Merge branch '16048-reload-config'

[arvados.git] / lib / controller / federation / user_test.go

diff --git a/lib/controller/federation/user_test.go b/lib/controller/federation/user_test.go
index 8202a668ff0e8600d9ccdaaa9e3b53ec9492fe92..09aa5086decd3eeb62c20874b64ad1308674668c 100644 (file)
--- a/lib/controller/federation/user_test.go
+++ b/lib/controller/federation/user_test.go
@@ -5,15 +5,19 @@
 package federation
 
 import (
+       "context"
        "encoding/json"
        "errors"
+       "math"
        "net/url"
        "os"
        "strings"
 
-       "git.curoverse.com/arvados.git/lib/controller/rpc"
-       "git.curoverse.com/arvados.git/sdk/go/arvados"
-       "git.curoverse.com/arvados.git/sdk/go/arvadostest"
+       "git.arvados.org/arvados.git/lib/controller/rpc"
+       "git.arvados.org/arvados.git/sdk/go/arvados"
+       "git.arvados.org/arvados.git/sdk/go/arvadostest"
+       "git.arvados.org/arvados.git/sdk/go/auth"
+       "git.arvados.org/arvados.git/sdk/go/ctxlog"
        check "gopkg.in/check.v1"
 )
 
@@ -32,6 +36,7 @@ func (s *UserSuite) TestLoginClusterUserList(c *check.C) {
        for _, updateFail := range []bool{false, true} {
                for _, opts := range []arvados.ListOptions{
                        {Offset: 0, Limit: -1, Select: nil},
+                       {Offset: 0, Limit: math.MaxInt64, Select: nil},
                        {Offset: 1, Limit: 1, Select: nil},
                        {Offset: 0, Limit: 2, Select: []string{"uuid"}},
                        {Offset: 0, Limit: 2, Select: []string{"uuid", "email"}},
@@ -45,6 +50,9 @@ func (s *UserSuite) TestLoginClusterUserList(c *check.C) {
                                s.fed.local = rpc.NewConn(s.cluster.ClusterID, spy.URL, true, rpc.PassthroughTokenProvider)
                        }
                        userlist, err := s.fed.UserList(s.ctx, opts)
+                       if err != nil {
+                               c.Logf("... UserList failed %q", err)
+                       }
                        if updateFail && err == nil {
                                // All local updates fail, so the only
                                // cases expected to succeed are the
@@ -109,6 +117,36 @@ func (s *UserSuite) TestLoginClusterUserList(c *check.C) {
        }
 }
 
+func (s *UserSuite) TestLoginClusterUserListBypassFederation(c *check.C) {
+       s.cluster.ClusterID = "local"
+       s.cluster.Login.LoginCluster = "zzzzz"
+       s.fed = New(s.cluster)
+       s.addDirectRemote(c, "zzzzz", rpc.NewConn("zzzzz", &url.URL{Scheme: "https", Host: os.Getenv("ARVADOS_API_HOST")},
+               true, rpc.PassthroughTokenProvider))
+
+       spy := arvadostest.NewProxy(c, s.cluster.Services.RailsAPI)
+       s.fed.local = rpc.NewConn(s.cluster.ClusterID, spy.URL, true, rpc.PassthroughTokenProvider)
+
+       _, err := s.fed.UserList(s.ctx, arvados.ListOptions{Offset: 0, Limit: math.MaxInt64, Select: nil, BypassFederation: true})
+       // this will fail because it is not using a root token
+       c.Check(err.(*arvados.TransactionError).StatusCode, check.Equals, 403)
+
+       // Now use SystemRootToken
+       ctx := context.Background()
+       ctx = ctxlog.Context(ctx, ctxlog.TestLogger(c))
+       ctx = auth.NewContext(ctx, &auth.Credentials{Tokens: []string{arvadostest.SystemRootToken}})
+
+       // Assert that it did not try to batch update users.
+       _, err = s.fed.UserList(ctx, arvados.ListOptions{Offset: 0, Limit: math.MaxInt64, Select: nil, BypassFederation: true})
+       for _, d := range spy.RequestDumps {
+               d := string(d)
+               if strings.Contains(d, "PATCH /arvados/v1/users/batch") {
+                       c.Fail()
+               }
+       }
+       c.Check(err, check.IsNil)
+}
+
 // userAttrsCachedFromLoginCluster must have an entry for every field
 // in the User struct.
 func (s *UserSuite) TestUserAttrsUpdateWhitelist(c *check.C) {