X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/609646134bcd8fc3a7fd500848220741ecc4a9d2..8a0e9c549595e114a0eadc9d6792a17fb59d0f3e:/services/api/test/functional/arvados/v1/groups_controller_test.rb diff --git a/services/api/test/functional/arvados/v1/groups_controller_test.rb b/services/api/test/functional/arvados/v1/groups_controller_test.rb index 646089d5dd..ff86f04933 100644 --- a/services/api/test/functional/arvados/v1/groups_controller_test.rb +++ b/services/api/test/functional/arvados/v1/groups_controller_test.rb @@ -1,22 +1,26 @@ +# Copyright (C) The Arvados Authors. All rights reserved. +# +# SPDX-License-Identifier: AGPL-3.0 + require 'test_helper' class Arvados::V1::GroupsControllerTest < ActionController::TestCase test "attempt to delete group without read or write access" do authorize_with :active - post :destroy, id: groups(:empty_lonely_group).uuid + post :destroy, params: {id: groups(:empty_lonely_group).uuid} assert_response 404 end test "attempt to delete group without write access" do authorize_with :active - post :destroy, id: groups(:all_users).uuid + post :destroy, params: {id: groups(:all_users).uuid} assert_response 403 end test "get list of projects" do authorize_with :active - get :index, filters: [['group_class', '=', 'project']], format: :json + get :index, params: {filters: [['group_class', '=', 'project']], format: :json} assert_response :success group_uuids = [] json_response['items'].each do |group| @@ -31,7 +35,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test "get list of groups that are not projects" do authorize_with :active - get :index, filters: [['group_class', '!=', 'project']], format: :json + get :index, params: {filters: [['group_class', '!=', 'project']], format: :json} assert_response :success group_uuids = [] json_response['items'].each do |group| @@ -46,7 +50,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test "get list of groups with bogus group_class" do authorize_with :active - get :index, { + get :index, params: { filters: [['group_class', '=', 'nogrouphasthislittleclass']], format: :json, } @@ -77,7 +81,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test 'get group-owned objects' do authorize_with :active - get :contents, { + get :contents, params: { id: groups(:aproject).uuid, format: :json, } @@ -86,7 +90,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test "user with project read permission can see project objects" do authorize_with :project_viewer - get :contents, { + get :contents, params: { id: groups(:aproject).uuid, format: :json, } @@ -95,7 +99,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test "list objects across projects" do authorize_with :project_viewer - get :contents, { + get :contents, params: { format: :json, filters: [['uuid', 'is_a', 'arvados#specimen']] } @@ -112,10 +116,30 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase end end + test "list trashed collections and projects" do + authorize_with :active + get(:contents, params: { + format: :json, + include_trash: true, + filters: [ + ['uuid', 'is_a', ['arvados#collection', 'arvados#group']], + ['is_trashed', '=', true], + ], + limit: 10000, + }) + assert_response :success + found_uuids = json_response['items'].collect { |i| i['uuid'] } + assert_includes found_uuids, groups(:trashed_project).uuid + refute_includes found_uuids, groups(:aproject).uuid + assert_includes found_uuids, collections(:expired_collection).uuid + refute_includes found_uuids, collections(:w_a_z_file).uuid + end + test "list objects in home project" do authorize_with :active - get :contents, { + get :contents, params: { format: :json, + limit: 200, id: users(:active).uuid } assert_response :success @@ -126,7 +150,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test "user with project read permission can see project collections" do authorize_with :project_viewer - get :contents, { + get :contents, params: { id: groups(:asubproject).uuid, format: :json, } @@ -134,64 +158,59 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase assert_includes ids, collections(:baz_file_in_asubproject).uuid end - [['asc', :<=], - ['desc', :>=]].each do |order, operator| - test "user with project read permission can sort project collections #{order}" do + [ + ['collections.name', 'asc', :<=, "name"], + ['collections.name', 'desc', :>=, "name"], + ['name', 'asc', :<=, "name"], + ['name', 'desc', :>=, "name"], + ['collections.created_at', 'asc', :<=, "created_at"], + ['collections.created_at', 'desc', :>=, "created_at"], + ['created_at', 'asc', :<=, "created_at"], + ['created_at', 'desc', :>=, "created_at"], + ].each do |column, order, operator, field| + test "user with project read permission can sort projects on #{column} #{order}" do authorize_with :project_viewer - get :contents, { + get :contents, params: { id: groups(:asubproject).uuid, format: :json, filters: [['uuid', 'is_a', "arvados#collection"]], - order: "collections.name #{order}" + order: "#{column} #{order}" } - sorted_names = json_response['items'].collect { |item| item["name"] } - # Here we avoid assuming too much about the database - # collation. Both "alice"<"Bob" and "alice">"Bob" can be - # correct. Hopefully it _is_ safe to assume that if "a" comes - # before "b" in the ascii alphabet, "aX">"bY" is never true for - # any strings X and Y. - reliably_sortable_names = sorted_names.select do |name| - name[0] >= 'a' and name[0] <= 'z' - end.uniq do |name| - name[0] - end - # Preserve order of sorted_names. But do not use &=. If - # sorted_names has out-of-order duplicates, we want to preserve - # them here, so we can detect them and fail the test below. - sorted_names.select! do |name| - reliably_sortable_names.include? name - end - actually_checked_anything = false - previous = nil - sorted_names.each do |entry| - if previous - assert_operator(previous, operator, entry, - "Entries sorted incorrectly.") - actually_checked_anything = true + sorted_values = json_response['items'].collect { |item| item[field] } + if field == "name" + # Here we avoid assuming too much about the database + # collation. Both "alice"<"Bob" and "alice">"Bob" can be + # correct. Hopefully it _is_ safe to assume that if "a" comes + # before "b" in the ascii alphabet, "aX">"bY" is never true for + # any strings X and Y. + reliably_sortable_names = sorted_values.select do |name| + name[0] >= 'a' && name[0] <= 'z' + end.uniq do |name| + name[0] + end + # Preserve order of sorted_values. But do not use &=. If + # sorted_values has out-of-order duplicates, we want to preserve + # them here, so we can detect them and fail the test below. + sorted_values.select! do |name| + reliably_sortable_names.include? name end - previous = entry end - assert actually_checked_anything, "Didn't even find two names to compare." + assert_sorted(operator, sorted_values) end end - test 'list objects across multiple projects' do - authorize_with :project_viewer - get :contents, { - format: :json, - filters: [['uuid', 'is_a', 'arvados#specimen']] - } - assert_response :success - found_uuids = json_response['items'].collect { |i| i['uuid'] } - [[:in_aproject, true], - [:in_asubproject, true], - [:owned_by_private_group, false]].each do |specimen_fixture, should_find| - if should_find - assert_includes found_uuids, specimens(specimen_fixture).uuid, "did not find specimen fixture '#{specimen_fixture}'" - else - refute_includes found_uuids, specimens(specimen_fixture).uuid, "found specimen fixture '#{specimen_fixture}'" + def assert_sorted(operator, sorted_items) + actually_checked_anything = false + previous = nil + sorted_items.each do |entry| + if !previous.nil? + assert_operator(previous, operator, entry, + "Entries sorted incorrectly.") + actually_checked_anything = true end + previous = entry end + assert actually_checked_anything, "Didn't even find two items to compare." end # Even though the project_viewer tests go through other controllers, @@ -199,11 +218,13 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase # project tests. def check_new_project_link_fails(link_attrs) @controller = Arvados::V1::LinksController.new - post :create, link: { - link_class: "permission", - name: "can_read", - head_uuid: groups(:aproject).uuid, - }.merge(link_attrs) + post :create, params: { + link: { + link_class: "permission", + name: "can_read", + head_uuid: groups(:aproject).uuid, + }.merge(link_attrs) + } assert_includes(403..422, response.status) end @@ -220,7 +241,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test "user with