X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/7a98271d94163cdc4afa5bfcf275db353bc062d2..d0284f9f1af01be566d671e875f31b12eeca1960:/services/api/test/unit/user_test.rb

diff --git a/services/api/test/unit/user_test.rb b/services/api/test/unit/user_test.rb
index 6cee757ee1..d4f25245c3 100644
--- a/services/api/test/unit/user_test.rb
+++ b/services/api/test/unit/user_test.rb
@@ -7,23 +7,10 @@ class UserTest < ActiveSupport::TestCase
   setup do
     # Make sure system_user exists before making "pre-test users" list
     system_user
-
-    @all_users = User.find(:all)
-
-    @all_users.each do |user|
-      if user.uuid == system_user_uuid
-        @system_user = user
-      elsif user.is_admin && user.is_active
-        @admin_user = user
-      elsif user.is_active && !user.is_admin
-        @active_user = user
-      elsif !user.is_active && !user.is_invited
-        @uninvited_user = user
-      end
-    end
   end
 
   test "check non-admin active user properties" do
+    @active_user = users(:active)     # get the active user
     assert !@active_user.is_admin, 'is_admin should not be set for a non-admin user'
     assert @active_user.is_active, 'user should be active'
     assert @active_user.is_invited, 'is_invited should be set'
@@ -35,12 +22,14 @@ class UserTest < ActiveSupport::TestCase
     assert @active_user.groups_i_can(:read).size > 0, "active user should be able read at least one group"
 
     # non-admin user cannot manage or write other user objects
+    @uninvited_user = users(:inactive_uninvited)     # get the uninvited user
     assert !(@active_user.can? :read=>"#{@uninvited_user.uuid}")
     assert !(@active_user.can? :write=>"#{@uninvited_user.uuid}")
     assert !(@active_user.can? :manage=>"#{@uninvited_user.uuid}")
   end
 
   test "check admin user properties" do
+    @admin_user = users(:admin)     # get the admin user
     assert @admin_user.is_admin, 'is_admin should be set for admin user'
     assert @admin_user.is_active, 'admin user cannot be inactive'
     assert @admin_user.is_invited, 'is_invited should be set'
@@ -56,12 +45,14 @@ class UserTest < ActiveSupport::TestCase
     assert @admin_user.groups_i_can(:manage).size > 0, "admin active user should be able manage at least one group"
 
     # admin user can also write or manage other users
+    @uninvited_user = users(:inactive_uninvited)     # get the uninvited user
     assert @admin_user.can? :read=>"#{@uninvited_user.uuid}"
     assert @admin_user.can? :write=>"#{@uninvited_user.uuid}"
     assert @admin_user.can? :manage=>"#{@uninvited_user.uuid}"
   end
 
   test "check inactive and uninvited user properties" do
+    @uninvited_user = users(:inactive_uninvited)     # get the uninvited user
     assert !@uninvited_user.is_admin, 'is_admin should not be set for a non-admin user'
     assert !@uninvited_user.is_active, 'user should be inactive'
     assert !@uninvited_user.is_invited, 'is_invited should not be set'
@@ -69,7 +60,8 @@ class UserTest < ActiveSupport::TestCase
     assert @uninvited_user.can? :write=>"#{@uninvited_user.uuid}"
     assert @uninvited_user.can? :manage=>"#{@uninvited_user.uuid}"
 
-    assert @uninvited_user.groups_i_can(:read).size == 0, "inactive and uninvited user should not be able read any groups"
+    assert @uninvited_user.groups_i_can(:read).size == 1, "inactive and uninvited user can only read anonymous user group"
+    assert @uninvited_user.groups_i_can(:read).first.ends_with? 'anonymouspublic' , "inactive and uninvited user can only read anonymous user group"
     assert @uninvited_user.groups_i_can(:write).size == 0, "inactive and uninvited user should not be able write to any groups"
     assert @uninvited_user.groups_i_can(:manage).size == 0, "inactive and uninvited user should not be able manage any groups"
   end
@@ -87,8 +79,23 @@ class UserTest < ActiveSupport::TestCase
     assert_equal found_user.identity_url, user.identity_url
   end
 
