X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/4993b8b44022fd3dc73fcebf20f80d054bdf4370..5dbc1ae3d451f904654a2a61e5df620808ac175d:/apps/workbench/test/controllers/users_controller_test.rb
diff --git a/apps/workbench/test/controllers/users_controller_test.rb b/apps/workbench/test/controllers/users_controller_test.rb
index 125d6b0885..393b864dc5 100644
--- a/apps/workbench/test/controllers/users_controller_test.rb
+++ b/apps/workbench/test/controllers/users_controller_test.rb
@@ -1,6 +1,11 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
require 'test_helper'
class UsersControllerTest < ActionController::TestCase
+
test "valid token works in controller test" do
get :index, {}, session_for(:active)
assert_response :success
@@ -30,35 +35,78 @@ class UsersControllerTest < ActionController::TestCase
assert_match /\/users\/welcome/, @response.redirect_url
end
- test "show repositories with read, write, or manage permission" do
- get :manage_account, {}, session_for(:active)
- assert_response :success
- repos = assigns(:my_repositories)
- assert repos
- assert_not_empty repos, "my_repositories should not be empty"
- editables = repos.collect { |r| !!assigns(:repo_writable)[r.uuid] }
- assert_includes editables, true, "should have a writable repository"
- assert_includes editables, false, "should have a readonly repository"
+ test "'log in as user' feature uses a v2 token" do
+ post :sudo, {
+ id: api_fixture('users')['active']['uuid']
+ }, session_for('admin_trustedclient')
+ assert_response :redirect
+ assert_match /api_token=v2%2F/, @response.redirect_url
end
test "request shell access" do
user = api_fixture('users')['spectator']
+ ActionMailer::Base.deliveries = []
+
post :request_shell_access, {
id: user['uuid'],
format: 'js'
}, session_for(:spectator)
assert_response :success
- found_email = false
- ActionMailer::Base.deliveries.andand.each do |email|
- full_name = (user['first_name'] || "") + " " + (user['last_name'] || "")
- expected = "Shell account request from #{full_name} (#{user['email']}, #{user['uuid']})"
+ full_name = "#{user['first_name']} #{user['last_name']}"
+ expected = "Shell account request from #{full_name} (#{user['email']}, #{user['uuid']})"
+ found_email = 0
+ ActionMailer::Base.deliveries.each do |email|
if email.subject.include?(expected)
- found_email = true
+ found_email += 1
break
end
end
- assert_equal true, found_email, "Expected email after requesting shell access"
+ assert_equal 1, found_email, "Expected 1 email after requesting shell access"
+ end
+
+ [
+ 'admin',
+ 'active',
+ ].each do |username|
+ test "access users page as #{username} and verify show button is available" do
+ admin_user = api_fixture('users','admin')
+ active_user = api_fixture('users','active')
+ get :index, {}, session_for(username)
+ if username == 'admin'
+ assert_match /Home<\/a>/, @response.body
+ assert_match /Home<\/a>/, @response.body
+ assert_match /href="\/users\/#{admin_user['uuid']}"><\/i> Show<\/a/, @response.body
+ assert_match /href="\/users\/#{active_user['uuid']}"><\/i> Show<\/a/, @response.body
+ assert_includes @response.body, admin_user['email']
+ assert_includes @response.body, active_user['email']
+ else
+ refute_match /Home<\/a>/, @response.body
+ refute_match /href="\/users\/#{admin_user['uuid']}"><\/i> Show<\/a/, @response.body
+ assert_match /href="\/users\/#{active_user['uuid']}"><\/i> Show<\/a/, @response.body
+ assert_includes @response.body, active_user['email']
+ end
+ end
+ end
+
+ [
+ 'admin',
+ 'active',
+ ].each do |username|
+ test "access settings drop down menu as #{username}" do
+ admin_user = api_fixture('users','admin')
+ active_user = api_fixture('users','active')
+ get :show, {
+ id: api_fixture('users')[username]['uuid']
+ }, session_for(username)
+ if username == 'admin'
+ assert_includes @response.body, admin_user['email']
+ refute_empty css_select('[id="system-menu"]')
+ else
+ assert_includes @response.body, active_user['email']
+ assert_empty css_select('[id="system-menu"]')
+ end
+ end
end
end