+ assert users(:active).can?(manage: prj.uuid)
+ end
+
+ [system_user_uuid, anonymous_user_uuid].each do |u|
+ test "cannot delete system user #{u}" do
+ act_as_system_user do
+ assert_raises ArvadosModel::PermissionDeniedError do
+ User.find_by_uuid(u).destroy
+ end
+ end
+ end
+ end
+
+ [system_group_uuid, anonymous_group_uuid, public_project_uuid].each do |g|
+ test "cannot delete system group #{g}" do
+ act_as_system_user do
+ assert_raises ArvadosModel::PermissionDeniedError do
+ Group.find_by_uuid(g).destroy
+ end
+ end
+ end
+ end
+
+ # Show query plan for readable_by query. The plan for a test db
+ # might not resemble the plan for a production db, but it doesn't
+ # hurt to show the test db plan in test logs, and the .
+ [false, true].each do |include_trash|
+ test "query plan, include_trash=#{include_trash}" do
+ sql = Collection.readable_by(users(:active), include_trash: include_trash).to_sql
+ sql = "explain analyze #{sql}"
+ STDERR.puts sql
+ q = ActiveRecord::Base.connection.exec_query(sql)
+ q.rows.each do |row| STDERR.puts(row) end
+ end