X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/392d1f416f8d6e0ca74984376b57c809f7d1e0a4..7696fe3db2dcf03fe8b4528080100bec2196da91:/services/api/test/integration/groups_test.rb diff --git a/services/api/test/integration/groups_test.rb b/services/api/test/integration/groups_test.rb index 3a59aff9af..e76f2b5406 100644 --- a/services/api/test/integration/groups_test.rb +++ b/services/api/test/integration/groups_test.rb @@ -64,46 +64,6 @@ class GroupsTest < ActionDispatch::IntegrationTest end end - [ - ['Collection_', true], # collections and pipelines templates - ['hash', true], # pipeline templates - ['fa7aeb5140e2848d39b', false], # script_parameter of pipeline instances - ['fa7aeb5140e2848d39b:*', true], # script_parameter of pipeline instances - ['project pipeline', true], # finds "Completed pipeline in A Project" - ['project pipeli:*', true], # finds "Completed pipeline in A Project" - ['proje pipeli:*', false], # first word is incomplete, so no prefix match - ['no-such-thing', false], # script_parameter of pipeline instances - ].each do |search_filter, expect_results| - test "full text search of group-owned objects for #{search_filter}" do - get "/arvados/v1/groups/contents", - params: { - id: groups(:aproject).uuid, - limit: 5, - :filters => [['any', '@@', search_filter]].to_json - }, - headers: auth(:active) - assert_response :success - if expect_results - refute_empty json_response['items'] - json_response['items'].each do |item| - assert item['uuid'] - assert_equal groups(:aproject).uuid, item['owner_uuid'] - end - else - assert_empty json_response['items'] - end - end - end - - test "full text search is not supported for individual columns" do - get "/arvados/v1/groups/contents", - params: { - :filters => [['name', '@@', 'Private']].to_json - }, - headers: auth(:active) - assert_response 422 - end - test "group contents with include trash collections" do get "/arvados/v1/groups/contents", params: { @@ -134,6 +94,69 @@ class GroupsTest < ActionDispatch::IntegrationTest assert_includes coll_uuids, collections(:foo_collection_in_aproject).uuid assert_not_includes coll_uuids, collections(:expired_collection).uuid end + + test "unsharing a project results in hiding it from previously shared user" do + # remove sharing link for project + delete "/arvados/v1/links/#{links(:share_starred_project_with_project_viewer).uuid}", headers: auth(:admin) + assert_response 200 + + # verify that the user can no longer see the project + get "/arvados/v1/groups", + params: { + filters: [['group_class', '=', 'project']].to_json, + limit: 1000 + }, headers: auth(:project_viewer) + assert_response 200 + found_projects = {} + json_response['items'].each do |g| + found_projects[g['uuid']] = g + end + assert_equal false, found_projects.include?(groups(:starred_and_shared_active_user_project).uuid) + + # share the project + post "/arvados/v1/links", params: { + link: { + link_class: "permission", + name: "can_read", + head_uuid: groups(:starred_and_shared_active_user_project).uuid, + tail_uuid: users(:project_viewer).uuid, + } + }, headers: auth(:system_user) + assert_response 200 + assert_equal 'permission', json_response['link_class'] + + # verify that project_viewer user can now see shared project again + get "/arvados/v1/groups", params: { + filters: [['group_class', '=', 'project']].to_json, + limit: 1000 + }, headers: auth(:project_viewer) + assert_response 200 + found_projects = {} + json_response['items'].each do |g| + found_projects[g['uuid']] = g + end + assert_equal true, found_projects.include?(groups(:starred_and_shared_active_user_project).uuid) + end + + test 'count none works with offset' do + first_results = nil + (0..10).each do |offset| + get "/arvados/v1/groups/contents", params: { + id: groups(:aproject).uuid, + offset: offset, + format: :json, + order: :uuid, + count: :none, + }, headers: auth(:active) + assert_response :success + assert_nil json_response['items_available'] + if first_results.nil? + first_results = json_response['items'] + else + assert_equal first_results[offset]['uuid'], json_response['items'][0]['uuid'] + end + end + end end class NonTransactionalGroupsTest < ActionDispatch::IntegrationTest @@ -150,23 +173,28 @@ class NonTransactionalGroupsTest < ActionDispatch::IntegrationTest assert_response :success end - test "create request with async=true defers permissions update" do - Rails.configuration.async_permissions_update_interval = 1 # second + test "create request with async=true does not defer permissions update" do + Rails.configuration.API.AsyncPermissionsUpdateInterval = 1 # second name = "Random group #{rand(1000)}" assert_equal nil, Group.find_by_name(name) + # Following the implementation of incremental permission updates + # (#16007) the async flag is now a no-op. Permission changes are + # visible immediately. + # Trigger the asynchronous permission update by using async=true parameter. post "/arvados/v1/groups", params: { group: { - name: name + name: name, + group_class: "project" }, async: true }, headers: auth(:active) assert_response 202 - # The group exists on the database, but it's not accessible yet. + # The group exists in the database assert_not_nil Group.find_by_name(name) get "/arvados/v1/groups", params: { @@ -175,7 +203,7 @@ class NonTransactionalGroupsTest < ActionDispatch::IntegrationTest }, headers: auth(:active) assert_response 200 - assert_equal 0, json_response['items_available'] + assert_equal 1, json_response['items_available'] # Wait a bit and try again. sleep(1)