project read permission can't rename items in it" do authorize_with :project_viewer @controller = Arvados::V1::LinksController.new - post :update, { + post :update, params: { id: jobs(:running).uuid, name: "Denied test name", } @@ -230,7 +251,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test "user with project read permission can't remove items from it" do @controller = Arvados::V1::PipelineTemplatesController.new authorize_with :project_viewer - post :update, { + post :update, params: { id: pipeline_templates(:two_part).uuid, pipeline_template: { owner_uuid: users(:project_viewer).uuid, @@ -241,13 +262,13 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test "user with project read permission can't delete it" do authorize_with :project_viewer - post :destroy, {id: groups(:aproject).uuid} + post :destroy, params: {id: groups(:aproject).uuid} assert_response 403 end test 'get group-owned objects with limit' do authorize_with :active - get :contents, { + get :contents, params: { id: groups(:aproject).uuid, limit: 1, format: :json, @@ -259,7 +280,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test 'get group-owned objects with limit and offset' do authorize_with :active - get :contents, { + get :contents, params: { id: groups(:aproject).uuid, limit: 1, offset: 12345, @@ -272,7 +293,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test 'get group-owned objects with additional filter matching nothing' do authorize_with :active - get :contents, { + get :contents, params: { id: groups(:aproject).uuid, filters: [['uuid', 'in', ['foo_not_a_uuid','bar_not_a_uuid']]], format: :json, @@ -286,7 +307,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase ['foo', '', '1234five', '0x10', '-8'].each do |val| test "Raise error on bogus #{arg} parameter #{val.inspect}" do authorize_with :active - get :contents, { + get :contents, params: { :id => groups(:aproject).uuid, :format => :json, arg => val, @@ -298,7 +319,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test "Collection contents don't include manifest_text" do authorize_with :active - get :contents, { + get :contents, params: { id: groups(:aproject).uuid, filters: [["uuid", "is_a", "arvados#collection"]], format: :json, @@ -312,7 +333,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test 'get writable_by list for owned group' do authorize_with :active - get :show, { + get :show, params: { id: groups(:aproject).uuid, format: :json } @@ -325,7 +346,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test 'no writable_by list for group with read-only access' do authorize_with :rominiadmin - get :show, { + get :show, params: { id: groups(:testusergroup_admins).uuid, format: :json } @@ -337,7 +358,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test 'get writable_by list by admin user' do authorize_with :admin - get :show, { + get :show, params: { id: groups(:testusergroup_admins).uuid, format: :json } @@ -351,7 +372,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test 'creating subproject with duplicate name fails' do authorize_with :active - post :create, { + post :create, params: { group: { name: 'A Project', owner_uuid: users(:active).uuid, @@ -367,7 +388,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase test 'creating duplicate named subproject succeeds with ensure_unique_name' do authorize_with :active - post :create, { + post :create, params: { group: { name: 'A Project', owner_uuid: users(:active).uuid, @@ -384,49 +405,6 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase new_project['name']) end - test "unsharing a project results in hiding it from previously shared user" do - # remove sharing link for project - @controller = Arvados::V1::LinksController.new - authorize_with :admin - post :destroy, id: links(:share_starred_project_with_project_viewer).uuid - assert_response :success - - # verify that the user can no longer see the project - @test_counter = 0 # Reset executed action counter - @controller = Arvados::V1::GroupsController.new - authorize_with :project_viewer - get :index, filters: [['group_class', '=', 'project']], format: :json - assert_response :success - found_projects = {} - json_response['items'].each do |g| - found_projects[g['uuid']] = g - end - assert_equal false, found_projects.include?