X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/50bccff93109fe6ef9c370d2a858049d8b2e22cd..c7cf228372bee18d84b14fc4089a758bc157fe76:/apps/workbench/test/integration/anonymous_access_test.rb diff --git a/apps/workbench/test/integration/anonymous_access_test.rb b/apps/workbench/test/integration/anonymous_access_test.rb deleted file mode 100644 index e47f1ae2e9..0000000000 --- a/apps/workbench/test/integration/anonymous_access_test.rb +++ /dev/null @@ -1,338 +0,0 @@ -# Copyright (C) The Arvados Authors. All rights reserved. -# -# SPDX-License-Identifier: AGPL-3.0 - -require 'integration_helper' - -class AnonymousAccessTest < ActionDispatch::IntegrationTest - # These tests don't do state-changing API calls. Save some time by - # skipping the database reset. - reset_api_fixtures :after_each_test, false - reset_api_fixtures :after_suite, true - - setup do - need_javascript - Rails.configuration.Users.AnonymousUserToken = api_fixture('api_client_authorizations')['anonymous']['api_token'] - end - - PUBLIC_PROJECT = "/projects/#{api_fixture('groups')['anonymously_accessible_project']['uuid']}" - - def verify_site_navigation_anonymous_enabled user, is_active - if user - if user['is_active'] - assert_text 'Unrestricted public data' - assert_selector 'a', text: 'Projects' - page.find("#projects-menu").click - within('.dropdown-menu') do - assert_selector 'a', text: 'Search all projects' - assert_selector "a[href=\"/projects/public\"]", text: 'Browse public projects' - assert_selector 'a', text: 'Add a new project' - assert_selector 'li[class="dropdown-header"]', text: 'My projects' - end - else - assert_text 'indicate that you have read and accepted the user agreement' - end - within('.navbar-fixed-top') do - assert_selector 'a', text: Rails.configuration.Workbench.SiteName.downcase - assert(page.has_link?("notifications-menu"), 'no user menu') - page.find("#notifications-menu").click - within('.dropdown-menu') do - assert_selector 'a', text: 'Log out' - end - end - else # anonymous - assert_text 'Unrestricted public data' - within('.navbar-fixed-top') do - assert_text Rails.configuration.Workbench.SiteName.downcase - assert_no_selector 'a', text: Rails.configuration.Workbench.SiteName.downcase - assert_selector 'a', text: 'Log in' - assert_selector 'a', text: 'Browse public projects' - end - end - end - - [ - [nil, nil, false, false], - ['inactive', api_fixture('users')['inactive'], false, false], - ['active', api_fixture('users')['active'], true, true], - ].each do |token, user, is_active| - test "visit public project as user #{token.inspect} when anonymous browsing is enabled" do - if !token - visit PUBLIC_PROJECT - else - visit page_with_token(token, PUBLIC_PROJECT) - end - - verify_site_navigation_anonymous_enabled user, is_active - end - end - - test "selection actions when anonymous user accesses shared project" do - visit PUBLIC_PROJECT - - assert_selector 'a', text: 'Description' - assert_selector 'a', text: 'Data collections' - assert_selector 'a', text: 'Pipelines and processes' - assert_selector 'a', text: 'Pipeline templates' - assert_selector 'a', text: 'Subprojects' - assert_selector 'a', text: 'Advanced' - assert_no_selector 'a', text: 'Other objects' - assert_no_selector 'button', text: 'Add data' - - click_link 'Data collections' - click_button 'Selection' - within('.selection-action-container') do - assert_selector 'li', text: 'Compare selected' - assert_no_selector 'li', text: 'Create new collection with selected collections' - assert_no_selector 'li', text: 'Copy selected' - assert_no_selector 'li', text: 'Move selected' - assert_no_selector 'li', text: 'Remove selected' - end - end - - test "anonymous user accesses data collections tab in shared project" do - visit PUBLIC_PROJECT - click_link 'Data collections' - collection = api_fixture('collections')['user_agreement_in_anonymously_accessible_project'] - assert_text 'GNU General Public License' - - assert_selector 'a', text: 'Data collections' - - # click on show collection - within "tr[data-object-uuid=\"#{collection['uuid']}\"]" do - click_link 'Show' - end - - # in collection page - assert_no_selector 'input', text: 'Create sharing link' - assert_no_text 'Sharing and permissions' - assert_no_selector 'a', text: 'Upload' - assert_no_selector 'button', 'Selection' - - within '#collection_files tr,li', text: 'GNU_General_Public_License,_version_3.pdf' do - assert page.has_no_selector?