 'https://www.google.com/accounts/o8/id'
213 assert_response :success
214 response_object = JSON.parse(@response.body)['items']['user']
215 assert_not_nil response_object['uuid'], 'expected uuid for new user'
216 assert_equal response_object['email'], 'abc@xyz.com', 'expected given email'
218 # two extra links; login link and group link
219 verify_num_links @all_links_at_start, 2
222 test "create user with email, first name, repo name and vm uuid" do
223 authorize_with :admin
226 openid_prefix: 'https://www.google.com/accounts/o8/id',
227 repo_name: 'test_repo',
230 first_name: 'test_first_name',
235 assert_response :success
236 response_object = JSON.parse(@response.body)['items']['user']
237 assert_not_nil response_object['uuid'], 'expected uuid for new user'
238 assert_equal response_object['email'], 'abc@xyz.com', 'expected given email'
239 assert_equal 'test_first_name', response_object['first_name'],
240 'expecting first name'
242 # four extra links; login link, group link, repo link and vm link
243 verify_num_links @all_links_at_start, 4
246 test "create user twice with email and check two different objects created" do
247 authorize_with :admin
250 openid_prefix: 'https://www.google.com/accounts/o8/id',
251 repo_name: 'test_repo',
257 assert_response :success
258 response_object = JSON.parse(@response.body)['items']['user']
259 assert_not_nil response_object['uuid'], 'expected uuid for new user'
260 assert_equal response_object['email'], 'abc@xyz.com', 'expected given email'
261 verify_num_links @all_links_at_start, 3 # openid, group, and repo. no vm
265 user: {email: 'abc@xyz.com'},
266 openid_prefix: 'https://www.google.com/accounts/o8/id'
269 assert_response :success
270 response_object2 = JSON.parse(@response.body)['items']['user']
271 assert_not_equal response_object['uuid'], response_object2['uuid'],
272 'expected same uuid as first create operation'
273 assert_equal response_object['email'], 'abc@xyz.com', 'expected given email'
275 # extra login link only
276 verify_num_links @all_links_at_start, 4
279 test "create user with openid prefix" do
280 authorize_with :admin
283 repo_name: 'test_repo',
284 openid_prefix: 'http://www.xyz.com/account',
286 first_name: "in_create_test_first_name",
287 last_name: "test_last_name",
288 email: "test@abc.com"
292 assert_response :success
294 response_items = JSON.parse(@response.body)['items']
295 created = response_items['user']
297 assert_equal 'in_create_test_first_name', created['first_name']
298 assert_not_nil created['uuid'], 'expected uuid for new user'
299 assert_not_nil created['email'], 'expected non-nil email'
300 assert_nil created['identity_url'], 'expected no identity_url'
303 # 3 new links: oid_login_perm, repo, and 'All users' group.
304 verify_num_links @all_links_at_start, 3
306 verify_link response_items, 'oid_login_perm', true, 'permission', 'can_login',
307 created['uuid'], created['email'], 'arvados#user', false, 'User'
309 verify_link response_items, 'repo_perm', true, 'permission', 'can_write',
310 'test_repo', created['uuid'], 'arvados#repository', true, 'Repository'
312 verify_link response_items, 'group_perm', true, 'permission', 'can_read',
313 'All users', created['uuid'], 'arvados#group', true, 'Group'
315 verify_link response_items, 'vm_login_perm', false, 'permission', 'can_login',
316 nil, created['uuid'], 'arvados#virtualMachine', false, 'VirtualMachine'
319 test "invoke setup with no openid prefix, expect error" do
320 authorize_with :admin
323 repo_name: 'test_repo',
325 first_name: "in_create_test_first_name",
326 last_name: "test_last_name",
327 email: "test@abc.com"
331 response_body = JSON.parse(@response.body)
332 response_errors = response_body['errors']
333 assert_not_nil response_errors, 'Expected error in response'
334 assert (response_errors.first.include? 'openid_prefix parameter is missing'),
335 'Expected ArgumentError'
338 test "create user with user, vm and repo and verify links" do
339 authorize_with :admin
343 first_name: "in_create_test_first_name",
344 last_name: "test_last_name",
345 email: "test@abc.com"
348 repo_name: 'test_repo',
349 openid_prefix: 'https://www.google.com/accounts/o8/id'
352 assert_response :success
354 response_items = JSON.parse(@response.body)['items']
355 created = response_items['user']
357 assert_equal 'in_create_test_first_name', created['first_name']
358 assert_not_nil created['uuid'], 'expected uuid for new user'
359 assert_not_nil created['email'], 'expected non-nil email'
360 assert_nil created['identity_url'], 'expected no identity_url'
362 # expect 4 new links: oid_login_perm, repo, vm and 'All users' group link
363 verify_num_links @all_links_at_start, 4
365 verify_link response_items, 'oid_login_perm', true, 'permission', 'can_login',
366 created['uuid'], created['email'], 'arvados#user', false, 'User'
368 verify_link response_items, 'repo_perm', true, 'permission', 'can_write',
369 'test_repo', created['uuid'], 'arvados#repository', true, 'Repository'
371 verify_link response_items, 'group_perm', true, 'permission', 'can_read',
372 'All users', created['uuid'], 'arvados#group', true, 'Group'
374 verify_link response_items, 'vm_login_perm', true, 'permission', 'can_login',
375 @vm_uuid, created['uuid'], 'arvados#virtualMachine', false, 'VirtualMachine'
378 test "try to create user as non admin user" do
379 authorize_with :active
382 user: {email: 'abc@xyz.com'}
385 response_body = JSON.parse(@response.body)
386 response_errors = response_body['errors']
387 assert_not_nil response_errors, 'Expected error in response'
388 assert (response_errors.first.include? 'PermissionDenied'),
389 'Expected PermissionDeniedError'
392 test "try to setup user as non admin user" do
393 authorize_with :active
396 openid_prefix: 'https://www.google.com/accounts/o8/id',
397 user: {email: 'abc@xyz.com'}
400 response_body = JSON.parse(@response.body)
401 response_errors = response_body['errors']
402 assert_not_nil response_errors, 'Expected error in response'
403 assert (response_errors.first.include? 'PermissionDenied'),
404 'Expected PermissionDeniedError'
407 def verify_num_links (original_links, expected_additional_links)
409 assert_equal original_links.size+expected_additional_links, Link.all.size,
410 "Expected #{expected_additional_links.inspect} more links"
413 def verify_link(response_items, link_object_name, expect_link, link_class,
414 link_name, head_uuid, tail_uuid, head_kind, fetch_object, class_name)
415 link = response_items[link_object_name]
425 object = Object.const_get(class_name).where(name: head_uuid)
426 assert [] != object, "expected #{class_name} with name #{head_uuid}"
427 head_uuid = object.first[:uuid]
430 assert_equal link['link_class'], link_class,
431 "did not find expected link_class for #{link_object_name}"
433 assert_equal link['name'], link_name,
434 "did not find expected link_name for #{link_object_name}"
436 assert_equal link['tail_uuid'], tail_uuid,
437 "did not find expected tail_uuid for #{link_object_name}"
439 assert_equal link['head_kind'], head_kind,
440 "did not find expected head_kind for #{link_object_name}"
442 assert_equal link['head_uuid'], head_uuid,
443 "did not find expected head_uuid for #{link_object_name}"