X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/07d92519438a592d531f2c7558cd51788da262ca..63b1a5c12557bb11505f9dcfcc955f328b51e118:/services/keep-web/handler_test.go

diff --git a/services/keep-web/handler_test.go b/services/keep-web/handler_test.go
index dd91df3549..f6f3de8877 100644
--- a/services/keep-web/handler_test.go
+++ b/services/keep-web/handler_test.go
@@ -17,18 +17,32 @@ import (
 	"regexp"
 	"strings"
 
-	"git.curoverse.com/arvados.git/sdk/go/arvados"
-	"git.curoverse.com/arvados.git/sdk/go/arvadostest"
-	"git.curoverse.com/arvados.git/sdk/go/auth"
+	"git.arvados.org/arvados.git/lib/config"
+	"git.arvados.org/arvados.git/sdk/go/arvados"
+	"git.arvados.org/arvados.git/sdk/go/arvadosclient"
+	"git.arvados.org/arvados.git/sdk/go/arvadostest"
+	"git.arvados.org/arvados.git/sdk/go/auth"
+	"git.arvados.org/arvados.git/sdk/go/ctxlog"
+	"git.arvados.org/arvados.git/sdk/go/keepclient"
 	check "gopkg.in/check.v1"
 )
 
 var _ = check.Suite(&UnitSuite{})
 
-type UnitSuite struct{}
+type UnitSuite struct {
+	Config *arvados.Config
+}
+
+func (s *UnitSuite) SetUpTest(c *check.C) {
+	ldr := config.NewLoader(bytes.NewBufferString("Clusters: {zzzzz: {}}"), ctxlog.TestLogger(c))
+	ldr.Path = "-"
+	cfg, err := ldr.Load()
+	c.Assert(err, check.IsNil)
+	s.Config = cfg
+}
 
 func (s *UnitSuite) TestCORSPreflight(c *check.C) {
-	h := handler{Config: DefaultConfig()}
+	h := handler{Config: newConfig(s.Config)}
 	u := mustParseURL("http://keep-web.example/c=" + arvadostest.FooCollection + "/foo")
 	req := &http.Request{
 		Method:     "OPTIONS",
@@ -78,8 +92,8 @@ func (s *UnitSuite) TestInvalidUUID(c *check.C) {
 			RequestURI: u.RequestURI(),
 		}
 		resp := httptest.NewRecorder()
-		cfg := DefaultConfig()
-		cfg.AnonymousTokens = []string{arvadostest.AnonymousToken}
+		cfg := newConfig(s.Config)
+		cfg.cluster.Users.AnonymousUserToken = arvadostest.AnonymousToken
 		h := handler{Config: cfg}
 		h.ServeHTTP(resp, req)
 		c.Check(resp.Code, check.Equals, http.StatusNotFound)
@@ -318,7 +332,7 @@ func (s *IntegrationSuite) TestVhostRedirectQueryTokenSingleOriginError(c *check
 		"",
 		"",
 		http.StatusBadRequest,
-		"",
+		"cannot serve inline content at this URL (possible configuration error; see https://doc.arvados.org/install/install-keep-web.html#dns)\n",
 	)
 }
 
@@ -338,7 +352,7 @@ func (s *IntegrationSuite) TestVhostRedirectQueryTokenRequestAttachment(c *check
 }
 
 func (s *IntegrationSuite) TestVhostRedirectQueryTokenSiteFS(c *check.C) {
-	s.testServer.Config.AttachmentOnlyHost = "download.example.com"
+	s.testServer.Config.cluster.Services.WebDAVDownload.ExternalURL.Host = "download.example.com"
 	resp := s.testVhostRedirectTokenToCookie(c, "GET",
 		"download.example.com/by_id/"+arvadostest.FooCollection+"/foo",
 		"?api_token="+arvadostest.ActiveToken,
@@ -351,7 +365,7 @@ func (s *IntegrationSuite) TestVhostRedirectQueryTokenSiteFS(c *check.C) {
 }
 
