X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/1856a3a1e9c95b4db4742ab53f737e91dbf46cff..1586823b65c7ec7656626e491a31f3f9516a4a56:/apps/workbench/test/controllers/application_controller_test.rb diff --git a/apps/workbench/test/controllers/application_controller_test.rb b/apps/workbench/test/controllers/application_controller_test.rb index 3504d958a3..2554ec3ae0 100644 --- a/apps/workbench/test/controllers/application_controller_test.rb +++ b/apps/workbench/test/controllers/application_controller_test.rb @@ -334,6 +334,50 @@ class ApplicationControllerTest < ActionController::TestCase assert_response 404 end + test "requesting to the API server includes client_session_id param" do + got_query = nil + stub_api_calls + stub_api_client.stubs(:post).with do |url, query, opts={}| + got_query = query + true + end.returns fake_api_response('{}', 200, {}) + + Rails.configuration.anonymous_user_token = + api_fixture("api_client_authorizations", "anonymous", "api_token") + @controller = ProjectsController.new + test_uuid = "zzzzz-j7d0g-zzzzzzzzzzzzzzz" + get(:show, {id: test_uuid}) + + assert_includes got_query, 'current_request_id' + assert_match /\d{10}-\d{9}/, got_query['current_request_id'] + end + + test "current_request_id is nil after a request" do + @controller = NodesController.new + get(:index, {}, session_for(:active)) + assert_nil Thread.current[:current_request_id] + end + + [".navbar .login-menu a", + ".navbar .login-menu .dropdown-menu a" + ].each do |css_selector| + test "login link at #{css_selector.inspect} includes return_to param" do + # Without an anonymous token, we're immediately redirected to login. + Rails.configuration.anonymous_user_token = + api_fixture("api_client_authorizations", "anonymous", "api_token") + @controller = ProjectsController.new + test_uuid = "zzzzz-j7d0g-zzzzzzzzzzzzzzz" + get(:show, {id: test_uuid}) + login_link = css_select(css_selector).first + assert_not_nil(login_link, "failed to select login link") + login_href = URI.unescape(login_link.attributes["href"]) + # The parameter needs to include the full URL to work. + assert_includes(login_href, "://") + assert_match(/[\?&]return_to=[^&]*\/projects\/#{test_uuid}(&|$)/, + login_href) + end + end + test "Workbench returns 4xx when API server is unreachable" do # We're really testing ApplicationController's render_exception. # Our primary concern is that it doesn't raise an error and @@ -418,4 +462,45 @@ class ApplicationControllerTest < ActionController::TestCase assert_equal updated.uuid, project["uuid"] assert_equal 'test name', updated.name end + + [ + [VirtualMachinesController.new, 'hostname', false], + [UsersController.new, 'first_name', true], + ].each do |controller, expect_str, expect_home_link| + test "access #{controller.controller_name} index as admin and verify Home link is#{' not' if !expect_home_link} shown" do + @controller = controller + + get :index, {}, session_for(:admin) + + assert_response 200 + assert_includes @response.body, expect_str + + home_link = "/projects/#{api_fixture('users')['active']['uuid']}" + + if expect_home_link + refute_empty css_select("[href=\"/projects/#{api_fixture('users')['active']['uuid']}\"]") + else + assert_empty css_select("[href=\"/projects/#{api_fixture('users')['active']['uuid']}\"]") + end + end + end + + [ + [VirtualMachinesController.new, 'hostname', true], + [UsersController.new, 'first_name', false], + ].each do |controller, expect_str, expect_delete_link| + test "access #{controller.controller_name} index as admin and verify Delete option is#{' not' if !expect_delete_link} shown" do + @controller = controller + + get :index, {}, session_for(:admin) + + assert_response 200 + assert_includes @response.body, expect_str + if expect_delete_link + refute_empty css_select('[data-method=delete]') + else + assert_empty css_select('[data-method=delete]') + end + end + end end