17574: Merge branch 'main'
[arvados.git] / services / keepstore / handler_test.go
1 // Copyright (C) The Arvados Authors. All rights reserved.
2 //
3 // SPDX-License-Identifier: AGPL-3.0
4
5 // Tests for Keep HTTP handlers:
6 //
7 //     GetBlockHandler
8 //     PutBlockHandler
9 //     IndexHandler
10 //
11 // The HTTP handlers are responsible for enforcing permission policy,
12 // so these tests must exercise all possible permission permutations.
13
14 package main
15
16 import (
17         "bytes"
18         "context"
19         "encoding/json"
20         "fmt"
21         "net/http"
22         "net/http/httptest"
23         "os"
24         "regexp"
25         "sort"
26         "strings"
27         "time"
28
29         "git.arvados.org/arvados.git/lib/config"
30         "git.arvados.org/arvados.git/sdk/go/arvados"
31         "git.arvados.org/arvados.git/sdk/go/arvadostest"
32         "git.arvados.org/arvados.git/sdk/go/ctxlog"
33         "github.com/prometheus/client_golang/prometheus"
34         check "gopkg.in/check.v1"
35 )
36
37 var testServiceURL = func() arvados.URL {
38         return arvados.URL{Host: "localhost:12345", Scheme: "http"}
39 }()
40
41 func testCluster(t TB) *arvados.Cluster {
42         cfg, err := config.NewLoader(bytes.NewBufferString("Clusters: {zzzzz: {}}"), ctxlog.TestLogger(t)).Load()
43         if err != nil {
44                 t.Fatal(err)
45         }
46         cluster, err := cfg.GetCluster("")
47         if err != nil {
48                 t.Fatal(err)
49         }
50         cluster.SystemRootToken = arvadostest.SystemRootToken
51         cluster.ManagementToken = arvadostest.ManagementToken
52         cluster.Collections.BlobSigning = false
53         return cluster
54 }
55
56 var _ = check.Suite(&HandlerSuite{})
57
58 type HandlerSuite struct {
59         cluster *arvados.Cluster
60         handler *handler
61 }
62
63 func (s *HandlerSuite) SetUpTest(c *check.C) {
64         s.cluster = testCluster(c)
65         s.cluster.Volumes = map[string]arvados.Volume{
66                 "zzzzz-nyw5e-000000000000000": {Replication: 1, Driver: "mock"},
67                 "zzzzz-nyw5e-111111111111111": {Replication: 1, Driver: "mock"},
68         }
69         s.handler = &handler{}
70 }
71
72 // A RequestTester represents the parameters for an HTTP request to
73 // be issued on behalf of a unit test.
74 type RequestTester struct {
75         uri            string
76         apiToken       string
77         method         string
78         requestBody    []byte
79         storageClasses string
80 }
81
82 // Test GetBlockHandler on the following situations:
83 //   - permissions off, unauthenticated request, unsigned locator
84 //   - permissions on, authenticated request, signed locator
85 //   - permissions on, authenticated request, unsigned locator
86 //   - permissions on, unauthenticated request, signed locator
87 //   - permissions on, authenticated request, expired locator
88 //   - permissions on, authenticated request, signed locator, transient error from backend
89 //
90 func (s *HandlerSuite) TestGetHandler(c *check.C) {
91         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
92
93         vols := s.handler.volmgr.AllWritable()
94         err := vols[0].Put(context.Background(), TestHash, TestBlock)
95         c.Check(err, check.IsNil)
96
97         // Create locators for testing.
98         // Turn on permission settings so we can generate signed locators.
99         s.cluster.Collections.BlobSigning = true
100         s.cluster.Collections.BlobSigningKey = knownKey
101         s.cluster.Collections.BlobSigningTTL.Set("5m")
102
103         var (
104                 unsignedLocator  = "/" + TestHash
105                 validTimestamp   = time.Now().Add(s.cluster.Collections.BlobSigningTTL.Duration())
106                 expiredTimestamp = time.Now().Add(-time.Hour)
107                 signedLocator    = "/" + SignLocator(s.cluster, TestHash, knownToken, validTimestamp)
108                 expiredLocator   = "/" + SignLocator(s.cluster, TestHash, knownToken, expiredTimestamp)
109         )
110
111         // -----------------
112         // Test unauthenticated request with permissions off.
113         s.cluster.Collections.BlobSigning = false
114
115         // Unauthenticated request, unsigned locator
116         // => OK
117         response := IssueRequest(s.handler,
118                 &RequestTester{
119                         method: "GET",
120                         uri:    unsignedLocator,
121                 })
122         ExpectStatusCode(c,
123                 "Unauthenticated request, unsigned locator", http.StatusOK, response)
124         ExpectBody(c,
125                 "Unauthenticated request, unsigned locator",
126                 string(TestBlock),
127                 response)
128
129         receivedLen := response.Header().Get("Content-Length")
130         expectedLen := fmt.Sprintf("%d", len(TestBlock))
131         if receivedLen != expectedLen {
132                 c.Errorf("expected Content-Length %s, got %s", expectedLen, receivedLen)
133         }
134
135         // ----------------
136         // Permissions: on.
