X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/2eb88069ea1a778e2a748e4d05244d31912398fa..bf4193eeaa390cec08bbb8333a53fbc89edfd7f3:/services/api/test/unit/group_test.rb?ds=sidebyside diff --git a/services/api/test/unit/group_test.rb b/services/api/test/unit/group_test.rb index 33ad0ecdf6..36f42006ff 100644 --- a/services/api/test/unit/group_test.rb +++ b/services/api/test/unit/group_test.rb @@ -82,7 +82,7 @@ class GroupTest < ActiveSupport::TestCase set_user_from_auth :active_trustedclient g = Group.create!(name: "foo", group_class: "role") assert_raises(ActiveRecord::RecordInvalid) do - g.update_attributes!(group_class: "project") + g.update!(group_class: "project") end end @@ -95,7 +95,7 @@ class GroupTest < ActiveSupport::TestCase c = Collection.create!(name: "bzzz124") assert_raises(ArvadosModel::PermissionDeniedError) do - c.update_attributes!(owner_uuid: role.uuid) + c.update!(owner_uuid: role.uuid) end end @@ -336,7 +336,7 @@ update links set tail_uuid='#{g5}' where uuid='#{l1.uuid}' # Cannot set frozen_by_uuid to a different user assert_raises do - proj.update_attributes!(frozen_by_uuid: users(:spectator).uuid) + proj.update!(frozen_by_uuid: users(:spectator).uuid) end proj.reload @@ -348,7 +348,7 @@ update links set tail_uuid='#{g5}' where uuid='#{l1.uuid}' # First confirm we have write permission assert Collection.create(name: 'bar', owner_uuid: proj.uuid) assert_raises(ArvadosModel::PermissionDeniedError) do - proj.update_attributes!(frozen_by_uuid: users(:spectator).uuid) + proj.update!(frozen_by_uuid: users(:spectator).uuid) end end proj.reload @@ -356,12 +356,12 @@ update links set tail_uuid='#{g5}' where uuid='#{l1.uuid}' # Cannot set frozen_by_uuid without description (if so configured) Rails.configuration.API.FreezeProjectRequiresDescription = true err = assert_raises do - proj.update_attributes!(frozen_by_uuid: users(:active).uuid) + proj.update!(frozen_by_uuid: users(:active).uuid) end assert_match /can only be set if description is non-empty/, err.inspect proj.reload err = assert_raises do - proj.update_attributes!(frozen_by_uuid: users(:active).uuid, description: '') + proj.update!(frozen_by_uuid: users(:active).uuid, description: '') end assert_match /can only be set if description is non-empty/, err.inspect proj.reload @@ -369,7 +369,7 @@ update links set tail_uuid='#{g5}' where uuid='#{l1.uuid}' # Cannot set frozen_by_uuid without properties (if so configured) Rails.configuration.API.FreezeProjectRequiresProperties['frobity'] = true err = assert_raises do - proj.update_attributes!( + proj.update!( frozen_by_uuid: users(:active).uuid, description: 'ready to freeze') end @@ -379,20 +379,20 @@ update links set tail_uuid='#{g5}' where uuid='#{l1.uuid}' # Cannot set frozen_by_uuid while project or its parent is # trashed [parent, proj].each do |trashed| - trashed.update_attributes!(trash_at: db_current_time) + trashed.update!(trash_at: db_current_time) err = assert_raises do - proj.update_attributes!( + proj.update!( frozen_by_uuid: users(:active).uuid, description: 'ready to freeze', properties: {'frobity' => 'bar baz'}) end assert_match /cannot be set on a trashed project/, err.inspect proj.reload - trashed.update_attributes!(trash_at: nil) + trashed.update!(trash_at: nil) end # Can set frozen_by_uuid if all conditions are met - ok = proj.update_attributes( + ok = proj.update( frozen_by_uuid: users(:active).uuid, description: 'ready to freeze', properties: {'frobity' => 'bar baz'}) @@ -404,7 +404,7 @@ update links set tail_uuid='#{g5}' where uuid='#{l1.uuid}' # its descendants [proj, proj_inner].each do |frozen| assert_raises do - collections(:collection_owned_by_active).update_attributes!(owner_uuid: frozen.uuid) + collections(:collection_owned_by_active).update!(owner_uuid: frozen.uuid) end assert_raises do Collection.create!(owner_uuid: frozen.uuid, name: 'inside-frozen-project') @@ -427,31 +427,31 @@ update links set tail_uuid='#{g5}' where uuid='#{l1.uuid}' # trash, or delete the project or anything beneath it [proj, proj_inner, coll].each do |frozen| assert_raises(StandardError, "should reject rename of #{frozen.uuid} (#{frozen.name}) with parent #{frozen.owner_uuid}") do - frozen.update_attributes!(name: 'foo2') + frozen.update!(name: 'foo2') end frozen.reload if frozen.is_a?(Collection) assert_raises(StandardError, "should reject manifest change of #{frozen.uuid}") do - frozen.update_attributes!(manifest_text: ". d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n") + frozen.update!(manifest_text: ". d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n") end else assert_raises(StandardError, "should reject moving a project into #{frozen.uuid}") do - groups(:private).update_attributes!