X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/015be61473c9ed23174834166961d7f76b21fd91..32e3f6eb604d3692f10f16220a78e07c056be00e:/services/api/test/functional/arvados/v1/groups_controller_test.rb diff --git a/services/api/test/functional/arvados/v1/groups_controller_test.rb b/services/api/test/functional/arvados/v1/groups_controller_test.rb index e1cfbd7029..6623c726df 100644 --- a/services/api/test/functional/arvados/v1/groups_controller_test.rb +++ b/services/api/test/functional/arvados/v1/groups_controller_test.rb @@ -41,6 +41,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase assert_not_includes group_uuids, groups(:aproject).uuid assert_not_includes group_uuids, groups(:asubproject).uuid assert_includes group_uuids, groups(:private).uuid + assert_includes group_uuids, groups(:group_with_no_class).uuid end test "get list of groups with bogus group_class" do @@ -75,7 +76,6 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase get :contents, { id: groups(:aproject).uuid, format: :json, - include_linked: true, } check_project_contents_response end @@ -85,49 +85,39 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase get :contents, { id: groups(:aproject).uuid, format: :json, - include_linked: true, } check_project_contents_response end - [false, true].each do |include_linked| - test "list objects across projects, include_linked=#{include_linked}" do - authorize_with :project_viewer - get :contents, { - format: :json, - include_linked: include_linked, - filters: [['uuid', 'is_a', 'arvados#specimen']] - } - assert_response :success - found_uuids = json_response['items'].collect { |i| i['uuid'] } - [[:in_aproject, true], - [:in_asubproject, true], - [:owned_by_private_group, false]].each do |specimen_fixture, should_find| - if should_find - assert_includes found_uuids, specimens(specimen_fixture).uuid, "did not find specimen fixture '#{specimen_fixture}'" - else - refute_includes found_uuids, specimens(specimen_fixture).uuid, "found specimen fixture '#{specimen_fixture}'" - end + test "list objects across projects" do + authorize_with :project_viewer + get :contents, { + format: :json, + filters: [['uuid', 'is_a', 'arvados#specimen']] + } + assert_response :success + found_uuids = json_response['items'].collect { |i| i['uuid'] } + [[:in_aproject, true], + [:in_asubproject, true], + [:owned_by_private_group, false]].each do |specimen_fixture, should_find| + if should_find + assert_includes found_uuids, specimens(specimen_fixture).uuid, "did not find specimen fixture '#{specimen_fixture}'" + else + refute_includes found_uuids, specimens(specimen_fixture).uuid, "found specimen fixture '#{specimen_fixture}'" end end end - [false, true].each do |include_linked| - test "list objects in home project, include_linked=#{include_linked}" do - authorize_with :active - get :contents, { - format: :json, - id: users(:active).uuid, - include_linked: include_linked, - } - assert_response :success - found_uuids = json_response['items'].collect { |i| i['uuid'] } - if include_linked - assert_includes found_uuids, collections(:empty).uuid, "empty collection did not appear in home project" - end - assert_includes found_uuids, specimens(:owned_by_active_user).uuid, "specimen did not appear in home project" - refute_includes found_uuids, specimens(:in_asubproject).uuid, "specimen appeared unexpectedly in home project" - end + test "list objects in home project" do + authorize_with :active + get :contents, { + format: :json, + id: users(:active).uuid + } + assert_response :success + found_uuids = json_response['items'].collect { |i| i['uuid'] } + assert_includes found_uuids, specimens(:owned_by_active_user).uuid, "specimen did not appear in home project" + refute_includes found_uuids, specimens(:in_asubproject).uuid, "specimen appeared unexpectedly in home project" end test "user with project read permission can see project collections" do @@ -135,17 +125,56 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase get :contents, { id: groups(:asubproject).uuid, format: :json, - include_linked: true, } ids = json_response['items'].map { |item| item["uuid"] } - assert_includes ids, collections(:baz_file).uuid + assert_includes ids, collections(:baz_file_in_asubproject).uuid + end + + [['asc', :<=], + ['desc', :>=]].each