137         s.cluster.Collections.BlobSigning = true
138
139         // Authenticated request, signed locator
140         // => OK
141         response = IssueRequest(s.handler, &RequestTester{
142                 method:   "GET",
143                 uri:      signedLocator,
144                 apiToken: knownToken,
145         })
146         ExpectStatusCode(c,
147                 "Authenticated request, signed locator", http.StatusOK, response)
148         ExpectBody(c,
149                 "Authenticated request, signed locator", string(TestBlock), response)
150
151         receivedLen = response.Header().Get("Content-Length")
152         expectedLen = fmt.Sprintf("%d", len(TestBlock))
153         if receivedLen != expectedLen {
154                 c.Errorf("expected Content-Length %s, got %s", expectedLen, receivedLen)
155         }
156
157         // Authenticated request, unsigned locator
158         // => PermissionError
159         response = IssueRequest(s.handler, &RequestTester{
160                 method:   "GET",
161                 uri:      unsignedLocator,
162                 apiToken: knownToken,
163         })
164         ExpectStatusCode(c, "unsigned locator", PermissionError.HTTPCode, response)
165
166         // Unauthenticated request, signed locator
167         // => PermissionError
168         response = IssueRequest(s.handler, &RequestTester{
169                 method: "GET",
170                 uri:    signedLocator,
171         })
172         ExpectStatusCode(c,
173                 "Unauthenticated request, signed locator",
174                 PermissionError.HTTPCode, response)
175
176         // Authenticated request, expired locator
177         // => ExpiredError
178         response = IssueRequest(s.handler, &RequestTester{
179                 method:   "GET",
180                 uri:      expiredLocator,
181                 apiToken: knownToken,
182         })
183         ExpectStatusCode(c,
184                 "Authenticated request, expired locator",
185                 ExpiredError.HTTPCode, response)
186
187         // Authenticated request, signed locator
188         // => 503 Server busy (transient error)
189
190         // Set up the block owning volume to respond with errors
191         vols[0].Volume.(*MockVolume).Bad = true
192         vols[0].Volume.(*MockVolume).BadVolumeError = VolumeBusyError
193         response = IssueRequest(s.handler, &RequestTester{
194                 method:   "GET",
195                 uri:      signedLocator,
196                 apiToken: knownToken,
197         })
198         // A transient error from one volume while the other doesn't find the block
199         // should make the service return a 503 so that clients can retry.
200         ExpectStatusCode(c,
201                 "Volume backend busy",
202                 503, response)
203 }
204
205 // Test PutBlockHandler on the following situations:
206 //   - no server key
207 //   - with server key, authenticated request, unsigned locator
208 //   - with server key, unauthenticated request, unsigned locator
209 //
210 func (s *HandlerSuite) TestPutHandler(c *check.C) {
211         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
212
213         // --------------
214         // No server key.
215
216         s.cluster.Collections.BlobSigningKey = ""
217
218         // Unauthenticated request, no server key
219         // => OK (unsigned response)
220         unsignedLocator := "/" + TestHash
221         response := IssueRequest(s.handler,
222                 &RequestTester{
223                         method:      "PUT",
224                         uri:         unsignedLocator,
225                         requestBody: TestBlock,
226                 })
227
228         ExpectStatusCode(c,
229                 "Unauthenticated request, no server key", http.StatusOK, response)
230         ExpectBody(c,
231                 "Unauthenticated request, no server key",
232                 TestHashPutResp, response)
233
234         // ------------------
235         // With a server key.
236
237         s.cluster.Collections.BlobSigningKey = knownKey
238         s.cluster.Collections.BlobSigningTTL.Set("5m")
239
240         // When a permission key is available, the locator returned
241         // from an authenticated PUT request will be signed.
242
243         // Authenticated PUT, signed locator
244         // => OK (signed response)
245         response = IssueRequest(s.handler,
246                 &RequestTester{
247                         method:      "PUT",
248                         uri:         unsignedLocator,
249                         requestBody: TestBlock,
250                         apiToken:    knownToken,
251                 })
252
253         ExpectStatusCode(c,
254                 "Authenticated PUT, signed locator, with server key",
255                 http.StatusOK, response)
256         responseLocator := strings.TrimSpace(response.Body.String())
257         if VerifySignature(s.cluster, responseLocator, knownToken) != nil {
258                 c.Errorf("Authenticated PUT, signed locator, with server key:\n"+
259                         "response '%s' does not contain a valid signature",
260                         responseLocator)
261         }
262
263         // Unauthenticated PUT, unsigned locator
264         // => OK
265         response = IssueRequest(s.handler,
266                 &RequestTester{
267                         method:      "PUT",
268                         uri:         unsignedLocator,
269                         requestBody: TestBlock,
270                 })
271
272         ExpectStatusCode(c,
273                 "Unauthenticated PUT, unsigned locator, with server key",
274                 http.StatusOK, response)
275         ExpectBody(c,
276                 "Unauthenticated PUT, unsigned locator, with server key",
277                 TestHashPutResp, response)
278 }
279
280 func (s *HandlerSuite) TestPutAndDeleteSkipReadonlyVolumes(c *check.C) {
281         s.cluster.Volumes["zzzzz-nyw5e-000000000000000"] = arvados.Volume{Driver: "mock", ReadOnly: true}
282         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
283
284         s.cluster.SystemRootToken = "fake-data-manager-token"
285         IssueRequest(s.handler,
286                 &RequestTester{
287                         method:      "PUT",
288                         uri:         "/" + TestHash,
289                         requestBody: TestBlock,
290                 })
291
292         s.cluster.Collections.BlobTrash = true
293         IssueRequest(s.handler,
294                 &RequestTester{
295                         method:      "DELETE",
296                         uri:         "/" + TestHash,
297                         requestBody: TestBlock,
298                         apiToken:    s.cluster.SystemRootToken,
299                 })
300         type expect struct {
301                 volid     string
302                 method    string
303                 callcount int
304         }
305         for _, e := range []expect{
306                 {"zzzzz-nyw5e-000000000000000", "Get", 0},
307                 {"zzzzz-nyw5e-000000000000000", "Compare", 0},
308                 {"zzzzz-nyw5e-000000000000000", "Touch", 0},
309                 {"zzzzz-nyw5e-000000000000000", "Put", 0},
310                 {"zzzzz-nyw5e-000000000000000", "Delete", 0},
311                 {"zzzzz-nyw5e-111111111111111", "Get", 0},
312                 {"zzzzz-nyw5e-111111111111111", "Compare", 1},
313                 {"zzzzz-nyw5e-111111111111111", "Touch", 1},
314                 {"zzzzz-nyw5e-111111111111111", "Put", 1},
315                 {"zzzzz-nyw5e-111111111111111", "Delete", 1},
316         } {
317                 if calls := s.handler.volmgr.mountMap[e.volid].Volume.(*MockVolume).CallCount(e.method); calls != e.callcount {
318                         c.Errorf("Got %d %s() on vol %s, expect %d", calls, e.method, e.volid, e.callcount)
319                 }
320         }
321 }
322
323 // Test TOUCH requests.