 func (s *IntegrationSuite) TestPastCollectionVersionFileAccess(c *check.C) {
-	s.testServer.Config.AttachmentOnlyHost = "download.example.com"
+	s.testServer.Config.cluster.Services.WebDAVDownload.ExternalURL.Host = "download.example.com"
 	resp := s.testVhostRedirectTokenToCookie(c, "GET",
 		"download.example.com/c="+arvadostest.WazVersion1Collection+"/waz",
 		"?api_token="+arvadostest.ActiveToken,
@@ -373,7 +387,7 @@ func (s *IntegrationSuite) TestPastCollectionVersionFileAccess(c *check.C) {
 }
 
 func (s *IntegrationSuite) TestVhostRedirectQueryTokenTrustAllContent(c *check.C) {
-	s.testServer.Config.TrustAllContent = true
+	s.testServer.Config.cluster.Collections.TrustAllContent = true
 	s.testVhostRedirectTokenToCookie(c, "GET",
 		"example.com/c="+arvadostest.FooCollection+"/foo",
 		"?api_token="+arvadostest.ActiveToken,
@@ -385,7 +399,7 @@ func (s *IntegrationSuite) TestVhostRedirectQueryTokenTrustAllContent(c *check.C
 }
 
 func (s *IntegrationSuite) TestVhostRedirectQueryTokenAttachmentOnlyHost(c *check.C) {
-	s.testServer.Config.AttachmentOnlyHost = "example.com:1234"
+	s.testServer.Config.cluster.Services.WebDAVDownload.ExternalURL.Host = "example.com:1234"
 
 	s.testVhostRedirectTokenToCookie(c, "GET",
 		"example.com/c="+arvadostest.FooCollection+"/foo",
@@ -393,7 +407,7 @@ func (s *IntegrationSuite) TestVhostRedirectQueryTokenAttachmentOnlyHost(c *chec
 		"",
 		"",
 		http.StatusBadRequest,
-		"",
+		"cannot serve inline content at this URL (possible configuration error; see https://doc.arvados.org/install/install-keep-web.html#dns)\n",
 	)
 
 	resp := s.testVhostRedirectTokenToCookie(c, "GET",
@@ -430,7 +444,7 @@ func (s *IntegrationSuite) TestVhostRedirectPOSTFormTokenToCookie404(c *check.C)
 }
 
 func (s *IntegrationSuite) TestAnonymousTokenOK(c *check.C) {
-	s.testServer.Config.AnonymousTokens = []string{arvadostest.AnonymousToken}
+	s.testServer.Config.cluster.Users.AnonymousUserToken = arvadostest.AnonymousToken
 	s.testVhostRedirectTokenToCookie(c, "GET",
 		"example.com/c="+arvadostest.HelloWorldCollection+"/Hello%20world.txt",
 		"",
@@ -442,7 +456,7 @@ func (s *IntegrationSuite) TestAnonymousTokenOK(c *check.C) {
 }
 
 func (s *IntegrationSuite) TestAnonymousTokenError(c *check.C) {
-	s.testServer.Config.AnonymousTokens = []string{"anonymousTokenConfiguredButInvalid"}
+	s.testServer.Config.cluster.Users.AnonymousUserToken = "anonymousTokenConfiguredButInvalid"
 	s.testVhostRedirectTokenToCookie(c, "GET",
 		"example.com/c="+arvadostest.HelloWorldCollection+"/Hello%20world.txt",
 		"",
@@ -454,7 +468,7 @@ func (s *IntegrationSuite) TestAnonymousTokenError(c *check.C) {
 }
 
 func (s *IntegrationSuite) TestSpecialCharsInPath(c *check.C) {
-	s.testServer.Config.AttachmentOnlyHost = "download.example.com"
+	s.testServer.Config.cluster.Services.WebDAVDownload.ExternalURL.Host = "download.example.com"
 
 	client := s.testServer.Config.Client
 	client.AuthToken = arvadostest.ActiveToken
@@ -489,6 +503,56 @@ func (s *IntegrationSuite) TestSpecialCharsInPath(c *check.C) {
 	c.Check(resp.Body.String(), check.Matches, `(?ms).*href="./https:%5c%22odd%27%20path%20chars"\S+https:\\"odd' path chars.*`)
 }
 
