16007: Refactoring and update comments.

[arvados.git] / services / api / test / integration / users_test.rb

diff --git a/services/api/test/integration/users_test.rb b/services/api/test/integration/users_test.rb
index 6a1d5c8011027b817a23e16805ae9f2b12bdf8d0..b24ddc5a52c02c495b14f9871763411fa4ccbea8 100644 (file)
--- a/services/api/test/integration/users_test.rb
+++ b/services/api/test/integration/users_test.rb
@@ -14,7 +14,6 @@ class UsersTest < ActionDispatch::IntegrationTest
     post "/arvados/v1/users/setup",
       params: {
         repo_name: repo_name,
-        openid_prefix: 'https://www.google.com/accounts/o8/id',
         user: {
           uuid: 'zzzzz-tpzed-abcdefghijklmno',
           first_name: "in_create_test_first_name",
@@ -54,7 +53,6 @@ class UsersTest < ActionDispatch::IntegrationTest
       params: {
         repo_name: repo_name,
         vm_uuid: virtual_machines(:testvm).uuid,
-        openid_prefix: 'https://www.google.com/accounts/o8/id',
         user: {
           uuid: 'zzzzz-tpzed-abcdefghijklmno',
           first_name: "in_create_test_first_name",
@@ -70,7 +68,6 @@ class UsersTest < ActionDispatch::IntegrationTest
       params: {
         repo_name: repo_name,
         vm_uuid: virtual_machines(:testvm).uuid,
-        openid_prefix: 'https://www.google.com/accounts/o8/id',
         uuid: 'zzzzz-tpzed-abcdefghijklmno',
       },
       headers: auth(:admin)
@@ -100,7 +97,6 @@ class UsersTest < ActionDispatch::IntegrationTest
   test "setup user in multiple steps and verify response" do
     post "/arvados/v1/users/setup",
       params: {
-        openid_prefix: 'http://www.example.com/account',
         user: {
           email: "foo@example.com"
         }
@@ -126,7 +122,6 @@ class UsersTest < ActionDispatch::IntegrationTest
    # invoke setup with a repository
     post "/arvados/v1/users/setup",
       params: {
-        openid_prefix: 'http://www.example.com/account',
         repo_name: 'newusertestrepo',
         uuid: created['uuid']
       },
@@ -153,7 +148,6 @@ class UsersTest < ActionDispatch::IntegrationTest
     post "/arvados/v1/users/setup",
       params: {
         vm_uuid: virtual_machines(:testvm).uuid,
-        openid_prefix: 'http://www.example.com/account',
         user: {
           email: 'junk_email'
         },
@@ -182,7 +176,6 @@ class UsersTest < ActionDispatch::IntegrationTest
         repo_name: 'newusertestrepo',
         vm_uuid: virtual_machines(:testvm).uuid,
         user: {email: 'foo@example.com'},
-        openid_prefix: 'https://www.google.com/accounts/o8/id'
       },
       headers: auth(:admin)
 
@@ -333,7 +326,7 @@ class UsersTest < ActionDispatch::IntegrationTest
 
   end
 
-  test "cannot set is_activate to false directly" do
+  test "cannot set is_active to false directly" do
     post('/arvados/v1/users',
       params: {
         user: {
@@ -346,6 +339,14 @@ class UsersTest < ActionDispatch::IntegrationTest
     user = json_response
     assert_equal false, user['is_active']
 
+    token = act_as_system_user do
+      ApiClientAuthorization.create!(user: User.find_by_uuid(user['uuid']), api_client: ApiClient.all.first).api_token
+    end
+    post("/arvados/v1/user_agreements/sign",
+        params: {uuid: 'zzzzz-4zz18-t68oksiu9m80s4y'},
+        headers: {"HTTP_AUTHORIZATION" => "Bearer #{token}"})
+    assert_response :success
+
     post("/arvados/v1/users/#{user['uuid']}/activate",
       params: {},
       headers: auth(:admin))
@@ -447,5 +448,22 @@ class UsersTest < ActionDispatch::IntegrationTest
     assert_match(/Cannot activate without being invited/, json_response['errors'][0])
   end
 
+  test "bypass_federation only accepted for admins" do
+    get "/arvados/v1/users",
+      params: {
+        bypass_federation: true
+      },
+      headers: auth(:admin)
+
+    assert_response :success
+
+    get "/arvados/v1/users",
+      params: {
+        bypass_federation: true
+      },
+      headers: auth(:active)
+
+    assert_response 403
+  end
 
 end