X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/2c447c25f810b52e986649a3f4138c671d066092..3b151b842b11182172b5cab36d9648ea63bd1e39:/apps/workbench/test/integration/anonymous_access_test.rb diff --git a/apps/workbench/test/integration/anonymous_access_test.rb b/apps/workbench/test/integration/anonymous_access_test.rb index 43783bd0ca..aae8c41896 100644 --- a/apps/workbench/test/integration/anonymous_access_test.rb +++ b/apps/workbench/test/integration/anonymous_access_test.rb @@ -8,93 +8,74 @@ class AnonymousAccessTest < ActionDispatch::IntegrationTest setup do need_javascript + Rails.configuration.anonymous_user_token = api_fixture('api_client_authorizations')['anonymous']['api_token'] end - def verify_homepage_anonymous_enabled user, is_active, has_profile + PUBLIC_PROJECT = "/projects/#{api_fixture('groups')['anonymously_accessible_project']['uuid']}" + + def verify_site_navigation_anonymous_enabled user, is_active if user if user['is_active'] - if has_profile - assert_text 'Unrestricted public data' - assert_selector 'a', text: 'Projects' - else - assert_text 'All required fields must be completed before you can proceed' + assert_text 'Unrestricted public data' + assert_selector 'a', text: 'Projects' + page.find("#projects-menu").click + within('.dropdown-menu') do + assert_selector 'a', text: 'Search all projects' + assert_selector "a[href=\"/projects/public\"]", text: 'Browse public projects' + assert_selector 'a', text: 'Add a new project' + assert_selector 'li[class="dropdown-header"]', text: 'My projects' end else assert_text 'indicate that you have read and accepted the user agreement' end within('.navbar-fixed-top') do - assert_no_text 'You are viewing public data' - assert_selector 'a', text: "#{user['email']}" - find('a', text: "#{user['email']}").click + assert_selector 'a', text: Rails.configuration.site_name.downcase + assert(page.has_link?("notifications-menu"), 'no user menu') + page.find("#notifications-menu").click within('.dropdown-menu') do assert_selector 'a', text: 'Log out' end end - else + else # anonymous assert_text 'Unrestricted public data' within('.navbar-fixed-top') do - assert_text 'You are viewing public data' - anonymous_user = api_fixture('users')['anonymous'] - assert_selector 'a', "#{anonymous_user['email']}" - find('a', text: "#{anonymous_user['email']}").click - within('.dropdown-menu') do - assert_selector 'a', text: 'Log in' - assert_no_selector 'a', text: 'Log out' - end + assert_text Rails.configuration.site_name.downcase + assert_no_selector 'a', text: Rails.configuration.site_name.downcase + assert_selector 'a', text: 'Log in' + assert_selector 'a', text: 'Browse public projects' end end end - def visit_publicly_accessible_project token=nil, use_config=true, path=nil - if use_config - Rails.configuration.anonymous_user_token = api_fixture('api_client_authorizations')['anonymous']['api_token'] - else - Rails.configuration.anonymous_user_token = false - end - - path = "/projects/#{api_fixture('groups')['anonymously_accessible_project']['uuid']}/?public_data=true" if !path - - if token - visit page_with_token(token, path) - else - visit path - end - end - [ [nil, nil, false, false], ['inactive', api_fixture('users')['inactive'], false, false], ['active', api_fixture('users')['active'], true, true], - ['active_no_prefs_profile', api_fixture('users')['active_no_prefs_profile'], true, false], - ].each do |token, user, is_active, has_profile| + ].each do |token, user, is_active| test "visit public project as user #{token.inspect} when anonymous browsing is enabled" do - visit_publicly_accessible_project token - verify_homepage_anonymous_enabled user, is_active, has_profile - end - end - - test "anonymous user visit public project when anonymous browsing not enabled and expect to see login page" do - visit_publicly_accessible_project nil, false - assert_text 'Please log in' - end + if !token + visit PUBLIC_PROJECT + else + visit page_with_token(token, PUBLIC_PROJECT) + end - test "visit non-public project as anonymous when anonymous browsing is enabled and expect page not found" do - visit_publicly_accessible_project