X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/6319bc1895aaf8d2a7f944e45e52c960f931a11e..91dc5f1d7f5ad9eb2640f6089e2d0476cbf87c8e:/services/api/test/functional/arvados/v1/groups_controller_test.rb

diff --git a/services/api/test/functional/arvados/v1/groups_controller_test.rb b/services/api/test/functional/arvados/v1/groups_controller_test.rb
index ec0e9f5efb..10534a7061 100644
--- a/services/api/test/functional/arvados/v1/groups_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/groups_controller_test.rb
@@ -41,6 +41,7 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase
     assert_not_includes group_uuids, groups(:aproject).uuid
     assert_not_includes group_uuids, groups(:asubproject).uuid
     assert_includes group_uuids, groups(:private).uuid
+    assert_includes group_uuids, groups(:group_with_no_class).uuid
   end
 
   test "get list of groups with bogus group_class" do
@@ -75,7 +76,6 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase
     get :contents, {
       id: groups(:aproject).uuid,
       format: :json,
-      include_linked: true,
     }
     check_project_contents_response
   end
@@ -85,7 +85,6 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase
     get :contents, {
       id: groups(:aproject).uuid,
       format: :json,
-      include_linked: true,
     }
     check_project_contents_response
   end
@@ -131,11 +130,51 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase
     assert_includes ids, collections(:baz_file_in_asubproject).uuid
   end
 
+  [['asc', :<=],
+   ['desc', :>=]].each do |order, operator|
+    test "user with project read permission can sort project collections #{order}" do
+      authorize_with :project_viewer
+      get :contents, {
+        id: groups(:asubproject).uuid,
+        format: :json,
+        filters: [['uuid', 'is_a', "arvados#collection"]],
+        order: "collections.name #{order}"
+      }
+      sorted_names = json_response['items'].collect { |item| item["name"] }
+      # Here we avoid assuming too much about the database
+      # collation. Both "alice"<"Bob" and "alice">"Bob" can be
+      # correct. Hopefully it _is_ safe to assume that if "a" comes
+      # before "b" in the ascii alphabet, "aX">"bY" is never true for
+      # any strings X and Y.
+      reliably_sortable_names = sorted_names.select do |name|
+        name[0] >= 'a' and name[0] <= 'z'
+      end.uniq do |name|
+        name[0]
+      end
+      # Preserve order of sorted_names. But do not use &=. If
+      # sorted_names has out-of-order duplicates, we want to preserve
+      # them here, so we can detect them and fail the test below.
+      sorted_names.select! do |name|
+        reliably_sortable_names.include? name
+      end
+      actually_checked_anything = false
+      previous = nil
+      sorted_names.each do |entry|
+        if previous
+          assert_operator(previous, operator, entry,
+                          "Entries sorted incorrectly.")
+          actually_checked_anything = true
+        end
+        previous = entry
+      end
+      assert actually_checked_anything, "Didn't even find two names to compare."
+    end
+  end
+
   test 'list objects across multiple projects' do
     authorize_with :project_viewer
     get :contents, {
       format: :json,
-      include_linked: false,
       filters: [['uuid', 'is_a', 'arvados#specimen']]
     }
     assert_response :success
@@ -253,6 +292,20 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase
     end
   end
 
+  test "Collection contents don't include manifest_text" do
+    authorize_with :active
+    get :contents, {
+      id: groups(:aproject).uuid,
+      filters: [["uuid", "is_a", "arvados#collection"]],
+      format: :json,
+    }
+    assert_response :success
+    refute(json_response["items"].any? { |c| not c["portable_data_hash"] },
+           "response included an item without a portable data hash")
+    refute(json_response["items"].any? { |c| c.include?("manifest_text") },
+           "response included an item with a manifest text")
+  end
+
   test 'get writable_by list for owned group' do
     authorize_with :active
     get :show, {
@@ -327,4 +380,72 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase
                  'A Project (2)',
                  "new project name '#{new_project['name']}' was expected to be 'A Project (2)'")
   end
+
+  test "unsharing a project results in hiding it from previously shared user" do
+    # remove sharing link for project
+    @controller = Arvados::V1::LinksController.new
+    authorize_with :admin
+    post :destroy, id: links(:share_starred_project_with_project_viewer).uuid
+    assert_response :success
+
+    # verify that the user can no longer see the project
+    @test_counter = 0  # Reset executed action counter
+    @controller = Arvados::V1::GroupsController.new
+    authorize_with :project_viewer
+    get :index, filters: [['group_class', '=', 'project']], format: :json
+    assert_response :success
+    found_projects = {}
+    json_response['items'].each do |g|
+      found_projects[g['uuid']] = g
+    end
+    assert_equal false, found_projects.include?(groups(:starred_and_shared_active_user_project).uuid)
+
+    # share the project
+    @test_counter = 0
+    @controller = Arvados::V1::LinksController.new
+    authorize_with :system_user
+    post :create, link: {
+      link_class: "permission",
+      name: "can_read",
+      head_uuid: groups(:starred_and_shared_active_user_project).uuid,
+      tail_uuid: users(:project_viewer).uuid,
+    }
+
+    # verify that project_viewer user can now see shared project again
+    @test_counter = 0
+    @controller = Arvados::V1::GroupsController.new
+    authorize_with :project_viewer
+    get :index, filters: [['group_class', '=', 'project']], format: :json
+    assert_response :success
+    found_projects = {}
+    json_response['items'].each do |g|
+      found_projects[g['uuid']] = g
+    end
+    assert_equal true, found_projects.include?(groups(:starred_and_shared_active_user_project).uuid)
+  end
+
+  [
+    [['owner_uuid', '!=', 'zzzzz-tpzed-xurymjxw79nv3jz'], 200,
+        'zzzzz-d1hrv-subprojpipeline', 'zzzzz-d1hrv-1xfj6xkicf2muk2'],
+    [["pipeline_instances.state", "not in", ["Complete", "Failed"]], 200,
+        'zzzzz-d1hrv-1xfj6xkicf2muk2', 'zzzzz-d1hrv-i3e77t9z5y8j9cc'],
+    [['container_requests.requesting_container_uuid', '=', nil], 200,
+        'zzzzz-xvhdp-cr4queuedcontnr', 'zzzzz-xvhdp-cr4requestercn2'],
+    [['container_requests.no_such_column', '=', nil], 422],
+    [['container_requests.', '=', nil], 422],
+    [['.requesting_container_uuid', '=', nil], 422],
+    [['no_such_table.uuid', '!=', 'zzzzz-tpzed-xurymjxw79nv3jz'], 422],
+  ].each do |filter, expect_code, expect_uuid, not_expect_uuid|
+    test "get contents with '#{filter}' filter" do
+      authorize_with :active
+      get :contents, filters: [filter], format: :json
+      assert_response expect_code
+      if expect_code == 200
+        assert_not_empty json_response['items']
+        item_uuids = json_response['items'].collect {|item| item['uuid']}
+        assert_includes(item_uuids, expect_uuid)
+        assert_not_includes(item_uuids, not_expect_uuid)
+      end
+    end
+  end
 end