projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
16007: Refactoring and update comments.
[arvados.git] / services / api / test / integration / reader_tokens_test.rb
diff --git a/services/api/test/integration/reader_tokens_test.rb b/services/api/test/integration/reader_tokens_test.rb
index dd59f74eb4784ccbf857a6b6d07b16a283828e66..e8e8c910c7153a73411cb6602322a6ec64cf8f60 100644 (file)
--- a/services/api/test/integration/reader_tokens_test.rb
+++ b/services/api/test/integration/reader_tokens_test.rb
@@ -16,7 +16,7 @@ class ReaderTokensTest < ActionDispatch::IntegrationTest
     params[:reader_tokens] = [api_token(read_auth)].send(formatter) if read_auth
     headers = {}
     headers.merge!(auth(main_auth)) if main_auth
-    get('/arvados/v1/specimens', params, headers)
+    get('/arvados/v1/specimens', params: params, headers: headers)
   end
 
   def get_specimen_uuids(main_auth, read_auth, formatter=:to_a)
@@ -34,8 +34,8 @@ class ReaderTokensTest < ActionDispatch::IntegrationTest
       expected = 401
     end
     post('/arvados/v1/specimens.json',
-         {specimen: {}, reader_tokens: [api_token(read_auth)].send(formatter)},
-         headers)
+      params: {specimen: {}, reader_tokens: [api_token(read_auth)].send(formatter)},
+      headers: headers)
     assert_response expected
   end
 
@@ -50,30 +50,23 @@ class ReaderTokensTest < ActionDispatch::IntegrationTest
 
   [nil, :active_noscope].each do |main_auth|
     [:spectator, :spectator_specimens].each do |read_auth|
-      test "#{main_auth} auth with reader token #{read_auth} can read" do
-        assert_includes(get_specimen_uuids(main_auth, read_auth),
-                        spectator_specimen, "did not find spectator specimen")
-      end
-
-      test "#{main_auth} auth with JSON read token #{read_auth} can read" do
-        assert_includes(get_specimen_uuids(main_auth, read_auth, :to_json),
-                        spectator_specimen, "did not find spectator specimen")
-      end
-
-      test "#{main_auth} auth with reader token #{read_auth} can't write" do
-        assert_post_denied(main_auth, read_auth)
-      end
+      [:to_a, :to_json].each do |formatter|
+        test "#{main_auth.inspect} auth with #{formatter} reader token #{read_auth} can#{"'t" if main_auth} read" do
+          get_specimens(main_auth, read_auth)
+          assert_response(if main_auth then 403 else 200 end)
+        end
 
-      test "#{main_auth} auth with JSON read token #{read_auth} can't write" do
-        assert_post_denied(main_auth, read_auth, :to_json)
+        test "#{main_auth.inspect} auth with #{formatter} reader token #{read_auth} can't write" do
+          assert_post_denied(main_auth, read_auth, formatter)
+        end
       end
     end
   end
 
   test "scopes are still limited with reader tokens" do
     get('/arvados/v1/collections',
-        {reader_tokens: [api_token(:spectator_specimens)]},
-        auth(:active_noscope))
+      params: {reader_tokens: [api_token(:spectator_specimens)]},
+      headers: auth(:active_noscope))
     assert_response 403
   end