324 func (s *HandlerSuite) TestTouchHandler(c *check.C) {
325         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
326         vols := s.handler.volmgr.AllWritable()
327         vols[0].Put(context.Background(), TestHash, TestBlock)
328         vols[0].Volume.(*MockVolume).TouchWithDate(TestHash, time.Now().Add(-time.Hour))
329         afterPut := time.Now()
330         t, err := vols[0].Mtime(TestHash)
331         c.Assert(err, check.IsNil)
332         c.Assert(t.Before(afterPut), check.Equals, true)
333
334         ExpectStatusCode(c,
335                 "touch with no credentials",
336                 http.StatusUnauthorized,
337                 IssueRequest(s.handler, &RequestTester{
338                         method: "TOUCH",
339                         uri:    "/" + TestHash,
340                 }))
341
342         ExpectStatusCode(c,
343                 "touch with non-root credentials",
344                 http.StatusUnauthorized,
345                 IssueRequest(s.handler, &RequestTester{
346                         method:   "TOUCH",
347                         uri:      "/" + TestHash,
348                         apiToken: arvadostest.ActiveTokenV2,
349                 }))
350
351         ExpectStatusCode(c,
352                 "touch non-existent block",
353                 http.StatusNotFound,
354                 IssueRequest(s.handler, &RequestTester{
355                         method:   "TOUCH",
356                         uri:      "/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
357                         apiToken: s.cluster.SystemRootToken,
358                 }))
359
360         beforeTouch := time.Now()
361         ExpectStatusCode(c,
362                 "touch block",
363                 http.StatusOK,
364                 IssueRequest(s.handler, &RequestTester{
365                         method:   "TOUCH",
366                         uri:      "/" + TestHash,
367                         apiToken: s.cluster.SystemRootToken,
368                 }))
369         t, err = vols[0].Mtime(TestHash)
370         c.Assert(err, check.IsNil)
371         c.Assert(t.After(beforeTouch), check.Equals, true)
372 }
373
374 // Test /index requests:
375 //   - unauthenticated /index request
376 //   - unauthenticated /index/prefix request
377 //   - authenticated   /index request        | non-superuser
378 //   - authenticated   /index/prefix request | non-superuser
379 //   - authenticated   /index request        | superuser
380 //   - authenticated   /index/prefix request | superuser
381 //
382 // The only /index requests that should succeed are those issued by the
383 // superuser. They should pass regardless of the value of BlobSigning.
384 //
385 func (s *HandlerSuite) TestIndexHandler(c *check.C) {
386         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
387
388         // Include multiple blocks on different volumes, and
389         // some metadata files (which should be omitted from index listings)
390         vols := s.handler.volmgr.AllWritable()
391         vols[0].Put(context.Background(), TestHash, TestBlock)
392         vols[1].Put(context.Background(), TestHash2, TestBlock2)
393         vols[0].Put(context.Background(), TestHash+".meta", []byte("metadata"))
394         vols[1].Put(context.Background(), TestHash2+".meta", []byte("metadata"))
395
396         s.cluster.SystemRootToken = "DATA MANAGER TOKEN"
397
398         unauthenticatedReq := &RequestTester{
399                 method: "GET",
400                 uri:    "/index",
401         }
402         authenticatedReq := &RequestTester{
403                 method:   "GET",
404                 uri:      "/index",
405                 apiToken: knownToken,
406         }
407         superuserReq := &RequestTester{
408                 method:   "GET",
409                 uri:      "/index",
410                 apiToken: s.cluster.SystemRootToken,
411         }
412         unauthPrefixReq := &RequestTester{
413                 method: "GET",
414                 uri:    "/index/" + TestHash[0:3],
415         }
416         authPrefixReq := &RequestTester{
417                 method:   "GET",
418                 uri:      "/index/" + TestHash[0:3],
419                 apiToken: knownToken,
420         }
421         superuserPrefixReq := &RequestTester{
422                 method:   "GET",
423                 uri:      "/index/" + TestHash[0:3],
424                 apiToken: s.cluster.SystemRootToken,
425         }
426         superuserNoSuchPrefixReq := &RequestTester{
427                 method:   "GET",
428                 uri:      "/index/abcd",
429                 apiToken: s.cluster.SystemRootToken,
430         }
431         superuserInvalidPrefixReq := &RequestTester{
432                 method:   "GET",
433                 uri:      "/index/xyz",
434                 apiToken: s.cluster.SystemRootToken,
435         }
436
437         // -------------------------------------------------------------
438         // Only the superuser should be allowed to issue /index requests.
439
440         // ---------------------------
441         // BlobSigning enabled
442         // This setting should not affect tests passing.
443         s.cluster.Collections.BlobSigning = true
444
445         // unauthenticated /index request
446         // => UnauthorizedError
447         response := IssueRequest(s.handler, unauthenticatedReq)
448         ExpectStatusCode(c,
449                 "permissions on, unauthenticated request",
450                 UnauthorizedError.HTTPCode,
451                 response)
452
453         // unauthenticated /index/prefix request
454         // => UnauthorizedError
455         response = IssueRequest(s.handler, unauthPrefixReq)
456         ExpectStatusCode(c,
457                 "permissions on, unauthenticated /index/prefix request",
458                 UnauthorizedError.HTTPCode,
459                 response)
460
461         // authenticated /index request, non-superuser
462         // => UnauthorizedError
463         response = IssueRequest(s.handler, authenticatedReq)
464         ExpectStatusCode(c,
465                 "permissions on, authenticated request, non-superuser",
466                 UnauthorizedError.HTTPCode,
467                 response)
468
469         // authenticated /index/prefix request, non-superuser
470         // => UnauthorizedError
471         response = IssueRequest(s.handler, authPrefixReq)
472         ExpectStatusCode(c,
473                 "permissions on, authenticated /index/prefix request, non-superuser",
474                 UnauthorizedError.HTTPCode,
475                 response)
476
477         // superuser /index request
478         // => OK
479         response = IssueRequest(s.handler, superuserReq)
480         ExpectStatusCode(c,
481                 "permissions on, superuser request",
482                 http.StatusOK,
483                 response)
484
485         // ----------------------------
486         // BlobSigning disabled
487         // Valid Request should still pass.
