assert_nil assigns(:objects)
end
+ test "create with owner_uuid set to owned group" do
+ authorize_with :active
+ manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n"
+ post :create, {
+ collection: {
+ owner_uuid: 'zzzzz-j7d0g-rew6elm53kancon',
+ manifest_text: manifest_text,
+ uuid: "d30fe8ae534397864cb96c544f4cf102"
+ }
+ }
+ assert_response :success
+ resp = JSON.parse(@response.body)
+ assert_equal 'zzzzz-tpzed-000000000000000', resp['owner_uuid']
+ end
+
+ test "create with owner_uuid set to group i can_manage" do
+ authorize_with :active
+ manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n"
+ post :create, {
+ collection: {
+ owner_uuid: 'zzzzz-j7d0g-8ulrifv67tve5sx',
+ manifest_text: manifest_text,
+ uuid: "d30fe8ae534397864cb96c544f4cf102"
+ }
+ }
+ assert_response :success
+ resp = JSON.parse(@response.body)
+ assert_equal 'zzzzz-tpzed-000000000000000', resp['owner_uuid']
+ end
+
+ test "create with owner_uuid set to group with no can_manage permission" do
+ authorize_with :active
+ manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n"
+ post :create, {
+ collection: {
+ owner_uuid: 'zzzzz-j7d0g-it30l961gq3t0oi',
+ manifest_text: manifest_text,
+ uuid: "d30fe8ae534397864cb96c544f4cf102"
+ }
+ }
+ assert_response 403
+ end
+
+ test "admin create with owner_uuid set to group with no permission" do
+ authorize_with :admin
+ manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n"
+ post :create, {
+ collection: {
+ owner_uuid: 'zzzzz-j7d0g-it30l961gq3t0oi',
+ manifest_text: manifest_text,
+ uuid: "d30fe8ae534397864cb96c544f4cf102"
+ }
+ }
+ assert_response :success
+ end
+
test "should create with collection passed as json" do
authorize_with :active
post :create, {
assert_response 422
end
+ test "get full provenance for baz file" do
+ authorize_with :active
+ get :provenance, uuid: 'ea10d51bcf88862dbcc36eb292017dfd+45'
+ assert_response :success
+ resp = JSON.parse(@response.body)
+ assert_not_nil resp['ea10d51bcf88862dbcc36eb292017dfd+45'] # baz
+ assert_not_nil resp['fa7aeb5140e2848d39b416daeef4ffc5+45'] # bar
+ assert_not_nil resp['1f4b0bc7583c2a7f9102c395f4ffc5e3+45'] # foo
+ assert_not_nil resp['zzzzz-8i9sb-cjs4pklxxjykyuq'] # bar->baz
+ assert_not_nil resp['zzzzz-8i9sb-aceg2bnq7jt7kon'] # foo->bar
+ end
+
+ test "get no provenance for foo file" do
+ # spectator user cannot even see baz collection
+ authorize_with :spectator
+ get :provenance, uuid: '1f4b0bc7583c2a7f9102c395f4ffc5e3+45'
+ assert_response 404
+ end
+
+ test "get partial provenance for baz file" do
+ # spectator user can see bar->baz job, but not foo->bar job
+ authorize_with :spectator
+ get :provenance, uuid: 'ea10d51bcf88862dbcc36eb292017dfd+45'
+ assert_response :success
+ resp = JSON.parse(@response.body)
+ assert_not_nil resp['ea10d51bcf88862dbcc36eb292017dfd+45'] # baz
+ assert_not_nil resp['fa7aeb5140e2848d39b416daeef4ffc5+45'] # bar
+ assert_not_nil resp['zzzzz-8i9sb-cjs4pklxxjykyuq'] # bar->baz
+ assert_nil resp['zzzzz-8i9sb-aceg2bnq7jt7kon'] # foo->bar
+ assert_nil resp['1f4b0bc7583c2a7f9102c395f4ffc5e3+45'] # foo
+ end
+
end