+  test "full name should not contain spurious whitespace" do
+    set_user_from_auth :admin
+
+    user = User.create ({uuid: 'zzzzz-tpzed-abcdefghijklmno', email: 'foo@example.com' })
+
+    assert_equal '', user.full_name
+
+    user.first_name = 'John'
+    user.last_name = 'Smith'
+
+    assert_equal user.first_name + ' ' + user.last_name, user.full_name
+  end
+
   test "create new user" do
-    Thread.current[:user] = @admin_user   # set admin user as the current user
+    set_user_from_auth :admin
+
+    @all_users = User.find(:all)
 
     user = User.new
     user.first_name = "first_name_for_newly_created_user"
@@ -109,8 +116,22 @@ class UserTest < ActiveSupport::TestCase
     assert_equal(user.first_name, 'first_name_for_newly_created_user_updated')
   end
 
+  test "create new user with notifications" do
+    set_user_from_auth :admin
+
+    user_notification_helper true, 'active-notify-address@example.com', 'inactive-notify-address@example.com'
+    user_notification_helper true, 'active-notify-address@example.com', []
+    user_notification_helper true, [], []
+    user_notification_helper false, 'active-notify-address@example.com', 'inactive-notify-address@example.com'
+    user_notification_helper false, [], 'inactive-notify-address@example.com'
+    user_notification_helper false, [], []
+  end
+
   test "update existing user" do
-    Thread.current[:user] = @active_user    # set active user as current user
+    set_user_from_auth :active    # set active user as current user
+
+    @active_user = users(:active)     # get the active user
+
     @active_user.first_name = "first_name_changed"
     @active_user.save
 
@@ -118,7 +139,7 @@ class UserTest < ActiveSupport::TestCase
     assert_equal(@active_user.first_name, 'first_name_changed')
 
     # admin user also should be able to update the "active" user info
-    Thread.current[:user] = @admin_user # set admin user as current user
+    set_user_from_auth :admin # set admin user as current user
     @active_user.first_name = "first_name_changed_by_admin_for_active_user"
     @active_user.save
 
@@ -127,9 +148,10 @@ class UserTest < ActiveSupport::TestCase
   end
 
   test "delete a user and verify" do
+    @active_user = users(:active)     # get the active user
     active_user_uuid = @active_user.uuid
 
-    Thread.current[:user] = @admin_user
+    set_user_from_auth :admin
     @active_user.delete
 
     found_deleted_user = false
@@ -144,7 +166,7 @@ class UserTest < ActiveSupport::TestCase
   end
 
   test "create new user as non-admin user" do
-    Thread.current[:user] = @active_user
+    set_user_from_auth :active
 
     begin
       user = User.new
@@ -156,7 +178,40 @@ class UserTest < ActiveSupport::TestCase
   end
 
   test "setup new user" do
-    Thread.current[:user] = @admin_user
+    set_user_from_auth :admin
+
+    email = 'foo@example.com'
+    openid_prefix = 'http://openid/prefix'
+
+    user = User.create ({uuid: 'zzzzz-tpzed-abcdefghijklmno', email: email})
+
+    vm = VirtualMachine.create
+
+    response = User.setup user, openid_prefix, 'test_repo', vm.uuid
+
+    resp_user = find_obj_in_resp response, 'User'
+    verify_user resp_user, email
+
+    oid_login_perm = find_obj_in_resp response, 'Link', 'arvados#user'
+
+    verify_link oid_login_perm, 'permission', 'can_login', resp_user[:email],
+        resp_user[:uuid]
+
+    assert_equal openid_prefix, oid_login_perm[:properties]['identity_url_prefix'],
+        'expected identity_url_prefix not found for oid_login_perm'
+
+    group_perm = find_obj_in_resp response, 'Link', 'arvados#group'
+    verify_link group_perm, 'permission', 'can_read', resp_user[:uuid], nil
+
+    repo_perm = find_obj_in_resp response, 'Link', 'arvados#repository'
+    verify_link repo_perm, 'permission', 'can_write', resp_user[:uuid], nil
+
+    vm_perm = find_obj_in_resp response, 'Link', 'arvados#virtualMachine'
+    verify_link vm_perm, 'permission', 'can_login', resp_user[:uuid], vm.uuid
+  end
+
+  test "setup new user with junk in database" do
+    set_user_from_auth :admin
 
     email = 'foo@example.com'
     openid_prefix = 'http://openid/prefix'
@@ -165,6 +220,15 @@ class UserTest < ActiveSupport::TestCase
 
