X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/465cb9225cce74600349239a295b1360ce2b0fa6..79a9d03d3470ef013a908051a2bccddc680ecb5c:/apps/workbench/test/controllers/application_controller_test.rb diff --git a/apps/workbench/test/controllers/application_controller_test.rb b/apps/workbench/test/controllers/application_controller_test.rb index 3504d958a3..45952ceba3 100644 --- a/apps/workbench/test/controllers/application_controller_test.rb +++ b/apps/workbench/test/controllers/application_controller_test.rb @@ -1,3 +1,7 @@ +# Copyright (C) The Arvados Authors. All rights reserved. +# +# SPDX-License-Identifier: AGPL-3.0 + require 'test_helper' class ApplicationControllerTest < ActionController::TestCase @@ -334,6 +338,57 @@ class ApplicationControllerTest < ActionController::TestCase assert_response 404 end + test "requesting to the API server includes X-Request-Id header" do + got_header = nil + stub_api_calls + stub_api_client.stubs(:post).with do |url, query, header={}| + got_header = header + true + end.returns fake_api_response('{}', 200, {}) + + Rails.configuration.anonymous_user_token = + api_fixture("api_client_authorizations", "anonymous", "api_token") + @controller = ProjectsController.new + test_uuid = "zzzzz-j7d0g-zzzzzzzzzzzzzzz" + get(:show, {id: test_uuid}) + + assert_not_nil got_header + assert_includes got_header, 'X-Request-Id' + assert_match /^req-[0-9a-zA-Z]{20}$/, got_header["X-Request-Id"] + end + + test "current request_id is nil after a request" do + @controller = NodesController.new + get(:index, {}, session_for(:active)) + assert_nil Thread.current[:request_id] + end + + test "X-Request-Id header" do + @controller = NodesController.new + get(:index, {}, session_for(:active)) + assert_match /^req-[0-9a-zA-Z]{20}$/, response.headers['X-Request-Id'] + end + + [".navbar .login-menu a", + ".navbar .login-menu .dropdown-menu a" + ].each do |css_selector| + test "login link at #{css_selector.inspect} includes return_to param" do + # Without an anonymous token, we're immediately redirected to login. + Rails.configuration.anonymous_user_token = + api_fixture("api_client_authorizations", "anonymous", "api_token") + @controller = ProjectsController.new + test_uuid = "zzzzz-j7d0g-zzzzzzzzzzzzzzz" + get(:show, {id: test_uuid}) + login_link = css_select(css_selector).first + assert_not_nil(login_link, "failed to select login link") + login_href = URI.unescape(login_link.attributes["href"].value) + # The parameter needs to include the full URL to work. + assert_includes(login_href, "://") + assert_match(/[\?&]return_to=[^&]*\/projects\/#{test_uuid}(&|$)/, + login_href) + end + end + test "Workbench returns 4xx when API server is unreachable" do # We're really testing ApplicationController's render_exception. # Our primary concern is that it doesn't raise an error and @@ -364,7 +419,7 @@ class ApplicationControllerTest < ActionController::TestCase [ProjectsController.new, api_fixture('groups')['anonymously_accessible_project']], [ProjectsController.new, api_fixture('groups')['anonymously_accessible_project'], false], ].each do |controller, fixture, anon_config=true| - test "#{controller} show method with anonymous config enabled" do + test "#{controller} show method with anonymous config #{anon_config ? '' : 'not '}enabled" do if anon_config Rails.configuration.anonymous_user_token = api_fixture('api_client_authorizations')['anonymous']['api_token'] else @@ -418,4 +473,45 @@ class ApplicationControllerTest < ActionController::TestCase assert_equal updated.uuid, project["uuid"] assert_equal 'test name', updated.name end + + [ + [VirtualMachinesController.new, 'hostname', false], + [UsersController.new, 'first_name', true], + ].each do |controller, expect_str, expect_home_link| + test "access #{controller.controller_name} index as admin and verify Home link is#{' not' if !expect_home_link} shown" do + @controller = controller + + get :index, {}, session_for(:admin) + + assert_response 200 + assert_includes @response.body, expect_str + + home_link = "/projects/#{api_fixture('users')['active']['uuid']}" + + if expect_home_link + refute_empty css_select("[href=\"/projects/#{api_fixture('users')['active']['uuid']}\"]") + else + assert_empty css_select("[href=\"/projects/#{api_fixture('users')['active']['uuid']}\"]") + end + end + end + + [ + [VirtualMachinesController.new, 'hostname', true], + [UsersController.new, 'first_name', false], + ].each do |controller, expect_str, expect_delete_link| + test "access #{controller.controller_name} index as admin and verify Delete option is#{' not' if !expect_delete_link} shown" do + @controller = controller + + get :index, {}, session_for(:admin) + + assert_response 200 + assert_includes @response.body, expect_str + if expect_delete_link + refute_empty css_select('[data-method=delete]') + else + assert_empty css_select('[data-method=delete]') + end + end + end end