488         s.cluster.Collections.BlobSigning = false
489
490         // superuser /index request
491         // => OK
492         response = IssueRequest(s.handler, superuserReq)
493         ExpectStatusCode(c,
494                 "permissions on, superuser request",
495                 http.StatusOK,
496                 response)
497
498         expected := `^` + TestHash + `\+\d+ \d+\n` +
499                 TestHash2 + `\+\d+ \d+\n\n$`
500         match, _ := regexp.MatchString(expected, response.Body.String())
501         if !match {
502                 c.Errorf(
503                         "permissions on, superuser request: expected %s, got:\n%s",
504                         expected, response.Body.String())
505         }
506
507         // superuser /index/prefix request
508         // => OK
509         response = IssueRequest(s.handler, superuserPrefixReq)
510         ExpectStatusCode(c,
511                 "permissions on, superuser request",
512                 http.StatusOK,
513                 response)
514
515         expected = `^` + TestHash + `\+\d+ \d+\n\n$`
516         match, _ = regexp.MatchString(expected, response.Body.String())
517         if !match {
518                 c.Errorf(
519                         "permissions on, superuser /index/prefix request: expected %s, got:\n%s",
520                         expected, response.Body.String())
521         }
522
523         // superuser /index/{no-such-prefix} request
524         // => OK
525         response = IssueRequest(s.handler, superuserNoSuchPrefixReq)
526         ExpectStatusCode(c,
527                 "permissions on, superuser request",
528                 http.StatusOK,
529                 response)
530
531         if "\n" != response.Body.String() {
532                 c.Errorf("Expected empty response for %s. Found %s", superuserNoSuchPrefixReq.uri, response.Body.String())
533         }
534
535         // superuser /index/{invalid-prefix} request
536         // => StatusBadRequest
537         response = IssueRequest(s.handler, superuserInvalidPrefixReq)
538         ExpectStatusCode(c,
539                 "permissions on, superuser request",
540                 http.StatusBadRequest,
541                 response)
542 }
543
544 // TestDeleteHandler
545 //
546 // Cases tested:
547 //
548 //   With no token and with a non-data-manager token:
549 //   * Delete existing block
550 //     (test for 403 Forbidden, confirm block not deleted)
551 //
552 //   With data manager token:
553 //
554 //   * Delete existing block
555 //     (test for 200 OK, response counts, confirm block deleted)
556 //
557 //   * Delete nonexistent block
558 //     (test for 200 OK, response counts)
559 //
560 //   TODO(twp):
561 //
562 //   * Delete block on read-only and read-write volume
563 //     (test for 200 OK, response with copies_deleted=1,
564 //     copies_failed=1, confirm block deleted only on r/w volume)
565 //
566 //   * Delete block on read-only volume only
567 //     (test for 200 OK, response with copies_deleted=0, copies_failed=1,
568 //     confirm block not deleted)
569 //
570 func (s *HandlerSuite) TestDeleteHandler(c *check.C) {
571         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
572
573         vols := s.handler.volmgr.AllWritable()
574         vols[0].Put(context.Background(), TestHash, TestBlock)
575
576         // Explicitly set the BlobSigningTTL to 0 for these
577         // tests, to ensure the MockVolume deletes the blocks
578         // even though they have just been created.
579         s.cluster.Collections.BlobSigningTTL = arvados.Duration(0)
580
581         var userToken = "NOT DATA MANAGER TOKEN"
582         s.cluster.SystemRootToken = "DATA MANAGER TOKEN"
583
584         s.cluster.Collections.BlobTrash = true
585
586         unauthReq := &RequestTester{
587                 method: "DELETE",
588                 uri:    "/" + TestHash,
589         }
590
591         userReq := &RequestTester{
592                 method:   "DELETE",
593                 uri:      "/" + TestHash,
594                 apiToken: userToken,
595         }
596
597         superuserExistingBlockReq := &RequestTester{
598                 method:   "DELETE",
599                 uri:      "/" + TestHash,
600                 apiToken: s.cluster.SystemRootToken,
601         }
602
603         superuserNonexistentBlockReq := &RequestTester{
604                 method:   "DELETE",
605                 uri:      "/" + TestHash2,
606                 apiToken: s.cluster.SystemRootToken,
607         }
608
609         // Unauthenticated request returns PermissionError.
610         var response *httptest.ResponseRecorder
611         response = IssueRequest(s.handler, unauthReq)
612         ExpectStatusCode(c,
613                 "unauthenticated request",
614                 PermissionError.HTTPCode,
615                 response)
616
617         // Authenticated non-admin request returns PermissionError.
618         response = IssueRequest(s.handler, userReq)
619         ExpectStatusCode(c,
620                 "authenticated non-admin request",
621                 PermissionError.HTTPCode,
622                 response)
623
624         // Authenticated admin request for nonexistent block.
625         type deletecounter struct {
626                 Deleted int `json:"copies_deleted"`
627                 Failed  int `json:"copies_failed"`
628         }
629         var responseDc, expectedDc deletecounter
630
631         response = IssueRequest(s.handler, superuserNonexistentBlockReq)
632         ExpectStatusCode(c,
633                 "data manager request, nonexistent block",
634                 http.StatusNotFound,
635                 response)
636
637         // Authenticated admin request for existing block while BlobTrash is false.
638         s.cluster.Collections.BlobTrash = false
639         response = IssueRequest(s.handler, superuserExistingBlockReq)
640         ExpectStatusCode(c,
641                 "authenticated request, existing block, method disabled",
642                 MethodDisabledError.HTTPCode,
643                 response)
644         s.cluster.Collections.BlobTrash = true
645
646         // Authenticated admin request for existing block.
647         response = IssueRequest(s.handler, superuserExistingBlockReq)
648         ExpectStatusCode(c,
649                 "data manager request, existing block",
650                 http.StatusOK,
651                 response)
652         // Expect response {"copies_deleted":1,"copies_failed":0}
653         expectedDc = deletecounter{1, 0}
654         json.NewDecoder(response.Body).Decode(&responseDc)
655         if responseDc != expectedDc {
656                 c.Errorf("superuserExistingBlockReq\nexpected: %+v\nreceived: %+v",
657                         expectedDc, responseDc)
658         }
659         // Confirm the block has been deleted
660         buf := make([]byte, BlockSize)
661         _, err := vols[0].Get(context.Background(), TestHash, buf)
662         var blockDeleted = os.IsNotExist(err)
663         if !blockDeleted {
664                 c.Error("superuserExistingBlockReq: block not deleted")
665         }
666
667         // A DELETE request on a block newer than BlobSigningTTL
668         // should return success but leave the block on the volume.