(groups(:starred_and_shared_active_user_project).uuid) - - # share the project - @test_counter = 0 - @controller = Arvados::V1::LinksController.new - authorize_with :system_user - post :create, link: { - link_class: "permission", - name: "can_read", - head_uuid: groups(:starred_and_shared_active_user_project).uuid, - tail_uuid: users(:project_viewer).uuid, - } - - # verify that project_viewer user can now see shared project again - @test_counter = 0 - @controller = Arvados::V1::GroupsController.new - authorize_with :project_viewer - get :index, filters: [['group_class', '=', 'project']], format: :json - assert_response :success - found_projects = {} - json_response['items'].each do |g| - found_projects[g['uuid']] = g - end - assert_equal true, found_projects.include?(groups(:starred_and_shared_active_user_project).uuid) - end - [ [['owner_uuid', '!=', 'zzzzz-tpzed-xurymjxw79nv3jz'], 200, 'zzzzz-d1hrv-subprojpipeline', 'zzzzz-d1hrv-1xfj6xkicf2muk2'], @@ -441,7 +419,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase ].each do |filter, expect_code, expect_uuid, not_expect_uuid| test "get contents with '#{filter}' filter" do authorize_with :active - get :contents, filters: [filter], format: :json + get :contents, params: {filters: [filter], format: :json} assert_response expect_code if expect_code == 200 assert_not_empty json_response['items'] @@ -453,13 +431,379 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase end test 'get contents with jobs and pipeline instances disabled' do - Rails.configuration.disable_api_methods = ['jobs.index', 'pipeline_instances.index'] + Rails.configuration.API["DisabledAPIs"] = ['jobs.index', 'pipeline_instances.index'] authorize_with :active - get :contents, { + get :contents, params: { id: groups(:aproject).uuid, format: :json, } check_project_contents_response %w'arvados#pipelineInstance arvados#job' end + + test 'get contents with low max_index_database_read' do + # Some result will certainly have at least 12 bytes in a + # restricted column + Rails.configuration.API["MaxIndexDatabaseRead"] = 12 + authorize_with :active + get :contents, params: { + id: groups(:aproject).uuid, + format: :json, + } + assert_response :success + assert_not_empty(json_response['items']) + assert_operator(json_response['items'].count, + :<, json_response['items_available']) + end + + test 'get contents, recursive=true' do + authorize_with :active + params = { + id: groups(:aproject).uuid, + recursive: true, + format: :json, + } + get :contents, params: params + owners = json_response['items'].map do |item| + item['owner_uuid'] + end + assert_includes(owners, groups(:aproject).uuid) + assert_includes(owners, groups(:asubproject).uuid) + end + + [false, nil].each do |recursive| + test "get contents, recursive=#{recursive.inspect}" do + authorize_with :active + params = { + id: groups(:aproject).uuid, + format: :json, + } + params[:recursive] = false if recursive == false + get :contents, params: params + owners = json_response['items'].map do |item| + item['owner_uuid'] + end + assert_includes(owners, groups(:aproject).uuid) + refute_includes(owners, groups(:asubproject).uuid) + end + end + + test 'get home project contents, recursive=true' do + authorize_with :active + get :contents, params: { + id: users(:active).uuid, + recursive: true, + format: :json, + } + owners = json_response['items'].map do |item| + item['owner_uuid'] + end + assert_includes(owners, users(:active).uuid) + assert_includes(owners, groups(:aproject).uuid) + assert_includes(owners, groups(:asubproject).uuid) + end + + ### trashed project tests ### + + [:active, :admin].each do |auth| + # project: to query, to untrash, is visible, parent contents listing success + [[:trashed_project, [], false, true], + [:trashed_project, [:trashed_project], true, true], + [:trashed_subproject, [], false, false], + [:trashed_subproject, [:trashed_project], true, true], + [:trashed_subproject3, [:trashed_project], false, true], + [:trashed_subproject3, [:trashed_subproject3], false, false], + [:trashed_subproject3, [:trashed_project, :trashed_subproject3], true, true], + ].each do |project, untrash, visible, success| + + test "contents listing #{project} #{untrash} as #{auth}" do + authorize_with