nil, true, - "/projects/#{api_fixture('groups')['aproject']['uuid']}/?public_data=true" - assert_text 'Not Found' + verify_site_navigation_anonymous_enabled user, is_active + end end test "selection actions when anonymous user accesses shared project" do - visit_publicly_accessible_project + visit PUBLIC_PROJECT + assert_selector 'a', text: 'Description' assert_selector 'a', text: 'Data collections' - assert_selector 'a', text: 'Jobs and pipelines' + assert_selector 'a', text: 'Pipelines and processes' assert_selector 'a', text: 'Pipeline templates' + assert_selector 'a', text: 'Subprojects' assert_selector 'a', text: 'Advanced' - assert_no_selector 'a', text: 'Subprojects' assert_no_selector 'a', text: 'Other objects' assert_no_selector 'button', text: 'Add data' + click_link 'Data collections' click_button 'Selection' within('.selection-action-container') do assert_selector 'li', text: 'Compare selected' @@ -105,160 +86,248 @@ class AnonymousAccessTest < ActionDispatch::IntegrationTest end end - [ - ['All pipelines', 'Pipeline in publicly accessible project'], - ['All jobs', 'job submitted'], - ['All collections', 'GNU_General_Public_License,_version_3.pdf'], - ].each do |selector, expectation| - test "verify dashboard when anonymous user accesses shared project and click #{selector}" do - visit_publicly_accessible_project - - # go to dashboard - click_link 'You are viewing public data' - - assert_no_selector 'a', text: 'Run a pipeline' - assert_selector 'a', text: selector - click_link selector - assert_text expectation - end - end - test "anonymous user accesses data collections tab in shared project" do - visit_publicly_accessible_project + visit PUBLIC_PROJECT + click_link 'Data collections' + collection = api_fixture('collections')['user_agreement_in_anonymously_accessible_project'] + assert_text 'GNU General Public License' - assert_selector 'a', text: 'Data collections (1)' + assert_selector 'a', text: 'Data collections' # click on show collection - within first('tr[data-kind="arvados#collection"]') do + within "tr[data-object-uuid=\"#{collection['uuid']}\"]" do click_link 'Show' end # in collection page assert_no_selector 'input', text: 'Create sharing link' + assert_no_text 'Sharing and permissions' assert_no_selector 'a', text: 'Upload' assert_no_selector 'button', 'Selection' - within ('#collection_files') do - assert_text 'GNU_General_Public_License,_version_3.pdf' - # how do i assert the view and download link existence? + within '#collection_files tr,li', text: 'GNU_General_Public_License,_version_3.pdf' do + assert page.has_no_selector?('[value*="GNU_General_Public_License"]') + find 'a[title~=View]' + find 'a[title~=Download]' end end - [ - [nil, 'job'], - [nil, 'pipelineInstance'], - ['admin', 'job'], - ['admin', 'pipelineInstance'], - ].each do |token, type| - test "user #{token.inspect} accesses jobs and pipelines tab in shared project and clicks on #{type}" do - visit_publicly_accessible_project token - - assert_selector 'a', 'Jobs and pipelines (2)' + test 'view file' do + magic = rand(2**512).to_s 36 + CollectionsController.any_instance.stubs(:file_enumerator).returns([magic]) + collection = api_fixture('collections')['public_text_file'] + visit '/collections/' + collection['uuid'] + find('tr,li', text: 'Hello world.txt'). + find('a[title~=View]').click + assert_text magic + end - click_link 'Jobs and pipelines' + [ + 'running anonymously accessible cr', + 'pipelineInstance' + ].each do |proc| + test "anonymous user accesses pipelines and processes tab in shared project and clicks on '#{proc}'" do + visit PUBLIC_PROJECT + click_link 'Data collections' + assert_text 'GNU General Public License' + + click_link 'Pipelines and processes' assert_text 'Pipeline in publicly accessible project' - # click on type specified collection - if type == 'job' - verify_job_row token + if proc.include? 