669         vols[0].Put(context.Background(), TestHash, TestBlock)
670         s.cluster.Collections.BlobSigningTTL = arvados.Duration(time.Hour)
671
672         response = IssueRequest(s.handler, superuserExistingBlockReq)
673         ExpectStatusCode(c,
674                 "data manager request, existing block",
675                 http.StatusOK,
676                 response)
677         // Expect response {"copies_deleted":1,"copies_failed":0}
678         expectedDc = deletecounter{1, 0}
679         json.NewDecoder(response.Body).Decode(&responseDc)
680         if responseDc != expectedDc {
681                 c.Errorf("superuserExistingBlockReq\nexpected: %+v\nreceived: %+v",
682                         expectedDc, responseDc)
683         }
684         // Confirm the block has NOT been deleted.
685         _, err = vols[0].Get(context.Background(), TestHash, buf)
686         if err != nil {
687                 c.Errorf("testing delete on new block: %s\n", err)
688         }
689 }
690
691 // TestPullHandler
692 //
693 // Test handling of the PUT /pull statement.
694 //
695 // Cases tested: syntactically valid and invalid pull lists, from the
696 // data manager and from unprivileged users:
697 //
698 //   1. Valid pull list from an ordinary user
699 //      (expected result: 401 Unauthorized)
700 //
701 //   2. Invalid pull request from an ordinary user
702 //      (expected result: 401 Unauthorized)
703 //
704 //   3. Valid pull request from the data manager
705 //      (expected result: 200 OK with request body "Received 3 pull
706 //      requests"
707 //
708 //   4. Invalid pull request from the data manager
709 //      (expected result: 400 Bad Request)
710 //
711 // Test that in the end, the pull manager received a good pull list with
712 // the expected number of requests.
713 //
714 // TODO(twp): test concurrency: launch 100 goroutines to update the
715 // pull list simultaneously.  Make sure that none of them return 400
716 // Bad Request and that pullq.GetList() returns a valid list.
717 //
718 func (s *HandlerSuite) TestPullHandler(c *check.C) {
719         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
720
721         // Replace the router's pullq -- which the worker goroutines
722         // started by setup() are now receiving from -- with a new
723         // one, so we can see what the handler sends to it.
724         pullq := NewWorkQueue()
725         s.handler.Handler.(*router).pullq = pullq
726
727         var userToken = "USER TOKEN"
728         s.cluster.SystemRootToken = "DATA MANAGER TOKEN"
729
730         goodJSON := []byte(`[
731                 {
732                         "locator":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa+12345",
733                         "servers":[
734                                 "http://server1",
735                                 "http://server2"
736                         ]
737                 },
738                 {
739                         "locator":"bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb+12345",
740                         "servers":[]
741                 },
742                 {
743                         "locator":"cccccccccccccccccccccccccccccccc+12345",
744                         "servers":["http://server1"]
745                 }
746         ]`)
747
748         badJSON := []byte(`{ "key":"I'm a little teapot" }`)
749
750         type pullTest struct {
751                 name         string
752                 req          RequestTester
753                 responseCode int
754                 responseBody string
755         }
756         var testcases = []pullTest{
757                 {
758                         "Valid pull list from an ordinary user",
759                         RequestTester{"/pull", userToken, "PUT", goodJSON, ""},
760                         http.StatusUnauthorized,
761                         "Unauthorized\n",
762                 },
763                 {
764                         "Invalid pull request from an ordinary user",
765                         RequestTester{"/pull", userToken, "PUT", badJSON, ""},
766                         http.StatusUnauthorized,
767                         "Unauthorized\n",
768                 },
769                 {
770                         "Valid pull request from the data manager",
771                         RequestTester{"/pull", s.cluster.SystemRootToken, "PUT", goodJSON, ""},
772                         http.StatusOK,
773                         "Received 3 pull requests\n",
774                 },
775                 {
776                         "Invalid pull request from the data manager",
777                         RequestTester{"/pull", s.cluster.SystemRootToken, "PUT", badJSON, ""},
778                         http.StatusBadRequest,
779                         "",
780                 },
781         }
782
783         for _, tst := range testcases {
784                 response := IssueRequest(s.handler, &tst.req)
785                 ExpectStatusCode(c, tst.name, tst.responseCode, response)
786                 ExpectBody(c, tst.name, tst.responseBody, response)
787         }
788
789         // The Keep pull manager should have received one good list with 3
790         // requests on it.
791         for i := 0; i < 3; i++ {
792                 var item interface{}
793                 select {
794                 case item = <-pullq.NextItem:
795                 case <-time.After(time.Second):
796                         c.Error("timed out")
797                 }
798                 if _, ok := item.(PullRequest); !ok {
799                         c.Errorf("item %v could not be parsed as a PullRequest", item)
800                 }
801         }
802
803         expectChannelEmpty(c, pullq.NextItem)
804 }
805
806 // TestTrashHandler
807 //
808 // Test cases:
809 //
810 // Cases tested: syntactically valid and invalid trash lists, from the
811 // data manager and from unprivileged users:
812 //
813 //   1. Valid trash list from an ordinary user
814 //      (expected result: 401 Unauthorized)
815 //
816 //   2. Invalid trash list from an ordinary user
817 //      (expected result: 401 Unauthorized)
818 //
819 //   3. Valid trash list from the data manager
820 //      (expected result: 200 OK with request body "Received 3 trash
821 //      requests"
822 //
823 //   4. Invalid trash list from the data manager
824 //      (expected result: 400 Bad Request)
825 //
826 // Test that in the end, the trash collector received a good list
827 // trash list with the expected number of requests.
828 //
829 // TODO(twp): test concurrency: launch 100 goroutines to update the
830 // pull list simultaneously.  Make sure that none of them return 400
831 // Bad Request and that replica.Dump() returns a valid list.
