X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/8c66c387ddeb1fe5cc19f31fc0e4f24ed778b1f8..6fb5d2bd10901a1e0ced4ea8849419145d47a0b5:/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb

diff --git a/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb b/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb
index c63f40f536..cbb009617b 100644
--- a/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb
@@ -20,4 +20,22 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes
     assert_response 403
   end
 
+  test "create system auth" do
+    authorize_with :admin_trustedclient
+    post :create_system_auth, scopes: '["test"]'
+    assert_response :success
+  end
+
+  test "prohibit create system auth with token from non-trusted client" do
+    authorize_with :admin
+    post :create_system_auth, scopes: '["test"]'
+    assert_response 403
+  end
+
+  test "prohibit create system auth by non-admin" do
+    authorize_with :active
+    post :create_system_auth, scopes: '["test"]'
+    assert_response 403
+  end
+
 end