post "/arvados/v1/users/setup",
params: {
repo_name: repo_name,
- openid_prefix: 'https://www.google.com/accounts/o8/id',
user: {
uuid: 'zzzzz-tpzed-abcdefghijklmno',
first_name: "in_create_test_first_name",
assert_not_nil created['email'], 'expected non-nil email'
assert_nil created['identity_url'], 'expected no identity_url'
- # arvados#user, repo link and link add user to 'All users' group
- verify_link response_items, 'arvados#user', true, 'permission', 'can_login',
- created['uuid'], created['email'], 'arvados#user', false, 'arvados#user'
+ # repo link and link add user to 'All users' group
verify_link response_items, 'arvados#repository', true, 'permission', 'can_manage',
'foo/usertestrepo', created['uuid'], 'arvados#repository', true, 'Repository'
params: {
repo_name: repo_name,
vm_uuid: virtual_machines(:testvm).uuid,
- openid_prefix: 'https://www.google.com/accounts/o8/id',
user: {
uuid: 'zzzzz-tpzed-abcdefghijklmno',
first_name: "in_create_test_first_name",
params: {
repo_name: repo_name,
vm_uuid: virtual_machines(:testvm).uuid,
- openid_prefix: 'https://www.google.com/accounts/o8/id',
uuid: 'zzzzz-tpzed-abcdefghijklmno',
},
headers: auth(:admin)
test "setup user in multiple steps and verify response" do
post "/arvados/v1/users/setup",
params: {
- openid_prefix: 'http://www.example.com/account',
user: {
email: "foo@example.com"
}
assert_not_nil created['email'], 'expected non-nil email'
assert_equal created['email'], 'foo@example.com', 'expected input email'
- # three new links: system_group, arvados#user, and 'All users' group.
- verify_link response_items, 'arvados#user', true, 'permission', 'can_login',
- created['uuid'], created['email'], 'arvados#user', false, 'arvados#user'
+ # two new links: system_group, and 'All users' group.
verify_link response_items, 'arvados#group', true, 'permission', 'can_read',
'All users', created['uuid'], 'arvados#group', true, 'Group'
# invoke setup with a repository
post "/arvados/v1/users/setup",
params: {
- openid_prefix: 'http://www.example.com/account',
repo_name: 'newusertestrepo',
uuid: created['uuid']
},
post "/arvados/v1/users/setup",
params: {
vm_uuid: virtual_machines(:testvm).uuid,
- openid_prefix: 'http://www.example.com/account',
user: {
email: 'junk_email'
},
repo_name: 'newusertestrepo',
vm_uuid: virtual_machines(:testvm).uuid,
user: {email: 'foo@example.com'},
- openid_prefix: 'https://www.google.com/accounts/o8/id'
},
headers: auth(:admin)
assert_not_nil created['uuid'], 'expected uuid for the new user'
assert_equal created['email'], 'foo@example.com', 'expected given email'
- # five extra links: system_group, login, group, repo and vm
- verify_link response_items, 'arvados#user', true, 'permission', 'can_login',
- created['uuid'], created['email'], 'arvados#user', false, 'arvados#user'
+ # four extra links: system_group, login, group, repo and vm
verify_link response_items, 'arvados#group', true, 'permission', 'can_read',
'All users', created['uuid'], 'arvados#group', true, 'Group'
end
- test "cannot set is_activate to false directly" do
+ test "cannot set is_active to false directly" do
post('/arvados/v1/users',
params: {
user: {
user = json_response
assert_equal false, user['is_active']
+ token = act_as_system_user do
+ ApiClientAuthorization.create!(user: User.find_by_uuid(user['uuid']), api_client: ApiClient.all.first).api_token
+ end
+ post("/arvados/v1/user_agreements/sign",
+ params: {uuid: 'zzzzz-4zz18-t68oksiu9m80s4y'},
+ headers: {"HTTP_AUTHORIZATION" => "Bearer #{token}"})
+ assert_response :success
+
post("/arvados/v1/users/#{user['uuid']}/activate",
params: {},
headers: auth(:admin))
assert_match(/Cannot activate without being invited/, json_response['errors'][0])
end
+ test "bypass_federation only accepted for admins" do
+ get "/arvados/v1/users",
+ params: {
+ bypass_federation: true
+ },
+ headers: auth(:admin)
+
+ assert_response :success
+
+ get "/arvados/v1/users",
+ params: {
+ bypass_federation: true
+ },
+ headers: auth(:active)
+
+ assert_response 403
+ end
end