832 //
833 func (s *HandlerSuite) TestTrashHandler(c *check.C) {
834         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
835         // Replace the router's trashq -- which the worker goroutines
836         // started by setup() are now receiving from -- with a new
837         // one, so we can see what the handler sends to it.
838         trashq := NewWorkQueue()
839         s.handler.Handler.(*router).trashq = trashq
840
841         var userToken = "USER TOKEN"
842         s.cluster.SystemRootToken = "DATA MANAGER TOKEN"
843
844         goodJSON := []byte(`[
845                 {
846                         "locator":"block1",
847                         "block_mtime":1409082153
848                 },
849                 {
850                         "locator":"block2",
851                         "block_mtime":1409082153
852                 },
853                 {
854                         "locator":"block3",
855                         "block_mtime":1409082153
856                 }
857         ]`)
858
859         badJSON := []byte(`I am not a valid JSON string`)
860
861         type trashTest struct {
862                 name         string
863                 req          RequestTester
864                 responseCode int
865                 responseBody string
866         }
867
868         var testcases = []trashTest{
869                 {
870                         "Valid trash list from an ordinary user",
871                         RequestTester{"/trash", userToken, "PUT", goodJSON, ""},
872                         http.StatusUnauthorized,
873                         "Unauthorized\n",
874                 },
875                 {
876                         "Invalid trash list from an ordinary user",
877                         RequestTester{"/trash", userToken, "PUT", badJSON, ""},
878                         http.StatusUnauthorized,
879                         "Unauthorized\n",
880                 },
881                 {
882                         "Valid trash list from the data manager",
883                         RequestTester{"/trash", s.cluster.SystemRootToken, "PUT", goodJSON, ""},
884                         http.StatusOK,
885                         "Received 3 trash requests\n",
886                 },
887                 {
888                         "Invalid trash list from the data manager",
889                         RequestTester{"/trash", s.cluster.SystemRootToken, "PUT", badJSON, ""},
890                         http.StatusBadRequest,
891                         "",
892                 },
893         }
894
895         for _, tst := range testcases {
896                 response := IssueRequest(s.handler, &tst.req)
897                 ExpectStatusCode(c, tst.name, tst.responseCode, response)
898                 ExpectBody(c, tst.name, tst.responseBody, response)
899         }
900
901         // The trash collector should have received one good list with 3
902         // requests on it.
903         for i := 0; i < 3; i++ {
904                 item := <-trashq.NextItem
905                 if _, ok := item.(TrashRequest); !ok {
906                         c.Errorf("item %v could not be parsed as a TrashRequest", item)
907                 }
908         }
909
910         expectChannelEmpty(c, trashq.NextItem)
911 }
912
913 // ====================
914 // Helper functions
915 // ====================
916
917 // IssueTestRequest executes an HTTP request described by rt, to a
918 // REST router.  It returns the HTTP response to the request.
919 func IssueRequest(handler http.Handler, rt *RequestTester) *httptest.ResponseRecorder {
920         response := httptest.NewRecorder()
921         body := bytes.NewReader(rt.requestBody)
922         req, _ := http.NewRequest(rt.method, rt.uri, body)
923         if rt.apiToken != "" {
924                 req.Header.Set("Authorization", "OAuth2 "+rt.apiToken)
925         }
926         if rt.storageClasses != "" {
927                 req.Header.Set("X-Keep-Storage-Classes", rt.storageClasses)
928         }
929         handler.ServeHTTP(response, req)
930         return response
931 }
932
933 func IssueHealthCheckRequest(handler http.Handler, rt *RequestTester) *httptest.ResponseRecorder {
934         response := httptest.NewRecorder()
935         body := bytes.NewReader(rt.requestBody)
936         req, _ := http.NewRequest(rt.method, rt.uri, body)
937         if rt.apiToken != "" {
938                 req.Header.Set("Authorization", "Bearer "+rt.apiToken)
939         }
940         handler.ServeHTTP(response, req)
941         return response
942 }
943
944 // ExpectStatusCode checks whether a response has the specified status code,
945 // and reports a test failure if not.
946 func ExpectStatusCode(
947         c *check.C,
948         testname string,
949         expectedStatus int,
950         response *httptest.ResponseRecorder) {
951         c.Check(response.Code, check.Equals, expectedStatus, check.Commentf("%s", testname))
952 }
953
954 func ExpectBody(
955         c *check.C,
956         testname string,
957         expectedBody string,
958         response *httptest.ResponseRecorder) {
959         if expectedBody != "" && response.Body.String() != expectedBody {
960                 c.Errorf("%s: expected response body '%s', got %+v",
961                         testname, expectedBody, response)
962         }
963 }
964
965 // See #7121
966 func (s *HandlerSuite) TestPutNeedsOnlyOneBuffer(c *check.C) {
967         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
968
969         defer func(orig *bufferPool) {
970                 bufs = orig
971         }(bufs)
972         bufs = newBufferPool(ctxlog.TestLogger(c), 1, BlockSize)
973
974         ok := make(chan struct{})
975         go func() {
976                 for i := 0; i < 2; i++ {
977                         response := IssueRequest(s.handler,
978                                 &RequestTester{
979                                         method:      "PUT",
980                                         uri:         "/" + TestHash,
981                                         requestBody: TestBlock,
982                                 })
983                         ExpectStatusCode(c,
984                                 "TestPutNeedsOnlyOneBuffer", http.StatusOK, response)
985                 }
986                 ok <- struct{}{}
987         }()
988
989         select {
990         case <-ok:
991         case <-time.After(time.Second):
992                 c.Fatal("PUT deadlocks with MaxKeepBlobBuffers==1")
993         }
994 }
995
996 // Invoke the PutBlockHandler a bunch of times to test for bufferpool resource
997 // leak.