do |order, operator| + test "user with project read permission can sort project collections #{order}" do + authorize_with :project_viewer + get :contents, { + id: groups(:asubproject).uuid, + format: :json, + filters: [['uuid', 'is_a', "arvados#collection"]], + order: "collections.name #{order}" + } + sorted_names = json_response['items'].collect { |item| item["name"] } + # Here we avoid assuming too much about the database + # collation. Both "alice"<"Bob" and "alice">"Bob" can be + # correct. Hopefully it _is_ safe to assume that if "a" comes + # before "b" in the ascii alphabet, "aX">"bY" is never true for + # any strings X and Y. + reliably_sortable_names = sorted_names.select do |name| + name[0] >= 'a' and name[0] <= 'z' + end.uniq do |name| + name[0] + end + # Preserve order of sorted_names. But do not use &=. If + # sorted_names has out-of-order duplicates, we want to preserve + # them here, so we can detect them and fail the test below. + sorted_names.select! do |name| + reliably_sortable_names.include? name + end + actually_checked_anything = false + previous = nil + sorted_names.each do |entry| + if previous + assert_operator(previous, operator, entry, + "Entries sorted incorrectly.") + actually_checked_anything = true + end + previous = entry + end + assert actually_checked_anything, "Didn't even find two names to compare." + end end test 'list objects across multiple projects' do authorize_with :project_viewer get :contents, { format: :json, - include_linked: false, filters: [['uuid', 'is_a', 'arvados#specimen']] } assert_response :success @@ -188,8 +217,8 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase authorize_with :project_viewer @controller = Arvados::V1::LinksController.new post :update, { - id: links(:job_name_in_aproject).uuid, - link: {name: "Denied test name"}, + id: jobs(:running).uuid, + name: "Denied test name", } assert_includes(403..404, response.status) end @@ -198,7 +227,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase @controller = Arvados::V1::PipelineTemplatesController.new authorize_with :project_viewer post :update, { - id: links(:template_name_in_aproject).head_uuid, + id: pipeline_templates(:two_part).uuid, pipeline_template: { owner_uuid: users(:project_viewer).uuid, } @@ -249,92 +278,6 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase assert_equal 0, json_response['items_available'] end - test 'get group-owned objects without include_linked' do - unexpected_uuid = specimens(:in_aproject_linked_from_asubproject).uuid - authorize_with :active - get :contents, { - id: groups(:asubproject).uuid, - format: :json, - } - assert_response :success - uuids = json_response['items'].collect { |i| i['uuid'] } - assert_equal nil, uuids.index(unexpected_uuid) - end - - test 'get group-owned objects with include_linked' do - expected_uuid = specimens(:in_aproject_linked_from_asubproject).uuid - authorize_with :active - get :contents, { - id: groups(:asubproject).uuid, - include_linked: true, - format: :json, - } - assert_response :success - uuids = json_response['items'].collect { |i| i['uuid'] } - assert_includes uuids, expected_uuid, "Did not get #{expected_uuid}" - - expected_name = links(:specimen_is_in_two_projects).name - found_specimen_name = false - assert(json_response['links'].any?, - "Expected a non-empty array of links in response") - json_response['links'].each do |link| - if link['head_uuid'] == expected_uuid - if link['name'] == expected_name - found_specimen_name = true - end - end - end - assert(found_specimen_name, - "Expected to find name '#{expected_name}' in response") - end - - [false, true].each do |inc_ind| - test "get all pages of group-owned #{'and -linked ' if inc_ind}objects" do - authorize_with :active - limit = 5 - offset = 0 - items_available = nil - uuid_received = {} - owner_received = {} - while true - # Behaving badly here, using the same controller multiple - # times within a test. - @json_response = nil - get :contents, { - id: groups(:aproject).uuid, - include_linked: inc_ind, - limit: limit, - offset: offset, - format: :json, - } - assert_response :success - assert_operator(0, :<, json_response['items'].count, - "items_available=#{items_available} but received 0 "\ - "items with offset=#{offset}") - items_available ||= json_response['items_available'] - assert_equal(items_available, json_response['items_available'], - "items_available changed between page #{offset/limit} "\ - "and page #{1+offset/limit}") - json_response['items'].each do |item| - uuid = item['uuid'] - assert_equal(nil, uuid_received[uuid], - "Received '#{uuid}' again on page #{1+offset/limit}") - uuid_received[uuid] = true - owner_received[item['owner_uuid']] = true - offset += 1 - if not inc_ind - assert_equal groups(:aproject).uuid, item['owner_uuid'] - end - end - break if offset >= items_available - end - if inc_ind - assert_operator 0, :<, (json_response.keys - [users(:active).uuid]).count, - "Set include_linked=true but did not receive any non-owned items" - end - end - end - %w(offset limit).each do |arg| ['foo', '', '1234five', '0x10', '-8'].each do |val| test "Raise error on bogus #{arg} parameter #{val.inspect}" do @@ -349,6 +292,20 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase end end + test "Collection contents don't include manifest_text" do + authorize_with :active + get :contents, { + id: groups(:aproject).uuid, + filters: [["uuid", "is_a", "arvados#collection"]], + format: :json, + } + assert_response :success + refute(json_response["items"].any? { |c| not c["portable_data_hash"] }, + "response included an item without a portable data hash") + refute(json_response["items"].any? { |c| c.include?("manifest_text") }, + "response included an item with a manifest text") + end + test 'get writable_by list for owned group' do authorize_with :active get :show, { @@ -387,4 +344,83 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase users(:admin).uuid, "Current user should be included in 'writable_by' field") end + + test 'creating subproject with duplicate name fails' do + authorize_with :active + post :create, { + group: { + name: 'A Project', + owner_uuid: users(:active).uuid, + group_class: 'project', + }, + } + assert_response 422 + response_errors = json_response['errors'] + assert_not_nil response_errors, 'Expected error in response' + assert(response_errors.first.include?('duplicate key'), + "Expected 'duplicate key' error in #{response_errors.first}") + end + + test 'creating duplicate named subproject succeeds with ensure_unique_name' do + authorize_with :active + post :create, { + group: { + name: 'A Project', + owner_uuid: users(:active).uuid, + group_class: 'project', + }, + ensure_unique_name: true + } + assert_response :success + new_project = json_response + assert_not_equal(new_project['uuid'], + groups(:aproject).uuid, + "create returned same uuid as existing project") + assert_equal(new_project['name'], + 'A Project (2)', + "new project name '#{new_project['name']}' was expected to be 'A Project (2)'") + end + + test "unsharing a project results in hiding it from previously shared user" do + # remove sharing link for project + @controller = Arvados::V1::LinksController.new + authorize_with :admin + post :destroy, id: links(:share_starred_project_with_project_viewer).uuid + assert_response :success + + # verify that the user can no longer see the project + @counter = 0 # Reset executed action counter + @controller = Arvados::V1::GroupsController.new + authorize_with :project_viewer + get :index, filters: [['group_class', '=', 'project']], format: :json + assert_response :success + found_projects = {} + json_response['items'].each do |g| + found_projects[g['uuid']] = g + end + assert_equal false, found_projects.include?(groups(:starred_and_shared_active_user_project).uuid) + + # share the project + @counter = 0 + @controller = Arvados::V1::LinksController.new + authorize_with :system_user + post :create, link: { + link_class: "permission", + name: "can_read", + head_uuid: groups(:starred_and_shared_active_user_project).uuid, + tail_uuid: users(:project_viewer).uuid, + } + + # verify that project_viewer user can now see shared project again + @counter = 0 + @controller = Arvados::V1::GroupsController.new + authorize_with :project_viewer + get :index, filters: [['group_class', '=', 'project']], format: :json + assert_response :success + found_projects = {} + json_response['items'].each do |g| + found_projects[g['uuid']] = g + end + assert_equal true, found_projects.include?(groups(:starred_and_shared_active_user_project).uuid) + end end