+func (s *IntegrationSuite) TestForwardSlashSubstitution(c *check.C) {
+	arv := arvados.NewClientFromEnv()
+	s.testServer.Config.cluster.Services.WebDAVDownload.ExternalURL.Host = "download.example.com"
+	s.testServer.Config.cluster.Collections.ForwardSlashNameSubstitution = "{SOLIDUS}"
+	name := "foo/bar/baz"
+	nameShown := strings.Replace(name, "/", "{SOLIDUS}", -1)
+	nameShownEscaped := strings.Replace(name, "/", "%7bSOLIDUS%7d", -1)
+
+	client := s.testServer.Config.Client
+	client.AuthToken = arvadostest.ActiveToken
+	fs, err := (&arvados.Collection{}).FileSystem(&client, nil)
+	c.Assert(err, check.IsNil)
+	f, err := fs.OpenFile("filename", os.O_CREATE, 0777)
+	c.Assert(err, check.IsNil)
+	f.Close()
+	mtxt, err := fs.MarshalManifest(".")
+	c.Assert(err, check.IsNil)
+	var coll arvados.Collection
+	err = client.RequestAndDecode(&coll, "POST", "arvados/v1/collections", nil, map[string]interface{}{
+		"collection": map[string]string{
+			"manifest_text": mtxt,
+			"name":          name,
+			"owner_uuid":    arvadostest.AProjectUUID,
+		},
+	})
+	c.Assert(err, check.IsNil)
+	defer arv.RequestAndDecode(&coll, "DELETE", "arvados/v1/collections/"+coll.UUID, nil, nil)
+
+	base := "http://download.example.com/by_id/" + coll.OwnerUUID + "/"
+	for tryURL, expectRegexp := range map[string]string{
+		base:                          `(?ms).*href="./` + nameShownEscaped + `/"\S+` + nameShown + `.*`,
+		base + nameShownEscaped + "/": `(?ms).*href="./filename"\S+filename.*`,
+	} {
+		u, _ := url.Parse(tryURL)
+		req := &http.Request{
+			Method:     "GET",
+			Host:       u.Host,
+			URL:        u,
+			RequestURI: u.RequestURI(),
+			Header: http.Header{
+				"Authorization": {"Bearer " + client.AuthToken},
+			},
+		}
+		resp := httptest.NewRecorder()
+		s.testServer.Handler.ServeHTTP(resp, req)
+		c.Check(resp.Code, check.Equals, http.StatusOK)
+		c.Check(resp.Body.String(), check.Matches, expectRegexp)
+	}
+}
+
 // XHRs can't follow redirect-with-cookie so they rely on method=POST
 // and disposition=attachment (telling us it's acceptable to respond
 // with content instead of a redirect) and an Origin header that gets
@@ -560,17 +624,17 @@ func (s *IntegrationSuite) testVhostRedirectTokenToCookie(c *check.C, method, ho
 }
 
 func (s *IntegrationSuite) TestDirectoryListingWithAnonymousToken(c *check.C) {
-	s.testServer.Config.AnonymousTokens = []string{arvadostest.AnonymousToken}
+	s.testServer.Config.cluster.Users.AnonymousUserToken = arvadostest.AnonymousToken
 	s.testDirectoryListing(c)
 }
 
 func (s *IntegrationSuite) TestDirectoryListingWithNoAnonymousToken(c *check.C) {
-	s.testServer.Config.AnonymousTokens = nil
+	s.testServer.Config.cluster.Users.AnonymousUserToken = ""
 	s.testDirectoryListing(c)
 }
 
