X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/41a6554ca2281983645cf606ba6291cc2332dced..aebdddd8d1449ff7f8a6ba63054276e798dd79a0:/services/api/test/unit/group_test.rb diff --git a/services/api/test/unit/group_test.rb b/services/api/test/unit/group_test.rb index 9e0e4fc546..554106e006 100644 --- a/services/api/test/unit/group_test.rb +++ b/services/api/test/unit/group_test.rb @@ -1,3 +1,7 @@ +# Copyright (C) The Arvados Authors. All rights reserved. +# +# SPDX-License-Identifier: AGPL-3.0 + require 'test_helper' class GroupTest < ActiveSupport::TestCase @@ -56,4 +60,175 @@ class GroupTest < ActiveSupport::TestCase assert g_foo.errors.messages[:owner_uuid].join(" ").match(/ownership cycle/) end + test "trash group hides contents" do + set_user_from_auth :active_trustedclient + + g_foo = Group.create!(name: "foo") + col = Collection.create!(owner_uuid: g_foo.uuid) + + assert Collection.readable_by(users(:active)).where(uuid: col.uuid).any? + g_foo.update! is_trashed: true + assert Collection.readable_by(users(:active)).where(uuid: col.uuid).empty? + assert Collection.readable_by(users(:active), {:include_trash => true}).where(uuid: col.uuid).any? + g_foo.update! is_trashed: false + assert Collection.readable_by(users(:active)).where(uuid: col.uuid).any? + end + + test "trash group" do + set_user_from_auth :active_trustedclient + + g_foo = Group.create!(name: "foo") + g_bar = Group.create!(name: "bar", owner_uuid: g_foo.uuid) + g_baz = Group.create!(name: "baz", owner_uuid: g_bar.uuid) + + assert Group.readable_by(users(:active)).where(uuid: g_foo.uuid).any? + assert Group.readable_by(users(:active)).where(uuid: g_bar.uuid).any? + assert Group.readable_by(users(:active)).where(uuid: g_baz.uuid).any? + g_foo.update! is_trashed: true + assert Group.readable_by(users(:active)).where(uuid: g_foo.uuid).empty? + assert Group.readable_by(users(:active)).where(uuid: g_bar.uuid).empty? + assert Group.readable_by(users(:active)).where(uuid: g_baz.uuid).empty? + + assert Group.readable_by(users(:active), {:include_trash => true}).where(uuid: g_foo.uuid).any? + assert Group.readable_by(users(:active), {:include_trash => true}).where(uuid: g_bar.uuid).any? + assert Group.readable_by(users(:active), {:include_trash => true}).where(uuid: g_baz.uuid).any? + end + + + test "trash subgroup" do + set_user_from_auth :active_trustedclient + + g_foo = Group.create!(name: "foo") + g_bar = Group.create!(name: "bar", owner_uuid: g_foo.uuid) + g_baz = Group.create!(name: "baz", owner_uuid: g_bar.uuid) + + assert Group.readable_by(users(:active)).where(uuid: g_foo.uuid).any? + assert Group.readable_by(users(:active)).where(uuid: g_bar.uuid).any? + assert Group.readable_by(users(:active)).where(uuid: g_baz.uuid).any? + g_bar.update! is_trashed: true + + assert Group.readable_by(users(:active)).where(uuid: g_foo.uuid).any? + assert Group.readable_by(users(:active)).where(uuid: g_bar.uuid).empty? + assert Group.readable_by(users(:active)).where(uuid: g_baz.uuid).empty? + + assert Group.readable_by(users(:active), {:include_trash => true}).where(uuid: g_bar.uuid).any? + assert Group.readable_by(users(:active), {:include_trash => true}).where(uuid: g_baz.uuid).any? + end + + test "trash subsubgroup" do + set_user_from_auth :active_trustedclient + + g_foo = Group.create!(name: "foo") + g_bar = Group.create!(name: "bar", owner_uuid: g_foo.uuid) + g_baz = Group.create!(name: "baz", owner_uuid: g_bar.uuid) + + assert Group.readable_by(users(:active)).where(uuid: g_foo.uuid).any? + assert Group.readable_by(users(:active)).where(uuid: g_bar.uuid).any? + assert Group.readable_by(users(:active)).where(uuid: g_baz.uuid).any? + g_baz.update! is_trashed: true + assert Group.readable_by(users(:active)).where(uuid: g_foo.uuid).any? + assert Group.readable_by(users(:active)).where(uuid: g_bar.uuid).any? + assert Group.readable_by(users(:active)).where(uuid: g_baz.uuid).empty? + assert Group.readable_by(users(:active), {:include_trash => true}).where(uuid: g_baz.uuid).any? + end + + + test "trash group propagates to subgroups" do + set_user_from_auth :active_trustedclient + + g_foo = groups(:trashed_project) + g_bar = groups(:trashed_subproject) + g_baz = groups(:trashed_subproject3) + col = collections(:collection_in_trashed_subproject) + + assert Group.readable_by(users(:active)).where(uuid: g_foo.uuid).empty? + assert Group.readable_by(users(:active)).where(uuid: g_bar.uuid).empty? + assert Group.readable_by(users(:active)).where(uuid: g_baz.uuid).empty? + assert Collection.readable_by(users(:active)).where(uuid: col.uuid).empty? + + set_user_from_auth :admin + assert Group.readable_by(users(:active)).where(uuid: g_foo.uuid).empty? + assert Group.readable_by(users(:active)).where(uuid: g_bar.uuid).empty? + assert Group.readable_by(users(:active)).where(uuid: g_baz.uuid).empty? + assert Collection.readable_by(users(:active)).where(uuid: col.uuid).empty? + + set_user_from_auth :active_trustedclient + g_foo.update! is_trashed: false + assert Group.readable_by(users(:active)).where(uuid: g_foo.uuid).any? + assert Group.readable_by(users(:active)).where(uuid: g_bar.uuid).any? + assert Collection.readable_by(users(:active)).where(uuid: col.uuid).any? + + # this one should still be trashed. + assert Group.readable_by(users(:active)).where(uuid: g_baz.uuid).empty? + + g_baz.update! is_trashed: false + assert Group.readable_by(users(:active)).where(uuid: g_baz.uuid).any? + end + + test "trashed does not propagate across permission links" do + set_user_from_auth :admin + + g_foo = Group.create!(name: "foo") + u_bar = User.create!(first_name: "bar") + + assert Group.readable_by(users(:admin)).where(uuid: g_foo.uuid).any? + assert User.readable_by(users(:admin)).where(uuid: u_bar.uuid).any? + g_foo.update! is_trashed: true + + assert Group.readable_by(users(:admin)).where(uuid: g_foo.uuid).empty? + assert User.readable_by(users(:admin)).where(uuid: u_bar.uuid).any? + + g_foo.update! is_trashed: false + ln = Link.create!(tail_uuid: g_foo.uuid, + head_uuid: u_bar.uuid, + link_class: "permission", + name: "can_read") + g_foo.update! is_trashed: true + + assert Group.readable_by(users(:admin)).where(uuid: g_foo.uuid).empty? + assert User.readable_by(users(:admin)).where(uuid: u_bar.uuid).any? + end + + test "move projects to trash in SweepTrashedObjects" do + p = groups(:trashed_on_next_sweep) + assert_empty Group.where('uuid=? and is_trashed=true', p.uuid) + SweepTrashedObjects.sweep_now + assert_not_empty Group.where('uuid=? and is_trashed=true', p.uuid) + end + + test "delete projects and their contents in SweepTrashedObjects" do + g_foo = groups(:trashed_project) + g_bar = groups(:trashed_subproject) + g_baz = groups(:trashed_subproject3) + col = collections(:collection_in_trashed_subproject) + job = jobs(:job_in_trashed_project) + cr = container_requests(:cr_in_trashed_project) + # Save how many objects were before the sweep + user_nr_was = User.all.length + coll_nr_was = Collection.all.length + group_nr_was = Group.where('group_class != "project"').length + project_nr_was = Group.where(group_class: "project").length + cr_nr_was = CollectionRequest.all.length + job_nr_was = Job.all.length + assert_not_empty Group.where(uuid: g_foo.uuid) + assert_not_empty Group.where(uuid: g_bar.uuid) + assert_not_empty Group.where(uuid: g_baz.uuid) + assert_not_empty Collection.where(uuid: col.uuid) + assert_not_empty Job.where(uuid: job.uuid) + assert_not_empty ContainerRequest.where(uuid: cr.uuid) + SweepTrashedObjects.sweep_now + assert_empty Group.where(uuid: g_foo.uuid) + assert_empty Group.where(uuid: g_bar.uuid) + assert_empty Group.where(uuid: g_baz.uuid) + assert_empty Collection.where(uuid: col.uuid) + assert_empty Job.where(uuid: job.uuid) + assert_empty ContainerRequest.where(uuid: cr.uuid) + # No unwanted deletions should have happened + assert_equal user_nr_was, User.all.length + assert_equal coll_nr_was-1, Collection.all.length + assert_equal group_nr_was, Group.where('group_class != "project"').length + assert_equal project_nr_was-3, Group.where(group_class: "project").length + assert_equal cr_nr_was-1, CollectionRequest.all.length + assert_equal job_nr_was-1, Job.all.length + end end