X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/7f2c45b1312014831e2efd8aa0fb8a116085b036..c674deff8855005e39b5ddf230372cb241bc22b3:/apps/workbench/test/integration/anonymous_access_test.rb diff --git a/apps/workbench/test/integration/anonymous_access_test.rb b/apps/workbench/test/integration/anonymous_access_test.rb index 43bbf96cf3..1b187e7b05 100644 --- a/apps/workbench/test/integration/anonymous_access_test.rb +++ b/apps/workbench/test/integration/anonymous_access_test.rb @@ -8,21 +8,11 @@ class AnonymousAccessTest < ActionDispatch::IntegrationTest setup do need_javascript - end - - def visit_publicly_accessible_project token=nil, path=nil Rails.configuration.anonymous_user_token = api_fixture('api_client_authorizations')['anonymous']['api_token'] - - path = "/projects/#{api_fixture('groups')['anonymously_accessible_project']['uuid']}" if !path - - if token - visit page_with_token(token, path) - else - visit path - assert_text 'Unrestricted public data' if path.include? 'anonymously_accessible_project' - end end + PUBLIC_PROJECT = "/projects/#{api_fixture('groups')['anonymously_accessible_project']['uuid']}" + def verify_site_navigation_anonymous_enabled user, is_active if user if user['is_active'] @@ -32,6 +22,7 @@ class AnonymousAccessTest < ActionDispatch::IntegrationTest assert_text 'indicate that you have read and accepted the user agreement' end within('.navbar-fixed-top') do + assert_selector 'a', text: Rails.configuration.site_name.downcase assert_selector 'a', text: "#{user['email']}" find('a', text: "#{user['email']}").click within('.dropdown-menu') do @@ -41,6 +32,8 @@ class AnonymousAccessTest < ActionDispatch::IntegrationTest else # anonymous assert_text 'Unrestricted public data' within('.navbar-fixed-top') do + assert_text Rails.configuration.site_name.downcase + assert_no_selector 'a', text: Rails.configuration.site_name.downcase assert_selector 'a', text: 'Log in' end end @@ -52,28 +45,20 @@ class AnonymousAccessTest < ActionDispatch::IntegrationTest ['active', api_fixture('users')['active'], true, true], ].each do |token, user, is_active| test "visit public project as user #{token.inspect} when anonymous browsing is enabled" do - visit_publicly_accessible_project token + if !token + visit PUBLIC_PROJECT + else + visit page_with_token(token, PUBLIC_PROJECT) + end + verify_site_navigation_anonymous_enabled user, is_active end end - test "visit non-public project as anonymous when anonymous browsing is enabled and expect page not found" do - visit_publicly_accessible_project nil, - "/projects/#{api_fixture('groups')['aproject']['uuid']}" - assert_text 'Not Found' - end - - test "anonymous user clicking on topnav sees login page" do - visit_publicly_accessible_project - - # click on topnav - click_link 'workbench:test' - assert_text 'Please log in' - end - test "selection actions when anonymous user accesses shared project" do - visit_publicly_accessible_project + visit PUBLIC_PROJECT + assert_selector 'a', text: 'Description' assert_selector 'a', text: 'Data collections' assert_selector 'a', text: 'Jobs and pipelines' assert_selector 'a', text: 'Pipeline templates' @@ -82,6 +67,7 @@ class AnonymousAccessTest < ActionDispatch::IntegrationTest assert_no_selector 'a', text: 'Other objects' assert_no_selector 'button', text: 'Add data' + click_link 'Data collections' click_button 'Selection' within('.selection-action-container') do assert_selector 'li', text: 'Compare selected' @@ -93,40 +79,55 @@ class AnonymousAccessTest < ActionDispatch::IntegrationTest end test "anonymous user accesses data collections tab in shared project" do - visit_publicly_accessible_project + visit PUBLIC_PROJECT + click_link 'Data collections' + collection = api_fixture('collections')['user_agreement_in_anonymously_accessible_project'] assert_text 'GNU General Public License' assert_selector 