     vm = VirtualMachine.create
 
+    # Set up the bogus Link
+    bad_uuid = 'zzzzz-tpzed-xyzxyzxyzxyzxyz'
+
+    resp_link = Link.create ({tail_uuid: email, link_class: 'permission',
+        name: 'can_login', head_uuid: bad_uuid})
+    resp_link.save(validate: false)
+
+    verify_link resp_link, 'permission', 'can_login', email, bad_uuid
+
     response = User.setup user, openid_prefix, 'test_repo', vm.uuid
 
     resp_user = find_obj_in_resp response, 'User'
@@ -175,7 +239,7 @@ class UserTest < ActiveSupport::TestCase
     verify_link oid_login_perm, 'permission', 'can_login', resp_user[:email],
         resp_user[:uuid]
 
-    assert_equal openid_prefix, oid_login_perm[:properties][:identity_url_prefix],
+    assert_equal openid_prefix, oid_login_perm[:properties]['identity_url_prefix'],
         'expected identity_url_prefix not found for oid_login_perm'
 
     group_perm = find_obj_in_resp response, 'Link', 'arvados#group'
@@ -188,8 +252,10 @@ class UserTest < ActiveSupport::TestCase
     verify_link vm_perm, 'permission', 'can_login', resp_user[:uuid], vm.uuid
   end
 
+
+
   test "setup new user in multiple steps" do
-    Thread.current[:user] = @admin_user
+    set_user_from_auth :admin
 
     email = 'foo@example.com'
     openid_prefix = 'http://openid/prefix'
@@ -204,7 +270,7 @@ class UserTest < ActiveSupport::TestCase
     oid_login_perm = find_obj_in_resp response, 'Link', 'arvados#user'
     verify_link oid_login_perm, 'permission', 'can_login', resp_user[:email],
         resp_user[:uuid]
-    assert_equal openid_prefix, oid_login_perm[:properties][:identity_url_prefix],
+    assert_equal openid_prefix, oid_login_perm[:properties]['identity_url_prefix'],
         'expected identity_url_prefix not found for oid_login_perm'
 
     group_perm = find_obj_in_resp response, 'Link', 'arvados#group'
@@ -286,4 +352,55 @@ class UserTest < ActiveSupport::TestCase
     end
   end
 
+  def user_notification_helper (active, active_recipients, inactive_recipients)
+    Rails.configuration.new_user_notification_recipients = active_recipients
+    Rails.configuration.new_inactive_user_notification_recipients = inactive_recipients
+
+    assert_equal active_recipients, Rails.configuration.new_user_notification_recipients
+    assert_equal inactive_recipients, Rails.configuration.new_inactive_user_notification_recipients
+
+    ActionMailer::Base.deliveries = []
+
+    user = User.new
+    user.first_name = "first_name_for_newly_created_user"
+    user.is_active = active
+    user.save
+
+    new_user_email = nil
+    new_inactive_user_email = nil
+
+    ActionMailer::Base.deliveries.each do |d|
+      if d.subject == "#{Rails.configuration.email_subject_prefix}New user notification" then
+        new_user_email = d
+      elsif d.subject == "#{Rails.configuration.email_subject_prefix}New inactive user notification" then
+        new_inactive_user_email = d
+      end
+    end
+
+    if not active
+      if not inactive_recipients.empty? then
+        assert_not_nil new_inactive_user_email, 'Expected new inactive user email after setup'
+        assert_equal Rails.configuration.user_notifier_email_from, new_inactive_user_email.from[0]
+        assert_equal inactive_recipients, new_inactive_user_email.to[0]
+        assert_equal "#{Rails.configuration.email_subject_prefix}New inactive user notification", new_inactive_user_email.subject
+      else
+        assert_nil new_inactive_user_email, 'Did not expect new inactive user email after setup'
+      end
+    end
+
+    if active
+      assert_nil new_inactive_user_email, 'Expected email after setup'
+      if not active_recipients.empty? then
+        assert_not_nil new_user_email, 'Expected new user email after setup'
+        assert_equal Rails.configuration.user_notifier_email_from, new_user_email.from[0]
+        assert_equal active_recipients, new_user_email.to[0]
+        assert_equal "#{Rails.configuration.email_subject_prefix}New user notification", new_user_email.subject
+      else
+        assert_nil new_user_email, 'Did not expect new user email after setup'
+      end
+    end
+    ActionMailer::Base.deliveries = []
+
+  end
+
 end