projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security bug fix to act_as_system_user to restore correct user if an
[arvados.git] / services / api / test / unit / application_test.rb
diff --git a/services/api/test/unit/application_test.rb b/services/api/test/unit/application_test.rb
new file mode 100644 (file)
index 0000000..ca80319
--- /dev/null
+++ b/services/api/test/unit/application_test.rb
@@ -0,0 +1,32 @@
+require 'test_helper'
+
+class ApplicationTest < ActiveSupport::TestCase
+  include CurrentApiClient
+
+  test "test act_as_system_user" do
+    Thread.current[:user] = users(:active)
+    assert_equal users(:active), Thread.current[:user]
+    act_as_system_user do
+      assert_not_equal users(:active), Thread.current[:user]
+      assert_equal system_user, Thread.current[:user]
+    end
+    assert_equal users(:active), Thread.current[:user]
+  end
+
+  test "test act_as_system_user is exception safe" do
+    Thread.current[:user] = users(:active)
+    assert_equal users(:active), Thread.current[:user]
+    caught = false
+    begin
+      act_as_system_user do
+        assert_not_equal users(:active), Thread.current[:user]
+        assert_equal system_user, Thread.current[:user]
+        raise "Fail"
+      end
+    rescue
+      caught = true
+    end
+    assert caught
+    assert_equal users(:active), Thread.current[:user]
+  end
+end