X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/3598c3003a7987cca5c0536ba8206ec40c1c3649..5dbc1ae3d451f904654a2a61e5df620808ac175d:/apps/workbench/test/controllers/users_controller_test.rb
diff --git a/apps/workbench/test/controllers/users_controller_test.rb b/apps/workbench/test/controllers/users_controller_test.rb
index c1436da454..393b864dc5 100644
--- a/apps/workbench/test/controllers/users_controller_test.rb
+++ b/apps/workbench/test/controllers/users_controller_test.rb
@@ -1,6 +1,11 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
require 'test_helper'
class UsersControllerTest < ActionController::TestCase
+
test "valid token works in controller test" do
get :index, {}, session_for(:active)
assert_response :success
@@ -30,26 +35,12 @@ class UsersControllerTest < ActionController::TestCase
assert_match /\/users\/welcome/, @response.redirect_url
end
- test "show repositories with read, write, or manage permission" do
- get :manage_account, {}, session_for(:active)
- assert_response :success
- repos = assigns(:my_repositories)
- assert repos
- assert_not_empty repos, "my_repositories should not be empty"
- editables = repos.collect { |r| !!assigns(:repo_writable)[r.uuid] }
- assert_includes editables, true, "should have a writable repository"
- assert_includes editables, false, "should have a readonly repository"
- end
-
- test "show repositories lists linked as well as owned repositories" do
- get :manage_account, {}, session_for(:active)
- assert_response :success
- repos = assigns(:my_repositories)
- assert repos
- repo_writables = assigns(:repo_writable)
- assert_not_empty repo_writables, "repo_writables should not be empty"
- assert_includes repo_writables, api_fixture('repositories')['repository4']['uuid'] # writable by active
- assert_includes repo_writables, api_fixture('repositories')['repository2']['uuid'] # owned by active
+ test "'log in as user' feature uses a v2 token" do
+ post :sudo, {
+ id: api_fixture('users')['active']['uuid']
+ }, session_for('admin_trustedclient')
+ assert_response :redirect
+ assert_match /api_token=v2%2F/, @response.redirect_url
end
test "request shell access" do
@@ -74,4 +65,48 @@ class UsersControllerTest < ActionController::TestCase
end
assert_equal 1, found_email, "Expected 1 email after requesting shell access"
end
+
+ [
+ 'admin',
+ 'active',
+ ].each do |username|
+ test "access users page as #{username} and verify show button is available" do
+ admin_user = api_fixture('users','admin')
+ active_user = api_fixture('users','active')
+ get :index, {}, session_for(username)
+ if username == 'admin'
+ assert_match /Home<\/a>/, @response.body
+ assert_match /Home<\/a>/, @response.body
+ assert_match /href="\/users\/#{admin_user['uuid']}"><\/i> Show<\/a/, @response.body
+ assert_match /href="\/users\/#{active_user['uuid']}"><\/i> Show<\/a/, @response.body
+ assert_includes @response.body, admin_user['email']
+ assert_includes @response.body, active_user['email']
+ else
+ refute_match /Home<\/a>/, @response.body
+ refute_match /href="\/users\/#{admin_user['uuid']}"><\/i> Show<\/a/, @response.body
+ assert_match /href="\/users\/#{active_user['uuid']}"><\/i> Show<\/a/, @response.body
+ assert_includes @response.body, active_user['email']
+ end
+ end
+ end
+
+ [
+ 'admin',
+ 'active',
+ ].each do |username|
+ test "access settings drop down menu as #{username}" do
+ admin_user = api_fixture('users','admin')
+ active_user = api_fixture('users','active')
+ get :show, {
+ id: api_fixture('users')[username]['uuid']
+ }, session_for(username)
+ if username == 'admin'
+ assert_includes @response.body, admin_user['email']
+ refute_empty css_select('[id="system-menu"]')
+ else
+ assert_includes @response.body, active_user['email']
+ assert_empty css_select('[id="system-menu"]')
+ end
+ end
+ end
end