X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/274ca7a6c2f1f600de4242eee6cb4e8465d4440c..0eb72b526bf8bbb011551ecf019f604e17a534f1:/services/api/test/functional/arvados/v1/nodes_controller_test.rb diff --git a/services/api/test/functional/arvados/v1/nodes_controller_test.rb b/services/api/test/functional/arvados/v1/nodes_controller_test.rb index 3143a2ee1d..f9e5be454e 100644 --- a/services/api/test/functional/arvados/v1/nodes_controller_test.rb +++ b/services/api/test/functional/arvados/v1/nodes_controller_test.rb @@ -1,3 +1,7 @@ +# Copyright (C) The Arvados Authors. All rights reserved. +# +# SPDX-License-Identifier: AGPL-3.0 + require 'test_helper' class Arvados::V1::NodesControllerTest < ActionController::TestCase @@ -17,8 +21,8 @@ class Arvados::V1::NodesControllerTest < ActionController::TestCase authorize_with :inactive get :index assert_response :success - node_items = JSON.parse(@response.body)['items'] - assert_equal 0, node_items.size + assert_equal 0, json_response['items'].size + assert_equal 0, json_response['items_available'] end # active user sees non-secret attributes of up and recently-up nodes @@ -26,8 +30,9 @@ class Arvados::V1::NodesControllerTest < ActionController::TestCase authorize_with :active get :index assert_response :success - node_items = JSON.parse(@response.body)['items'] - assert_not_equal 0, node_items.size + assert_operator 0, :<, json_response['items_available'] + node_items = json_response['items'] + assert_operator 0, :<, node_items.size found_busy_node = false node_items.each do |node| assert_nil node['info'].andand['ping_secret'] @@ -68,7 +73,7 @@ class Arvados::V1::NodesControllerTest < ActionController::TestCase test "create node" do authorize_with :admin - post :create + post :create, {node: {}} assert_response :success assert_not_nil json_response['uuid'] assert_not_nil json_response['info'].is_a? Hash @@ -93,4 +98,132 @@ class Arvados::V1::NodesControllerTest < ActionController::TestCase assert_equal(1024, properties['total_ram_mb'].to_i) assert_equal(2048, properties['total_scratch_mb'].to_i) end + + test "active user can see their assigned job" do + authorize_with :active + get :show, {id: nodes(:busy).uuid} + assert_response :success + assert_equal(jobs(:nearly_finished_job).uuid, json_response["job_uuid"]) + end + + test "user without job read permission can't see job" do + authorize_with :spectator + get :show, {id: nodes(:busy).uuid} + assert_response :success + assert_nil(json_response["job"], "spectator can see node's assigned job") + end + + [:admin, :spectator].each do |user| + test "select param does not break node list for #{user}" do + authorize_with user + get :index, {select: ['domain']} + assert_response :success + assert_operator 0, :<, json_response['items_available'] + end + end + + test "admin can associate a job with a node" do + changed_node = nodes(:idle) + assigned_job = jobs(:queued) + authorize_with :admin + post :update, { + id: changed_node.uuid, + node: {job_uuid: assigned_job.uuid}, + } + assert_response :success + assert_equal(changed_node.hostname, json_response["hostname"], + "hostname mismatch after defining job") + assert_equal(assigned_job.uuid, json_response["job_uuid"], + "mismatch in node's assigned job UUID") + end + + test "non-admin can't associate a job with a node" do + authorize_with :active + post :update, { + id: nodes(:idle).uuid, + node: {job_uuid: jobs(:queued).uuid}, + } + assert_response 403 + end + + test "admin can unassign a job from a node" do + changed_node = nodes(:busy) + authorize_with :admin + post :update, { + id: changed_node.uuid, + node: {job_uuid: nil}, + } + assert_response :success + assert_equal(changed_node.hostname, json_response["hostname"], + "hostname mismatch after defining job") + assert_nil(json_response["job_uuid"], + "node still has job assignment after update") + end + + test "non-admin can't unassign a job from a node" do + authorize_with :project_viewer + post :update, { + id: nodes(:busy).uuid, + node: {job_uuid: nil}, + } + assert_response 403 + end + + test "job readable after updating other attributes" do + authorize_with :admin + post :update, { + id: nodes(:busy).uuid, + node: {last_ping_at: 1.second.ago}, + } + assert_response :success + assert_equal(jobs(:nearly_finished_job).uuid, json_response["job_uuid"], + "mismatched job UUID after ping update") + end + + test "node should fail ping with invalid hostname config format" do + Rails.configuration.assign_node_hostname = 'compute%04' # should end with "04d" + post :ping, { + id: nodes(:new_with_no_hostname).uuid, + ping_secret: nodes(:new_with_no_hostname).info['ping_secret'], + } + assert_response 422 + end + + test "first ping should set ip addr using local_ipv4 when provided" do + post :ping, { + id: 'zzzzz-7ekkf-nodenoipaddryet', + instance_id: 'i-0000000', + local_ipv4: '172.17.2.172', + ping_secret: 'abcdyefg4lb5q4gzqqtrnq30oyj08r8dtdimmanbqw49z1anz2' + } + assert_response :success + response = JSON.parse(@response.body) + assert_equal 'zzzzz-7ekkf-nodenoipaddryet', response['uuid'] + assert_equal '172.17.2.172', response['ip_address'] + end + + test "first ping should set ip addr using remote_ip when local_ipv4 is not provided" do + post :ping, { + id: 'zzzzz-7ekkf-nodenoipaddryet', + instance_id: 'i-0000000', + ping_secret: 'abcdyefg4lb5q4gzqqtrnq30oyj08r8dtdimmanbqw49z1anz2' + } + assert_response :success + response = JSON.parse(@response.body) + assert_equal 'zzzzz-7ekkf-nodenoipaddryet', response['uuid'] + assert_equal request.remote_ip, response['ip_address'] + end + + test "future pings should not change previous ip address" do + post :ping, { + id: 'zzzzz-7ekkf-2z3mc76g2q73aio', + instance_id: 'i-0000000', + local_ipv4: '172.17.2.175', + ping_secret: '69udawxvn3zzj45hs8bumvndricrha4lcpi23pd69e44soanc0' + } + assert_response :success + response = JSON.parse(@response.body) + assert_equal 'zzzzz-7ekkf-2z3mc76g2q73aio', response['uuid'] + assert_equal '172.17.2.174', response['ip_address'] # original ip address is not overwritten + end end