998 func (s *HandlerSuite) TestPutHandlerNoBufferleak(c *check.C) {
999         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
1000
1001         ok := make(chan bool)
1002         go func() {
1003                 for i := 0; i < s.cluster.API.MaxKeepBlobBuffers+1; i++ {
1004                         // Unauthenticated request, no server key
1005                         // => OK (unsigned response)
1006                         unsignedLocator := "/" + TestHash
1007                         response := IssueRequest(s.handler,
1008                                 &RequestTester{
1009                                         method:      "PUT",
1010                                         uri:         unsignedLocator,
1011                                         requestBody: TestBlock,
1012                                 })
1013                         ExpectStatusCode(c,
1014                                 "TestPutHandlerBufferleak", http.StatusOK, response)
1015                         ExpectBody(c,
1016                                 "TestPutHandlerBufferleak",
1017                                 TestHashPutResp, response)
1018                 }
1019                 ok <- true
1020         }()
1021         select {
1022         case <-time.After(20 * time.Second):
1023                 // If the buffer pool leaks, the test goroutine hangs.
1024                 c.Fatal("test did not finish, assuming pool leaked")
1025         case <-ok:
1026         }
1027 }
1028
1029 type notifyingResponseRecorder struct {
1030         *httptest.ResponseRecorder
1031         closer chan bool
1032 }
1033
1034 func (r *notifyingResponseRecorder) CloseNotify() <-chan bool {
1035         return r.closer
1036 }
1037
1038 func (s *HandlerSuite) TestGetHandlerClientDisconnect(c *check.C) {
1039         s.cluster.Collections.BlobSigning = false
1040         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
1041
1042         defer func(orig *bufferPool) {
1043                 bufs = orig
1044         }(bufs)
1045         bufs = newBufferPool(ctxlog.TestLogger(c), 1, BlockSize)
1046         defer bufs.Put(bufs.Get(BlockSize))
1047
1048         if err := s.handler.volmgr.AllWritable()[0].Put(context.Background(), TestHash, TestBlock); err != nil {
1049                 c.Error(err)
1050         }
1051
1052         resp := &notifyingResponseRecorder{
1053                 ResponseRecorder: httptest.NewRecorder(),
1054                 closer:           make(chan bool, 1),
1055         }
1056         if _, ok := http.ResponseWriter(resp).(http.CloseNotifier); !ok {
1057                 c.Fatal("notifyingResponseRecorder is broken")
1058         }
1059         // If anyone asks, the client has disconnected.
1060         resp.closer <- true
1061
1062         ok := make(chan struct{})
1063         go func() {
1064                 req, _ := http.NewRequest("GET", fmt.Sprintf("/%s+%d", TestHash, len(TestBlock)), nil)
1065                 s.handler.ServeHTTP(resp, req)
1066                 ok <- struct{}{}
1067         }()
1068
1069         select {
1070         case <-time.After(20 * time.Second):
1071                 c.Fatal("request took >20s, close notifier must be broken")
1072         case <-ok:
1073         }
1074
1075         ExpectStatusCode(c, "client disconnect", http.StatusServiceUnavailable, resp.ResponseRecorder)
1076         for i, v := range s.handler.volmgr.AllWritable() {
1077                 if calls := v.Volume.(*MockVolume).called["GET"]; calls != 0 {
1078                         c.Errorf("volume %d got %d calls, expected 0", i, calls)
1079                 }
1080         }
1081 }
1082
1083 // Invoke the GetBlockHandler a bunch of times to test for bufferpool resource
1084 // leak.
1085 func (s *HandlerSuite) TestGetHandlerNoBufferLeak(c *check.C) {
1086         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
1087
1088         vols := s.handler.volmgr.AllWritable()
1089         if err := vols[0].Put(context.Background(), TestHash, TestBlock); err != nil {
1090                 c.Error(err)
1091         }
1092
1093         ok := make(chan bool)
1094         go func() {
1095                 for i := 0; i < s.cluster.API.MaxKeepBlobBuffers+1; i++ {
1096                         // Unauthenticated request, unsigned locator
1097                         // => OK
1098                         unsignedLocator := "/" + TestHash
1099                         response := IssueRequest(s.handler,
1100                                 &RequestTester{
1101                                         method: "GET",
1102                                         uri:    unsignedLocator,
1103                                 })
1104                         ExpectStatusCode(c,
1105                                 "Unauthenticated request, unsigned locator", http.StatusOK, response)
1106                         ExpectBody(c,
1107                                 "Unauthenticated request, unsigned locator",
1108                                 string(TestBlock),
1109                                 response)
1110                 }
1111                 ok <- true
1112         }()
1113         select {
1114         case <-time.After(20 * time.Second):
1115                 // If the buffer pool leaks, the test goroutine hangs.