auth + untrash.each do |pr| + Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false + end + get :contents, params: { + id: groups(project).owner_uuid, + format: :json + } + if success + assert_response :success + item_uuids = json_response['items'].map do |item| + item['uuid'] + end + if visible + assert_includes(item_uuids, groups(project).uuid) + else + assert_not_includes(item_uuids, groups(project).uuid) + end + else + assert_response 404 + end + end + + test "contents of #{project} #{untrash} as #{auth}" do + authorize_with auth + untrash.each do |pr| + Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false + end + get :contents, params: { + id: groups(project).uuid, + format: :json + } + if visible + assert_response :success + else + assert_response 404 + end + end + + test "index #{project} #{untrash} as #{auth}" do + authorize_with auth + untrash.each do |pr| + Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false + end + get :index, params: { + format: :json, + } + assert_response :success + item_uuids = json_response['items'].map do |item| + item['uuid'] + end + if visible + assert_includes(item_uuids, groups(project).uuid) + else + assert_not_includes(item_uuids, groups(project).uuid) + end + end + + test "show #{project} #{untrash} as #{auth}" do + authorize_with auth + untrash.each do |pr| + Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false + end + get :show, params: { + id: groups(project).uuid, + format: :json + } + if visible + assert_response :success + else + assert_response 404 + end + end + + test "show include_trash #{project} #{untrash} as #{auth}" do + authorize_with auth + untrash.each do |pr| + Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false + end + get :show, params: { + id: groups(project).uuid, + format: :json, + include_trash: true + } + assert_response :success + end + + test "index include_trash #{project} #{untrash} as #{auth}" do + authorize_with auth + untrash.each do |pr| + Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false + end + get :index, params: { + format: :json, + include_trash: true + } + assert_response :success + item_uuids = json_response['items'].map do |item| + item['uuid'] + end + assert_includes(item_uuids, groups(project).uuid) + end + end + + test "delete project #{auth}" do + authorize_with auth + [:trashed_project].each do |pr| + Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false + end + assert !Group.find_by_uuid(groups(:trashed_project).uuid).is_trashed + post :destroy, params: { + id: groups(:trashed_project).uuid, + format: :json, + } + assert_response :success + assert Group.find_by_uuid(groups(:trashed_project).uuid).is_trashed + end + + test "untrash project #{auth}" do + authorize_with auth + assert Group.find_by_uuid(groups(:trashed_project).uuid).is_trashed + post :untrash, params: { + id: groups(:trashed_project).uuid, + format: :json, + } + assert_response :success + assert !Group.find_by_uuid(groups(:trashed_project).uuid).is_trashed + end + + test "untrash project with name conflict #{auth}" do + authorize_with auth + [:trashed_project].each do |pr| + Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false + end + gc = Group.create!({owner_uuid: "zzzzz-j7d0g-trashedproject1", + name: "trashed subproject 3", + group_class: "project"}) + post :untrash, params: { + id: groups(:trashed_subproject3).uuid, + format: :json, + ensure_unique_name: true + } + assert_response :success + assert_match /^trashed subproject 3 \(\d{4}-\d\d-\d\d.*?Z\)$/, json_response['name'] + end + + test "move trashed subproject to new owner #{auth}" do + authorize_with auth + assert_nil Group.readable_by(users(auth)).where(uuid: groups(:trashed_subproject).uuid).first + put :update, params: { + id: groups(:trashed_subproject).uuid, + group: { + owner_uuid: users(:active).uuid + }, + include_trash: true, + format: :json, + } + assert_response :success + assert_not_nil Group.readable_by(users(auth)).where(uuid: groups(:trashed_subproject).uuid).first + end + end + + test 'get shared owned by another user' do + authorize_with :user_bar_in_sharing_group + + act_as_system_user do + Link.create!