'a', text: 'Data collections' # click on show collection - within first('tr[data-kind="arvados#collection"]') do + within "tr[data-object-uuid=\"#{collection['uuid']}\"]" do click_link 'Show' end # in collection page assert_no_selector 'input', text: 'Create sharing link' + assert_no_text 'Sharing and permissions' assert_no_selector 'a', text: 'Upload' assert_no_selector 'button', 'Selection' - within ('#collection_files') do - assert_text 'GNU_General_Public_License,_version_3.pdf' - # how do i assert the view and download link existence? + within '#collection_files tr,li', text: 'GNU_General_Public_License,_version_3.pdf' do + assert page.has_no_selector?('[value*="GNU_General_Public_License"]') + find 'a[title~=View]' + find 'a[title~=Download]' end end + test 'view file' do + magic = rand(2**512).to_s 36 + CollectionsController.any_instance.stubs(:file_enumerator).returns([magic]) + collection = api_fixture('collections')['public_text_file'] + visit '/collections/' + collection['uuid'] + find('tr,li', text: 'Hello world.txt'). + find('a[title~=View]').click + assert_text magic + end + [ 'running_job', 'completed_job', 'pipelineInstance' ].each do |type| test "anonymous user accesses jobs and pipelines tab in shared project and clicks on #{type}" do - visit_publicly_accessible_project + visit PUBLIC_PROJECT + click_link 'Data collections' assert_text 'GNU General Public License' click_link 'Jobs and pipelines' assert_text 'Pipeline in publicly accessible project' - # click on type specified collection + # click on the specified job if type.include? 'job' verify_job_row type else @@ -139,11 +140,11 @@ class AnonymousAccessTest < ActionDispatch::IntegrationTest within first('tr', text: look_for) do click_link 'Show' end + assert_text 'Public Projects Unrestricted public data' assert_text 'script_version' assert_text 'zzzzz-tpzed-xurymjxw79nv3jz' # modified by user assert_no_selector 'a', text: 'zzzzz-tpzed-xurymjxw79nv3jz' - #assert_no_selector 'a', text: 'Log' # this is finding 'Log in' assert_no_selector 'a', text: 'Move job' assert_no_selector 'button', text: 'Cancel' assert_no_selector 'button', text: 'Re-run job' @@ -156,13 +157,15 @@ class AnonymousAccessTest < ActionDispatch::IntegrationTest end # in pipeline instance page + assert_text 'Public Projects Unrestricted public data' assert_text 'This pipeline is complete' assert_no_selector 'a', text: 'Re-run with latest' assert_no_selector 'a', text: 'Re-run options' end test "anonymous user accesses pipeline templates tab in shared project" do - visit_publicly_accessible_project + visit PUBLIC_PROJECT + click_link 'Data collections' assert_text 'GNU General Public License' assert_selector 'a', text: 'Pipeline templates' @@ -175,24 +178,127 @@ class AnonymousAccessTest < ActionDispatch::IntegrationTest end # in template page + assert_text 'Public Projects Unrestricted public data' assert_text 'script version' assert_no_selector 'a', text: 'Run this pipeline' end [ - '/users', - '/groups', - ].each do |page| - test "anonymous user accesses publicly accessible project and then traverses to #{page}" do - # when anonymous, first visit publicly accessible project - visit_publicly_accessible_project - visit page - - if page == '/users' - assert_no_selector 'a', text: 'Add a new user' - elsif page == '/groups' - assert_no_selector 'button', text: 'Add a new group' + ['pipeline_in_publicly_accessible_project', true], + ['pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false], + ['pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false, 'spectator'], + ['pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', true, 'admin'], + + ['completed_job_in_publicly_accessible_project', true], + ['job_in_publicly_accessible_project_but_other_objects_elsewhere', false], + ].each do |fixture, objects_readable, user=nil| + test "access #{fixture} in public project with objects readable=#{objects_readable} with user #{user}" do + pipeline_page = true if fixture.include?