1116                 c.Fatal("test did not finish, assuming pool leaked")
1117         case <-ok:
1118         }
1119 }
1120
1121 func (s *HandlerSuite) TestPutStorageClasses(c *check.C) {
1122         s.cluster.Volumes = map[string]arvados.Volume{
1123                 "zzzzz-nyw5e-000000000000000": {Replication: 1, Driver: "mock"}, // "default" is implicit
1124                 "zzzzz-nyw5e-111111111111111": {Replication: 1, Driver: "mock", StorageClasses: map[string]bool{"special": true, "extra": true}},
1125                 "zzzzz-nyw5e-222222222222222": {Replication: 1, Driver: "mock", StorageClasses: map[string]bool{"readonly": true}, ReadOnly: true},
1126         }
1127         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
1128         rt := RequestTester{
1129                 method:      "PUT",
1130                 uri:         "/" + TestHash,
1131                 requestBody: TestBlock,
1132         }
1133
1134         for _, trial := range []struct {
1135                 ask    string
1136                 expect string
1137         }{
1138                 {"", ""},
1139                 {"default", "default=1"},
1140                 {" , default , default , ", "default=1"},
1141                 {"special", "extra=1, special=1"},
1142                 {"special, readonly", "extra=1, special=1"},
1143                 {"special, nonexistent", "extra=1, special=1"},
1144                 {"extra, special", "extra=1, special=1"},
1145                 {"default, special", "default=1, extra=1, special=1"},
1146         } {
1147                 c.Logf("success case %#v", trial)
1148                 rt.storageClasses = trial.ask
1149                 resp := IssueRequest(s.handler, &rt)
1150                 if trial.expect == "" {
1151                         // any non-empty value is correct
1152                         c.Check(resp.Header().Get("X-Keep-Storage-Classes-Confirmed"), check.Not(check.Equals), "")
1153                 } else {
1154                         c.Check(sortCommaSeparated(resp.Header().Get("X-Keep-Storage-Classes-Confirmed")), check.Equals, trial.expect)
1155                 }
1156         }
1157
1158         for _, trial := range []struct {
1159                 ask string
1160         }{
1161                 {"doesnotexist"},
1162                 {"doesnotexist, readonly"},
1163                 {"readonly"},
1164         } {
1165                 c.Logf("failure case %#v", trial)
1166                 rt.storageClasses = trial.ask
1167                 resp := IssueRequest(s.handler, &rt)
1168                 c.Check(resp.Code, check.Equals, http.StatusServiceUnavailable)
1169         }
1170 }
1171
1172 func sortCommaSeparated(s string) string {
1173         slice := strings.Split(s, ", ")
1174         sort.Strings(slice)
1175         return strings.Join(slice, ", ")
1176 }
1177
1178 func (s *HandlerSuite) TestPutResponseHeader(c *check.C) {
1179         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
1180
1181         resp := IssueRequest(s.handler, &RequestTester{
1182                 method:      "PUT",
1183                 uri:         "/" + TestHash,
1184                 requestBody: TestBlock,
1185         })
1186         c.Logf("%#v", resp)
1187         c.Check(resp.Header().Get("X-Keep-Replicas-Stored"), check.Equals, "1")
1188         c.Check(resp.Header().Get("X-Keep-Storage-Classes-Confirmed"), check.Equals, "default=1")
1189 }
1190
1191 func (s *HandlerSuite) TestUntrashHandler(c *check.C) {
1192         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
1193
1194         // Set up Keep volumes
1195         vols := s.handler.volmgr.AllWritable()
1196         vols[0].Put(context.Background(), TestHash, TestBlock)
1197
1198         s.cluster.SystemRootToken = "DATA MANAGER TOKEN"
1199
1200         // unauthenticatedReq => UnauthorizedError
1201         unauthenticatedReq := &RequestTester{
1202                 method: "PUT",
1203                 uri:    "/untrash/" + TestHash,
1204         }
1205         response := IssueRequest(s.handler, unauthenticatedReq)
1206         ExpectStatusCode(c,
1207                 "Unauthenticated request",
1208                 UnauthorizedError.HTTPCode,
1209                 response)
1210
1211         // notDataManagerReq => UnauthorizedError
1212         notDataManagerReq := &RequestTester{
1213                 method:   "PUT",
1214                 uri:      "/untrash/" + TestHash,
1215                 apiToken: knownToken,
1216         }
1217
1218         response = IssueRequest(s.handler, notDataManagerReq)
1219         ExpectStatusCode(c,
1220                 "Non-datamanager token",
1221                 UnauthorizedError.HTTPCode,
1222                 response)
1223
1224         // datamanagerWithBadHashReq => StatusBadRequest
1225         datamanagerWithBadHashReq := &RequestTester{
1226                 method:   "PUT",
1227                 uri:      "/untrash/thisisnotalocator",
1228                 apiToken: s.cluster.SystemRootToken,
1229         }
1230         response = IssueRequest(s.handler, datamanagerWithBadHashReq)
1231         ExpectStatusCode(c,
1232                 "Bad locator in untrash request",
1233                 http.StatusBadRequest,
1234                 response)
1235
1236         // datamanagerWrongMethodReq => StatusBadRequest
1237         datamanagerWrongMethodReq := &RequestTester{
1238                 method:   "GET",
1239                 uri:      "/untrash/" + TestHash,
1240                 apiToken: s.cluster.SystemRootToken,
1241         }
1242         response = IssueRequest(s.handler, datamanagerWrongMethodReq)
1243         ExpectStatusCode(c,
1244                 "Only PUT method is supported for untrash",
1245                 http.StatusMethodNotAllowed,
1246                 response)
1247
1248         // datamanagerReq => StatusOK
1249         datamanagerReq := &RequestTester{
1250                 method:   "PUT",
1251                 uri:      "/untrash/" + TestHash,
1252                 apiToken: s.cluster.SystemRootToken,
1253         }
1254         response = IssueRequest(s.handler, datamanagerReq)
1255         ExpectStatusCode(c,
1256                 "",
1257                 http.StatusOK,
1258                 response)
1259         c.Check(response.Body.String(), check.Equals, "Successfully untrashed on: [MockVolume], [MockVolume]\n")
1260 }
1261
1262 func (s *HandlerSuite) TestUntrashHandlerWithNoWritableVolumes(c *check.C) {
1263         // Change all volumes to read-only
1264         for uuid, v := range s.cluster.Volumes {
1265                 v.ReadOnly = true
1266                 s.cluster.Volumes[uuid] = v
1267         }
1268         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
1269
1270         // datamanagerReq => StatusOK
1271         datamanagerReq := &RequestTester{
1272                 method:   "PUT",
1273                 uri:      "/untrash/" + TestHash,
1274                 apiToken: s.cluster.SystemRootToken,
1275         }
1276         response := IssueRequest(s.handler, datamanagerReq)
1277         ExpectStatusCode(c,
1278                 "No writable volumes",
1279                 http.StatusNotFound,
1280                 response)
1281 }
1282
1283 func (s *HandlerSuite) TestHealthCheckPing(c *check.C) {
1284         s.cluster.ManagementToken = arvadostest.ManagementToken
1285         c.Assert(s.handler.setup(context.Background(), s.cluster, "", prometheus.NewRegistry(), testServiceURL), check.IsNil)
1286         pingReq := &RequestTester{
1287                 method:   "GET",
1288                 uri:      "/_health/ping",
1289                 apiToken: arvadostest.ManagementToken,
1290         }
1291         response := IssueHealthCheckRequest(s.handler, pingReq)
1292         ExpectStatusCode(c,
1293                 "",
1294                 http.StatusOK,
1295                 response)
1296         want := `{"health":"OK"}`
1297         if !strings.Contains(response.Body.String(), want) {
1298                 c.Errorf("expected response to include %s: got %s", want, response.Body.String())
1299         }
1300 }