('[value*="GNU_General_Public_License"]') - find 'a[title~=View]' - find 'a[title~=Download]' - end - end - - test 'view file' do - need_selenium "phantomjs does not follow redirects reliably, maybe https://github.com/ariya/phantomjs/issues/10389" - magic = rand(2**512).to_s 36 - owner = api_fixture('groups')['anonymously_accessible_project']['uuid'] - col = upload_data_and_get_collection(magic, 'admin', "Hello\\040world.txt", owner) - visit '/collections/' + col.uuid - find('tr,li', text: 'Hello world.txt'). - find('a[title~=View]').click - assert_text magic - end - - [ - 'running anonymously accessible cr', - 'pipelineInstance' - ].each do |proc| - test "anonymous user accesses pipelines and processes tab in shared project and clicks on '#{proc}'" do - visit PUBLIC_PROJECT - click_link 'Data collections' - assert_text 'GNU General Public License' - - click_link 'Pipelines and processes' - assert_text 'Pipeline in publicly accessible project' - - if proc.include? 'pipeline' - verify_pipeline_instance_row - else - verify_container_request_row proc - end - end - end - - def verify_container_request_row look_for - within first('tr', text: look_for) do - click_link 'Show' - end - assert_text 'Public Projects Unrestricted public data' - assert_text 'command' - - assert_text 'zzzzz-tpzed-xurymjxw79nv3jz' # modified by user - assert_no_selector 'a', text: 'zzzzz-tpzed-xurymjxw79nv3jz' - assert_no_selector 'button', text: 'Cancel' - end - - def verify_pipeline_instance_row - within first('tr[data-kind="arvados#pipelineInstance"]') do - assert_text 'Pipeline in publicly accessible project' - click_link 'Show' - end - - # in pipeline instance page - assert_text 'Public Projects Unrestricted public data' - assert_text 'This pipeline is complete' - assert_no_selector 'a', text: 'Re-run with latest' - assert_no_selector 'a', text: 'Re-run options' - end - - [ - 'pipelineTemplate', - 'workflow' - ].each do |type| - test "anonymous user accesses pipeline templates tab in shared project and click on #{type}" do - visit PUBLIC_PROJECT - click_link 'Data collections' - assert_text 'GNU General Public License' - - assert_selector 'a', text: 'Pipeline templates' - - click_link 'Pipeline templates' - assert_text 'Pipeline template in publicly accessible project' - assert_text 'Workflow with input specifications' - - if type == 'pipelineTemplate' - within first('tr[data-kind="arvados#pipelineTemplate"]') do - click_link 'Show' - end - - # in template page - assert_text 'Public Projects Unrestricted public data' - assert_text 'script version' - assert_no_selector 'a', text: 'Run this pipeline' - else - within 'tr[data-kind="arvados#workflow"]', text: "Workflow with default input specifications" do - click_link 'Show' - end - - # in workflow page - assert_text 'Public Projects Unrestricted public data' - assert_text 'this workflow has inputs specified' - end - end - end - - test "anonymous user accesses subprojects tab in shared project" do - visit PUBLIC_PROJECT + '#Subprojects' - - assert_text 'Subproject in anonymous accessible project' - - within first('tr[data-kind="arvados#group"]') do - click_link 'Show' - end - - # in subproject - assert_text 'Description for subproject in anonymous accessible project' - end - - [ - ['pipeline_in_publicly_accessible_project', true], - ['pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false], - ['pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false, 'spectator'], - ['pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', true, 'admin'], - - ['completed_job_in_publicly_accessible_project', true], - ['running_job_in_publicly_accessible_project', true], - ['job_in_publicly_accessible_project_but_other_objects_elsewhere', false], - ].each do |fixture, objects_readable, user=nil| - test "access #{fixture} in public project with objects readable=#{objects_readable} with user #{user}" do - pipeline_page = true if fixture.include?