'pipeline' + verify_pipeline_instance_row else - verify_pipeline_instance_row token + verify_container_request_row proc end end end - def verify_job_row user - within first('tr[data-kind="arvados#job"]') do + def verify_container_request_row look_for + within first('tr', text: look_for) do click_link 'Show' end - assert_text 'script_version' - if user - assert_selector 'a', text: 'Active User' # modified by user - assert_selector 'a', text: 'Log' - assert_selector 'a', text: 'Move job' - assert_selector 'button', text: 'Cancel' - else - assert_text 'zzzzz-tpzed-xurymjxw79nv3jz' # modified by user - assert_no_selector 'a', text: 'zzzzz-tpzed-xurymjxw79nv3jz' - assert_no_selector 'a', text: 'Log' - assert_no_selector 'a', text: 'Move job' - assert_no_selector 'a', text: 'Re-run job' - end + assert_text 'Public Projects Unrestricted public data' + assert_text 'command' + + assert_text 'zzzzz-tpzed-xurymjxw79nv3jz' # modified by user + assert_no_selector 'a', text: 'zzzzz-tpzed-xurymjxw79nv3jz' + assert_no_selector 'button', text: 'Cancel' end - def verify_pipeline_instance_row user + def verify_pipeline_instance_row within first('tr[data-kind="arvados#pipelineInstance"]') do assert_text 'Pipeline in publicly accessible project' click_link 'Show' end # in pipeline instance page + assert_text 'Public Projects Unrestricted public data' assert_text 'This pipeline is complete' - if user - assert_selector 'a', text: 'Re-run with latest' - assert_selector 'a', text: 'Re-run options' - else - assert_no_selector 'a', text: 'Re-run with latest' - assert_no_selector 'a', text: 'Re-run options' - end + assert_no_selector 'a', text: 'Re-run with latest' + assert_no_selector 'a', text: 'Re-run options' end - test "anonymous user accesses pipeline templates tab in shared project" do - visit_publicly_accessible_project + [ + 'pipelineTemplate', + 'workflow' + ].each do |type| + test "anonymous user accesses pipeline templates tab in shared project and click on #{type}" do + visit PUBLIC_PROJECT + click_link 'Data collections' + assert_text 'GNU General Public License' + + assert_selector 'a', text: 'Pipeline templates' + + click_link 'Pipeline templates' + assert_text 'Pipeline template in publicly accessible project' + assert_text 'Workflow with input specifications' + + if type == 'pipelineTemplate' + within first('tr[data-kind="arvados#pipelineTemplate"]') do + click_link 'Show' + end + + # in template page + assert_text 'Public Projects Unrestricted public data' + assert_text 'script version' + assert_no_selector 'a', text: 'Run this pipeline' + else + within first('tr[data-kind="arvados#workflow"]') do + click_link 'Show' + end + + # in workflow page + assert_text 'Public Projects Unrestricted public data' + assert_text 'this workflow has inputs specified' + end + end + end - assert_selector 'a', 'Pipeline templates (1)' + test "anonymous user accesses subprojects tab in shared project" do + visit PUBLIC_PROJECT + '#Subprojects' - click_link 'Pipeline templates' - assert_text 'Pipeline template in publicly accessible project' + assert_text 'Subproject in anonymous accessible project' - within first('tr[data-kind="arvados#pipelineTemplate"]') do + within first('tr[data-kind="arvados#group"]') do click_link 'Show' end - # in template page - assert_text 'script version' - assert_no_selector 'a', text: 'Run this pipeline' + # in subproject + assert_text 'Description for subproject in anonymous accessible project' end [ - [nil, '/users'], - [nil, '/groups'], - ['admin', '/users'], - ['admin', '/groups'], - ].each do |token, page| - test "user #{token.inspect} accesses publicly accessible project and then traverses to #{page}" do - # go to the page - if token - visit page_with_token(token, page) + ['pipeline_in_publicly_accessible_project', true], + ['pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false], + ['pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false, 'spectator'], + ['pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', true, 'admin'], + + ['completed_job_in_publicly_accessible_project', true], + ['running_job_in_publicly_accessible_project', true], + ['job_in_publicly_accessible_project_but_other_objects_elsewhere', false], + ].each do |fixture, objects_readable, user=nil| + test "access #{fixture} in public project with objects readable=#{objects_readable} with user #{user}" do + pipeline_page = true if fixture.include?