 func (s *IntegrationSuite) testDirectoryListing(c *check.C) {
-	s.testServer.Config.AttachmentOnlyHost = "download.example.com"
+	s.testServer.Config.cluster.Services.WebDAVDownload.ExternalURL.Host = "download.example.com"
 	authHeader := http.Header{
 		"Authorization": {"OAuth2 " + arvadostest.ActiveToken},
 	}
@@ -707,7 +771,7 @@ func (s *IntegrationSuite) testDirectoryListing(c *check.C) {
 			cutDirs: 2,
 		},
 	} {
-		c.Logf("HTML: %q => %q", trial.uri, trial.expect)
+		comment := check.Commentf("HTML: %q => %q", trial.uri, trial.expect)
 		resp := httptest.NewRecorder()
 		u := mustParseURL("//" + trial.uri)
 		req := &http.Request{
@@ -736,19 +800,19 @@ func (s *IntegrationSuite) testDirectoryListing(c *check.C) {
 			s.testServer.Handler.ServeHTTP(resp, req)
 		}
 		if trial.redirect != "" {
-			c.Check(req.URL.Path, check.Equals, trial.redirect)
+			c.Check(req.URL.Path, check.Equals, trial.redirect, comment)
 		}
 		if trial.expect == nil {
-			c.Check(resp.Code, check.Equals, http.StatusNotFound)
+			c.Check(resp.Code, check.Equals, http.StatusNotFound, comment)
 		} else {
-			c.Check(resp.Code, check.Equals, http.StatusOK)
+			c.Check(resp.Code, check.Equals, http.StatusOK, comment)
 			for _, e := range trial.expect {
-				c.Check(resp.Body.String(), check.Matches, `(?ms).*href="./`+e+`".*`)
+				c.Check(resp.Body.String(), check.Matches, `(?ms).*href="./`+e+`".*`, comment)
 			}
-			c.Check(resp.Body.String(), check.Matches, `(?ms).*--cut-dirs=`+fmt.Sprintf("%d", trial.cutDirs)+` .*`)
+			c.Check(resp.Body.String(), check.Matches, `(?ms).*--cut-dirs=`+fmt.Sprintf("%d", trial.cutDirs)+` .*`, comment)
 		}
 
-		c.Logf("WebDAV: %q => %q", trial.uri, trial.expect)
+		comment = check.Commentf("WebDAV: %q => %q", trial.uri, trial.expect)
 		req = &http.Request{
 			Method:     "OPTIONS",
 			Host:       u.Host,
@@ -760,9 +824,9 @@ func (s *IntegrationSuite) testDirectoryListing(c *check.C) {
 		resp = httptest.NewRecorder()
 		s.testServer.Handler.ServeHTTP(resp, req)
 		if trial.expect == nil {
-			c.Check(resp.Code, check.Equals, http.StatusNotFound)
+			c.Check(resp.Code, check.Equals, http.StatusNotFound, comment)
 		} else {
-			c.Check(resp.Code, check.Equals, http.StatusOK)
+			c.Check(resp.Code, check.Equals, http.StatusOK, comment)
 		}
 
 		req = &http.Request{
@@ -776,11 +840,16 @@ func (s *IntegrationSuite) testDirectoryListing(c *check.C) {
 		resp = httptest.NewRecorder()
 		s.testServer.Handler.ServeHTTP(resp, req)
 		if trial.expect == nil {
-			c.Check(resp.Code, check.Equals, http.StatusNotFound)
+			c.Check(resp.Code, check.Equals, http.StatusNotFound, comment)
 		} else {
-			c.Check(resp.Code, check.Equals, http.StatusMultiStatus)
+			c.Check(resp.Code, check.Equals, http.StatusMultiStatus, comment)
 			for _, e := range trial.expect {
-				c.Check(resp.Body.String(), check.Matches, `(?ms).*<D:href>`+filepath.Join(u.Path, e)+`</D:href>.*`)
+				if strings.HasSuffix(e, "/") {
+					e = filepath.Join(u.Path, e) + "/"
+				} else {
+					e = filepath.Join(u.Path, e)
+				}
+				c.Check(resp.Body.String(), check.Matches, `(?ms).*<D:href>`+e+`</D:href>.*`, comment)
 			}
 		}
 	}
@@ -802,7 +871,7 @@ func (s *IntegrationSuite) TestDeleteLastFile(c *check.C) {
 
 	var updated arvados.Collection
 	for _, fnm := range []string{"foo.txt", "bar.txt"} {
-		s.testServer.Config.AttachmentOnlyHost = "example.com"
+		s.testServer.Config.cluster.Services.WebDAVDownload.ExternalURL.Host = "example.com"
 		u, _ := url.Parse("http://example.com/c=" + newCollection.UUID + "/" + fnm)
 		req := &http.Request{
 			Method:     "DELETE",
@@ -827,7 +896,7 @@ func (s *IntegrationSuite) TestDeleteLastFile(c *check.C) {
 }
 
 func (s *IntegrationSuite) TestHealthCheckPing(c *check.C) {
-	s.testServer.Config.ManagementToken = arvadostest.ManagementToken
+	s.testServer.Config.cluster.ManagementToken = arvadostest.ManagementToken
 	authHeader := http.Header{
 		"Authorization": {"Bearer " + arvadostest.ManagementToken},
 	}
@@ -847,6 +916,82 @@ func (s *IntegrationSuite) TestHealthCheckPing(c *check.C) {
 	c.Check(resp.Body.String(), check.Matches, `{"health":"OK"}\n`)
 }
 