(owner_uuid: frozen.uuid) + groups(:private).update!(owner_uuid: frozen.uuid) end end frozen.reload assert_raises(StandardError, "should reject moving #{frozen.uuid} to a different parent project") do - frozen.update_attributes!(owner_uuid: groups(:private).uuid) + frozen.update!(owner_uuid: groups(:private).uuid) end frozen.reload assert_raises(StandardError, "should reject setting trash_at of #{frozen.uuid}") do - frozen.update_attributes!(trash_at: db_current_time) + frozen.update!(trash_at: db_current_time) end frozen.reload assert_raises(StandardError, "should reject setting delete_at of #{frozen.uuid}") do - frozen.update_attributes!(delete_at: db_current_time) + frozen.update!(delete_at: db_current_time) end frozen.reload assert_raises(StandardError, "should reject delete of #{frozen.uuid}") do @@ -470,35 +470,35 @@ update links set tail_uuid='#{g5}' where uuid='#{l1.uuid}' # First confirm we have write permission on the parent project assert Collection.create(name: 'bar', owner_uuid: parent.uuid) assert_raises(ArvadosModel::PermissionDeniedError) do - proj.update_attributes!(frozen_by_uuid: nil) + proj.update!(frozen_by_uuid: nil) end end proj.reload # User with manage permission can unfreeze, then create items # inside it and its children - assert proj.update_attributes(frozen_by_uuid: nil) + assert proj.update(frozen_by_uuid: nil) assert Collection.create!(owner_uuid: proj.uuid, name: 'inside-unfrozen-project') assert Collection.create!(owner_uuid: proj_inner.uuid, name: 'inside-inner-unfrozen-project') # Re-freeze, and reconfigure so only admins can unfreeze. - assert proj.update_attributes(frozen_by_uuid: users(:active).uuid) + assert proj.update(frozen_by_uuid: users(:active).uuid) Rails.configuration.API.UnfreezeProjectRequiresAdmin = true # Owner cannot unfreeze, because not admin. err = assert_raises do - proj.update_attributes!(frozen_by_uuid: nil) + proj.update!(frozen_by_uuid: nil) end assert_match /can only be changed by an admin user, once set/, err.inspect proj.reload # Cannot trash or delete a frozen project's ancestor assert_raises(StandardError, "should not be able to set trash_at on parent of frozen project") do - parent.update_attributes!(trash_at: db_current_time) + parent.update!(trash_at: db_current_time) end parent.reload assert_raises(StandardError, "should not be able to set delete_at on parent of frozen project") do - parent.update_attributes!(delete_at: db_current_time) + parent.update!(delete_at: db_current_time) end parent.reload assert_nil parent.frozen_by_uuid @@ -506,13 +506,13 @@ update links set tail_uuid='#{g5}' where uuid='#{l1.uuid}' act_as_user users(:admin) do # Even admin cannot change frozen_by_uuid to someone else's UUID. err = assert_raises do - proj.update_attributes!(frozen_by_uuid: users(:project_viewer).uuid) + proj.update!(frozen_by_uuid: users(:project_viewer).uuid) end assert_match /can only be set to the current user's UUID/, err.inspect proj.reload # Admin can unfreeze. - assert proj.update_attributes(frozen_by_uuid: nil), proj.errors.messages + assert proj.update(frozen_by_uuid: nil), proj.errors.messages end # Cannot freeze a project if it contains container requests in @@ -521,15 +521,15 @@ update links set tail_uuid='#{g5}' where uuid='#{l1.uuid}' creq_uncommitted = ContainerRequest.create!(test_cr_attrs.merge(owner_uuid: proj_inner.uuid)) creq_committed = ContainerRequest.create!(test_cr_attrs.merge(owner_uuid: proj_inner.uuid, state: 'Committed')) err = assert_raises do - proj.update_attributes!(frozen_by_uuid: users(:active).uuid) + proj.update!(frozen_by_uuid: users(:active).uuid) end assert_match /container request zzzzz-xvhdp-.* with state = Committed/, err.inspect proj.reload # Can freeze once all container requests are in Uncommitted or # Final state - creq_committed.update_attributes!(state: ContainerRequest::Final) - assert proj.update_attributes(frozen_by_uuid: users(:active).uuid) + creq_committed.update!(state: ContainerRequest::Final) + assert proj.update(frozen_by_uuid: users(:active).uuid) end end @@ -538,9 +538,10 @@ update links set tail_uuid='#{g5}' where uuid='#{l1.uuid}' [false, :active, false], [true, :admin, true], [true, :active, true], + [true, :inactive, false], ].each do |conf, user, allowed| - test "config.Users.CreateRoleGroups conf=#{conf}, user=#{user}" do - Rails.configuration.Users.CreateRoleGroups = conf + test "config.Users.CanCreateRoleGroups conf=#{conf}, user=#{user}" do + Rails.configuration.Users.CanCreateRoleGroups = conf act_as_user users(user) do if allowed Group.create!(name: 'admin-created', group_class: 'role')