('pipeline') + + if pipeline_page + object = api_fixture('pipeline_instances')[fixture] + page_link = "/pipeline_instances/#{object['uuid']}" + expect_log_text = "Log for foo" + else # job + object = api_fixture('jobs')[fixture] + page_link = "/jobs/#{object['uuid']}" + expect_log_text = "stderr crunchstat" + end + + if user + visit page_with_token user, page_link else - # when anonymous, first visit publicly accessible project - visit_publicly_accessible_project token if !token - visit page + visit page_link end - if page == '/users' - verify_users_page token - elsif page == '/groups' - verify_groups_page token + # click job link, if in pipeline page + click_link 'foo' if pipeline_page + + if objects_readable + assert_selector 'a[href="#Log"]', text: 'Log' + assert_no_selector 'a[data-toggle="disabled"]', text: 'Log' + assert_no_text 'Output data not available' + if pipeline_page + assert_text 'This pipeline was created from' + job_id = object['components']['foo']['job']['uuid'] + assert_selector 'a', text: job_id + assert_selector "a[href=\"/jobs/#{job_id}#Log\"]", text: 'Log' + + # We'd like to test the Log tab on job pages too, but we can't right + # now because Poltergeist 1.x doesn't support JavaScript's + # Function.prototype.bind, which is used by job_log_graph.js. + find(:xpath, "//a[@href='#Log']").click + assert_text expect_log_text + end + else + assert_selector 'a[data-toggle="disabled"]', text: 'Log' + assert_text 'Output data not available' + assert_text object['job'] + if pipeline_page + assert_no_text 'This pipeline was created from' # template is not readable + assert_no_selector 'a', text: object['components']['foo']['job']['uuid'] + assert_text 'Log unavailable' + end + find(:xpath, "//a[@href='#Log']").click + assert_text 'Output data not available' + assert_no_text expect_log_text end end end - def verify_users_page user - assert_text 'user' - if user - assert_selector 'a', text: 'Add a new user' - else - assert_no_selector 'a', text: 'Add a new user' - end - end + [ + ['new_pipeline_in_publicly_accessible_project', true], + ['new_pipeline_in_publicly_accessible_project', true, 'spectator'], + ['new_pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false], + ['new_pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false, 'spectator'], + ['new_pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', true, 'admin'], + ['new_pipeline_in_publicly_accessible_project_with_dataclass_file_and_other_objects_elsewhere', false], + ['new_pipeline_in_publicly_accessible_project_with_dataclass_file_and_other_objects_elsewhere', false, 'spectator'], + ['new_pipeline_in_publicly_accessible_project_with_dataclass_file_and_other_objects_elsewhere', true, 'admin'], + ].each do |fixture, objects_readable, user=nil| + test "access #{fixture} in public project with objects readable=#{objects_readable} with user #{user}" do + object = api_fixture('pipeline_instances')[fixture] + page = "/pipeline_instances/#{object['uuid']}" + if user + visit page_with_token user, page + else + visit page + end - def verify_groups_page user - assert_text 'Group' - if user - assert_selector 'button', text: 'Add a new group' - else - assert_no_selector 'button', text: 'Add a new group' + # click Components tab + click_link 'Components' + + if objects_readable + assert_text 'This pipeline was created from' + if user == 'admin' + assert_text 'input' + assert_selector 'a', text: 'Choose' + assert_selector 'a', text: 'Run' + assert_no_selector 'a.disabled', text: 'Run' + else + assert_selector 'a', text: object['components']['foo']['script_parameters']['input']['value'] + user ? (assert_selector 'a', text: 'Run') : (assert_no_selector 'a', text: 'Run') + end + else + assert_no_text 'This pipeline was created from' # template is not readable + input = object['components']['foo']['script_parameters']['input']['value'] + assert_no_selector 'a', text: input + if user + input = input.gsub('/', '\\/') + assert_text "One or more inputs provided are not readable" + assert_selector "input[type=text][value=#{input}]" + assert_selector 'a.disabled', text: 'Run' + else + assert_no_text "One or more inputs provided are not readable" + assert_text input + assert_no_selector 'a', text: 'Run' + end + end end end end