+func (s *IntegrationSuite) TestFileContentType(c *check.C) {
+	s.testServer.Config.cluster.Services.WebDAVDownload.ExternalURL.Host = "download.example.com"
+
+	client := s.testServer.Config.Client
+	client.AuthToken = arvadostest.ActiveToken
+	arv, err := arvadosclient.New(&client)
+	c.Assert(err, check.Equals, nil)
+	kc, err := keepclient.MakeKeepClient(arv)
+	c.Assert(err, check.Equals, nil)
+
+	fs, err := (&arvados.Collection{}).FileSystem(&client, kc)
+	c.Assert(err, check.IsNil)
+
+	trials := []struct {
+		filename    string
+		content     string
+		contentType string
+	}{
+		{"picture.txt", "BMX bikes are small this year\n", "text/plain; charset=utf-8"},
+		{"picture.bmp", "BMX bikes are small this year\n", "image/x-ms-bmp"},
+		{"picture.jpg", "BMX bikes are small this year\n", "image/jpeg"},
+		{"picture1", "BMX bikes are small this year\n", "image/bmp"},            // content sniff; "BM" is the magic signature for .bmp
+		{"picture2", "Cars are small this year\n", "text/plain; charset=utf-8"}, // content sniff
+	}
+	for _, trial := range trials {
+		f, err := fs.OpenFile(trial.filename, os.O_CREATE|os.O_WRONLY, 0777)
+		c.Assert(err, check.IsNil)
+		_, err = f.Write([]byte(trial.content))
+		c.Assert(err, check.IsNil)
+		c.Assert(f.Close(), check.IsNil)
+	}
+	mtxt, err := fs.MarshalManifest(".")
+	c.Assert(err, check.IsNil)
+	var coll arvados.Collection
+	err = client.RequestAndDecode(&coll, "POST", "arvados/v1/collections", nil, map[string]interface{}{
+		"collection": map[string]string{
+			"manifest_text": mtxt,
+		},
+	})
+	c.Assert(err, check.IsNil)
+
+	for _, trial := range trials {
+		u, _ := url.Parse("http://download.example.com/by_id/" + coll.UUID + "/" + trial.filename)
+		req := &http.Request{
+			Method:     "GET",
+			Host:       u.Host,
+			URL:        u,
+			RequestURI: u.RequestURI(),
+			Header: http.Header{
+				"Authorization": {"Bearer " + client.AuthToken},
+			},
+		}
+		resp := httptest.NewRecorder()
+		s.testServer.Handler.ServeHTTP(resp, req)
+		c.Check(resp.Code, check.Equals, http.StatusOK)
+		c.Check(resp.Header().Get("Content-Type"), check.Equals, trial.contentType)
+		c.Check(resp.Body.String(), check.Equals, trial.content)
+	}
+}
+
+func (s *IntegrationSuite) TestKeepClientBlockCache(c *check.C) {
+	s.testServer.Config.cluster.Collections.WebDAVCache.MaxBlockEntries = 42
+	c.Check(keepclient.DefaultBlockCache.MaxBlocks, check.Not(check.Equals), 42)
+	u := mustParseURL("http://keep-web.example/c=" + arvadostest.FooCollection + "/t=" + arvadostest.ActiveToken + "/foo")
+	req := &http.Request{
+		Method:     "GET",
+		Host:       u.Host,
+		URL:        u,
+		RequestURI: u.RequestURI(),
+	}
+	resp := httptest.NewRecorder()
+	s.testServer.Handler.ServeHTTP(resp, req)
+	c.Check(resp.Code, check.Equals, http.StatusOK)
+	c.Check(keepclient.DefaultBlockCache.MaxBlocks, check.Equals, 42)
+}
+
 func copyHeader(h http.Header) http.Header {
 	hc := http.Header{}
 	for k, v := range h {