( + tail_uuid: users(:user_bar_in_sharing_group).uuid, + link_class: 'permission', + name: 'can_read', + head_uuid: groups(:project_owned_by_foo).uuid) + end + + get :shared, params: {:filters => [["group_class", "=", "project"]], :include => "owner_uuid"} + + assert_equal 1, json_response['items'].length + assert_equal json_response['items'][0]["uuid"], groups(:project_owned_by_foo).uuid + + assert_equal 1, json_response['included'].length + assert_equal json_response['included'][0]["uuid"], users(:user_foo_in_sharing_group).uuid + end + + test 'get shared, owned by unreadable project' do + authorize_with :user_bar_in_sharing_group + + act_as_system_user do + Group.find_by_uuid(groups(:project_owned_by_foo).uuid).update!(owner_uuid: groups(:aproject).uuid) + Link.create!( + tail_uuid: users(:user_bar_in_sharing_group).uuid, + link_class: 'permission', + name: 'can_read', + head_uuid: groups(:project_owned_by_foo).uuid) + end + + get :shared, params: {:filters => [["group_class", "=", "project"]], :include => "owner_uuid"} + + assert_equal 1, json_response['items'].length + assert_equal json_response['items'][0]["uuid"], groups(:project_owned_by_foo).uuid + + assert_equal 0, json_response['included'].length + end + + test 'get shared, owned by non-project' do + authorize_with :user_bar_in_sharing_group + + act_as_system_user do + Group.find_by_uuid(groups(:project_owned_by_foo).uuid).update!(owner_uuid: groups(:group_for_sharing_tests).uuid) + end + + get :shared, params: {:filters => [["group_class", "=", "project"]], :include => "owner_uuid"} + + assert_equal 1, json_response['items'].length + assert_equal json_response['items'][0]["uuid"], groups(:project_owned_by_foo).uuid + + assert_equal 1, json_response['included'].length + assert_equal json_response['included'][0]["uuid"], groups(:group_for_sharing_tests).uuid + end + + ### contents with exclude_home_project + + test 'contents, exclude home owned by another user' do + authorize_with :user_bar_in_sharing_group + + act_as_system_user do + Link.create!( + tail_uuid: users(:user_bar_in_sharing_group).uuid, + link_class: 'permission', + name: 'can_read', + head_uuid: groups(:project_owned_by_foo).uuid) + Link.create!( + tail_uuid: users(:user_bar_in_sharing_group).uuid, + link_class: 'permission', + name: 'can_read', + head_uuid: collections(:collection_owned_by_foo).uuid) + end + + get :contents, params: {:include => "owner_uuid", :exclude_home_project => true} + + assert_equal 2, json_response['items'].length + assert_equal json_response['items'][0]["uuid"], groups(:project_owned_by_foo).uuid + assert_equal json_response['items'][1]["uuid"], collections(:collection_owned_by_foo).uuid + + assert_equal 1, json_response['included'].length + assert_equal json_response['included'][0]["uuid"], users(:user_foo_in_sharing_group).uuid + end + + test 'contents, exclude home, owned by unreadable project' do + authorize_with :user_bar_in_sharing_group + + act_as_system_user do + Group.find_by_uuid(groups(:project_owned_by_foo).uuid).update!(owner_uuid: groups(:aproject).uuid) + Link.create!( + tail_uuid: users(:user_bar_in_sharing_group).uuid, + link_class: 'permission', + name: 'can_read', + head_uuid: groups(:project_owned_by_foo).uuid) + end + + get :contents, params: {:include => "owner_uuid", :exclude_home_project => true} + + assert_equal 1, json_response['items'].length + assert_equal json_response['items'][0]["uuid"], groups(:project_owned_by_foo).uuid + + assert_equal 0, json_response['included'].length + end + + test 'contents, exclude home, owned by non-project' do + authorize_with :user_bar_in_sharing_group + + act_as_system_user do + Group.find_by_uuid(groups(:project_owned_by_foo).uuid).update!(owner_uuid: groups(:group_for_sharing_tests).uuid) + end + + get :contents, params: {:include => "owner_uuid", :exclude_home_project => true} + + assert_equal 1, json_response['items'].length + assert_equal json_response['items'][0]["uuid"], groups(:project_owned_by_foo).uuid + + assert_equal 1, json_response['included'].length + assert_equal json_response['included'][0]["uuid"], groups(:group_for_sharing_tests).uuid + end + + test 'contents, exclude home, with parent specified' do + authorize_with :active + + get :contents, params: {id: groups(:aproject).uuid, :include => "owner_uuid", :exclude_home_project => true} + + assert_response 422 + end end