('pipeline') + + if pipeline_page + object = api_fixture('pipeline_instances')[fixture] + page = "/pipeline_instances/#{object['uuid']}" + else # job + object = api_fixture('jobs')[fixture] + page = "/jobs/#{object['uuid']}" + end + + if user + visit page_with_token user, page + else + visit page + end + + # click job link, if in pipeline page + click_link 'foo' if pipeline_page + + if objects_readable + if pipeline_page + assert_text 'This pipeline was created from' + assert_selector 'a', text: object['components']['foo']['job']['uuid'] + end + assert_no_text 'Output data not available' + assert_selector 'a[href="#Log"]', text: 'Log' + assert_no_selector 'a[data-toggle="disabled"]', text: 'Log' + else + if pipeline_page + assert_no_text 'This pipeline was created from' # template is not readable + assert_no_selector 'a', text: object['components']['foo']['job']['uuid'] + end + assert_text 'Output data not available' + assert_text object['job'] + assert_selector 'a[data-toggle="disabled"]', text: 'Log' + end + + click_link 'Log' + if objects_readable + assert_no_text 'foo' # should be in Log tab + assert_text 'stderr crunchstat' if pipeline_page + else + assert_text 'foo' # Log tab disabled and hence still in first tab + assert_no_text 'stderr crunchstat' # log line shouldn't be seen end end end + + [ + ['new_pipeline_in_publicly_accessible_project', true], + ['new_pipeline_in_publicly_accessible_project', true, 'spectator'], + ['new_pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false], + ['new_pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', false, 'spectator'], + ['new_pipeline_in_publicly_accessible_project_but_other_objects_elsewhere', true, 'admin'], + ['new_pipeline_in_publicly_accessible_project_with_dataclass_file_and_other_objects_elsewhere', false], + ['new_pipeline_in_publicly_accessible_project_with_dataclass_file_and_other_objects_elsewhere', false, 'spectator'], + ['new_pipeline_in_publicly_accessible_project_with_dataclass_file_and_other_objects_elsewhere', true, 'admin'], + ].each do |fixture, objects_readable, user=nil| + test "access #{fixture} in public project with objects readable=#{objects_readable} with user #{user}" do + object = api_fixture('pipeline_instances')[fixture] + page = "/pipeline_instances/#{object['uuid']}" + if user + visit page_with_token user, page + else + visit page + end + + # click Components tab + click_link 'Components' + + if objects_readable + assert_text 'This pipeline was created from' + if user == 'admin' + assert_text 'input' + assert_selector 'a', text: 'Choose' + assert_selector 'a', text: 'Run' + assert_no_selector 'a.disabled', text: 'Run' + else + assert_selector 'a', text: object['components']['foo']['script_parameters']['input']['value'] + user ? (assert_selector 'a', text: 'Run') : (assert_no_selector 'a', text: 'Run') + end + else + assert_no_text 'This pipeline was created from' # template is not readable + input = object['components']['foo']['script_parameters']['input']['value'] + assert_no_selector 'a', text: input + if user + input = input.gsub('/', '\\/') + assert_text "One or more inputs provided are not readable" + assert_selector "input[type=text][value=#{input}]" + assert_selector 'a.disabled', text: 'Run' + else + assert_no_text "One or more inputs provided are not readable" + assert_text input + assert_no_selector 'a', text: 'Run' + end + end + end + end + + test "anonymous user accesses collection in shared project" do + visit "/collections/#{api_fixture('collections')['public_text_file']['uuid']}" + + # in collection page + assert_text 'Public Projects Unrestricted public data' + assert_text 'Hello world' + assert_text 'Content address' + assert_selector 'a', text: 'Provenance graph' + end end