+ def create_user_and_verify_setup_and_notifications (active, new_user_recipients, inactive_recipients, email, expect_username)
+ Rails.configuration.new_user_notification_recipients = new_user_recipients
+ Rails.configuration.new_inactive_user_notification_recipients = inactive_recipients
+
+ ActionMailer::Base.deliveries = []
+
+ can_setup = (Rails.configuration.auto_setup_new_users and
+ (not expect_username.nil?))
+ expect_repo_name = "#{expect_username}/#{expect_username}"
+ prior_repo = Repository.where(name: expect_repo_name).first
+
+ user = User.new
+ user.first_name = "first_name_for_newly_created_user"
+ user.email = email
+ user.is_active = active
+ user.save!
+ assert_equal(expect_username, user.username)
+
+ # check user setup
+ verify_link_exists(Rails.configuration.auto_setup_new_users || active,
+ groups(:all_users).uuid, user.uuid,
+ "permission", "can_read")
+ # Check for OID login link.
+ verify_link_exists(Rails.configuration.auto_setup_new_users || active,
+ user.uuid, user.email, "permission", "can_login")
+ # Check for repository.
+ if named_repo = (prior_repo or
+ Repository.where(name: expect_repo_name).first)
+ verify_link_exists((can_setup and prior_repo.nil? and
+ Rails.configuration.auto_setup_new_users_with_repository),
+ named_repo.uuid, user.uuid, "permission", "can_manage")
+ end
+ # Check for VM login.
+ if auto_vm_uuid = Rails.configuration.auto_setup_new_users_with_vm_uuid
+ verify_link_exists(can_setup, auto_vm_uuid, user.uuid,
+ "permission", "can_login", "username", expect_username)
+ end
+
+ # check email notifications
+ new_user_email = nil
+ new_inactive_user_email = nil
+
+ new_user_email_subject = "#{Rails.configuration.email_subject_prefix}New user created notification"
+ if Rails.configuration.auto_setup_new_users
+ new_user_email_subject = (expect_username or active) ?
+ "#{Rails.configuration.email_subject_prefix}New user created and setup notification" :
+ "#{Rails.configuration.email_subject_prefix}New user created, but not setup notification"
+ end
+
+ ActionMailer::Base.deliveries.each do |d|
+ if d.subject == new_user_email_subject then
+ new_user_email = d
+ elsif d.subject == "#{Rails.configuration.email_subject_prefix}New inactive user notification" then
+ new_inactive_user_email = d
+ end
+ end
+
+ # both active and inactive user creations should result in new user creation notification mails,
+ # if the new user email recipients config parameter is set
+ if not new_user_recipients.empty? then
+ assert_not_nil new_user_email, 'Expected new user email after setup'
+ assert_equal Rails.configuration.user_notifier_email_from, new_user_email.from[0]
+ assert_equal new_user_recipients, new_user_email.to[0]
+ assert_equal new_user_email_subject, new_user_email.subject
+ else
+ assert_nil new_user_email, 'Did not expect new user email after setup'
+ end
+
+ if not active
+ if not inactive_recipients.empty? then
+ assert_not_nil new_inactive_user_email, 'Expected new inactive user email after setup'
+ assert_equal Rails.configuration.user_notifier_email_from, new_inactive_user_email.from[0]
+ assert_equal inactive_recipients, new_inactive_user_email.to[0]
+ assert_equal "#{Rails.configuration.email_subject_prefix}New inactive user notification", new_inactive_user_email.subject
+ else
+ assert_nil new_inactive_user_email, 'Did not expect new inactive user email after setup'
+ end
+ else
+ assert_nil new_inactive_user_email, 'Expected no inactive user email after setting up active user'
+ end
+ ActionMailer::Base.deliveries = []
+
+ end
+
+ def verify_link_exists link_exists, head_uuid, tail_uuid, link_class, link_name, property_name=nil, property_value=nil
+ all_links = Link.where(head_uuid: head_uuid,
+ tail_uuid: tail_uuid,
+ link_class: link_class,
+ name: link_name)
+ assert_equal link_exists, all_links.any?, "Link #{'not' if link_exists} found for #{link_name} #{link_class} #{property_value}"
+ if link_exists && property_name && property_value
+ all_links.each do |link|
+ assert_equal true, all_links.first.properties[property_name].start_with?(property_value), 'Property not found in link'
+ end
+ end
+ end
+
+ [
+ [:active, 'zzzzz-borkd-abcde12345abcde'],
+ [:active, 'zzzzz-j7d0g-abcde12345abcde'],
+ [:active, 'zzzzz-tpzed-borkd'],
+ [:system_user, 'zzzzz-tpzed-abcde12345abcde'],
+ [:anonymous, 'zzzzz-tpzed-abcde12345abcde'],
+ ].each do |fixture, new_uuid|
+ test "disallow update_uuid #{fixture} -> #{new_uuid}" do
+ u = users(fixture)
+ orig_uuid = u.uuid
+ act_as_system_user do
+ assert_raises do
+ u.update_uuid(new_uuid: new_uuid)
+ end
+ end
+ # "Successfully aborted orig->new" outcome looks the same as
+ # "successfully updated new->orig".
+ assert_update_success(old_uuid: new_uuid,
+ new_uuid: orig_uuid,
+ expect_owned_objects: fixture == :active)
+ end
+ end
+
+ [:active, :spectator, :admin].each do |target|
+ test "update_uuid on #{target} as non-admin user" do
+ act_as_user users(:active) do
+ assert_raises(ArvadosModel::PermissionDeniedError) do
+ users(target).update_uuid(new_uuid: 'zzzzz-tpzed-abcde12345abcde')
+ end
+ end
+ end
+ end
+
+ test "update_uuid to existing uuid" do
+ u = users(:active)
+ orig_uuid = u.uuid
+ new_uuid = users(:admin).uuid
+ act_as_system_user do
+ assert_raises do
+ u.update_uuid(new_uuid: new_uuid)
+ end
+ end
+ u.reload
+ assert_equal u.uuid, orig_uuid
+ assert_not_empty Collection.where(owner_uuid: orig_uuid)
+ assert_not_empty Group.where(owner_uuid: orig_uuid)
+ end
+
+ [
+ [:active, 'zbbbb-tpzed-abcde12345abcde'],
+ [:active, 'zzzzz-tpzed-abcde12345abcde'],
+ [:admin, 'zbbbb-tpzed-abcde12345abcde'],
+ [:admin, 'zzzzz-tpzed-abcde12345abcde'],
+ ].each do |fixture, new_uuid|
+ test "update_uuid #{fixture} to unused uuid #{new_uuid}" do
+ u = users(fixture)
+ orig_uuid = u.uuid
+ act_as_system_user do
+ u.update_uuid(new_uuid: new_uuid)
+ end
+ assert_update_success(old_uuid: orig_uuid,
+ new_uuid: new_uuid,
+ expect_owned_objects: fixture == :active)
+ end
+ end
+
+ def assert_update_success(old_uuid:, new_uuid:, expect_owned_objects: true)
+ [[User, :uuid],
+ [Link, :head_uuid],
+ [Link, :tail_uuid],
+ [Group, :owner_uuid],
+ [Collection, :owner_uuid],
+ ].each do |klass, attr|
+ assert_empty klass.where(attr => old_uuid)
+ if klass == User || expect_owned_objects
+ assert_not_empty klass.where(attr => new_uuid)
+ end
+ end
+ end