('pipeline') - - if pipeline_page - object = api_fixture('pipeline_instances')[fixture] - page_link = "/pipeline_instances/#{object['uuid']}" - expect_log_text = "Log for foo" - else # job - object = api_fixture('jobs')[fixture] - page_link = "/jobs/#{object['uuid']}" - expect_log_text = "stderr crunchstat" - end - - if user - visit page_with_token user, page_link - else - visit page_link - end - - # click job link, if in pipeline page - click_link 'foo' if pipeline_page - - if objects_readable - assert_selector 'a[href="#Log"]', text: 'Log' - assert_no_selector 'a[data-toggle="disabled"]', text: 'Log' - assert_no_text 'zzzzz-4zz18-bv31uwvy3neko21 (Unavailable)' - if pipeline_page - assert_text 'This pipeline was created from' - job_id = object['components']['foo']['job']['uuid'] - assert_selector 'a', text: job_id - assert_selector "a[href=\"/jobs/#{job_id}#Log\"]", text: 'Log' - - # We'd like to test the Log tab on job pages too, but we can't right - # now because Poltergeist 1.x doesn't support JavaScript's - # Function.prototype.bind, which is used by job_log_graph.js. - find(:xpath, "//a[@href='#Log']").click - assert_text expect_log_text - end - else - assert_selector 'a[data-toggle="disabled"]', text: 'Log' - assert_text 'zzzzz-4zz18-bv31uwvy3neko21 (Unavailable)' - assert_text object['job'] - if pipeline_page - assert_no_text 'This pipeline was created from' # template is not readable - assert_no_selector 'a', text: object['components']['foo']['job']['uuid'] - assert_text 'Log unavailable' - end - find(:xpath, "//a[@href='#Log']").click - assert_text 'zzzzz-4zz18-bv31uwvy3neko21 (Unavailable)' - assert_no_text expect_log_text - end - end - end - - [ - ['new_pipeline_in_publicly_accessible_project', true], - ['new_pipeline_in_publicly_accessible_project', true, 'spectator'], - ['new_pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false], - ['new_pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false, 'spectator'], - ['new_pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', true, 'admin'], - ['new_pipeline_in_publicly_accessible_project_with_dataclass_file_and_other_objects_elsewhere', false], - ['new_pipeline_in_publicly_accessible_project_with_dataclass_file_and_other_objects_elsewhere', false, 'spectator'], - ['new_pipeline_in_publicly_accessible_project_with_dataclass_file_and_other_objects_elsewhere', true, 'admin'], - ].each do |fixture, objects_readable, user=nil| - test "access #{fixture} in public project with objects readable=#{objects_readable} with user #{user}" do - object = api_fixture('pipeline_instances')[fixture] - page = "/pipeline_instances/#{object['uuid']}" - if user - visit page_with_token user, page - else - visit page - end - - # click Components tab - click_link 'Components' - - if objects_readable - assert_text 'This pipeline was created from' - if user == 'admin' - assert_text 'input' - assert_selector 'a', text: 'Choose' - assert_selector 'a', text: 'Run' - assert_no_selector 'a.disabled', text: 'Run' - else - assert_selector 'a', text: object['components']['foo']['script_parameters']['input']['value'] - user ? (assert_selector 'a', text: 'Run') : (assert_no_selector 'a', text: 'Run') - end - else - assert_no_text 'This pipeline was created from' # template is not readable - input = object['components']['foo']['script_parameters']['input']['value'] - assert_no_selector 'a', text: input - if user - input = input.gsub('/', '\\/') - assert_text "One or more inputs provided are not readable" - assert_selector "input[type=text][value=#{input}]" - assert_selector 'a.disabled', text: 'Run' - else - assert_no_text "One or more inputs provided are not readable" - assert_text input - assert_no_selector 'a', text: 'Run' - end - end - end - end -end