X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/91b6e4f4ae93850fb3cc38cf8566115a66f44b27..e97a5d828bdf7cb9626d72efd94d3bcf718a18c9:/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb diff --git a/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb b/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb index 9f0f555d55..c2c71ca540 100644 --- a/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb +++ b/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb @@ -1,3 +1,7 @@ +# Copyright (C) The Arvados Authors. All rights reserved. +# +# SPDX-License-Identifier: AGPL-3.0 + require 'test_helper' class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::TestCase @@ -9,7 +13,7 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes test "should not get index with expired auth" do authorize_with :expired - get :index, format: :json + get :index, params: {format: :json} assert_response 401 end @@ -21,20 +25,20 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes test "create system auth" do authorize_with :admin_trustedclient - post :create_system_auth, scopes: '["test"]' + post :create_system_auth, params: {scopes: '["test"]'} assert_response :success assert_not_nil JSON.parse(@response.body)['uuid'] end test "prohibit create system auth with token from non-trusted client" do authorize_with :admin - post :create_system_auth, scopes: '["test"]' + post :create_system_auth, params: {scopes: '["test"]'} assert_response 403 end test "prohibit create system auth by non-admin" do authorize_with :active - post :create_system_auth, scopes: '["test"]' + post :create_system_auth, params: {scopes: '["test"]'} assert_response 403 end @@ -43,10 +47,10 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes expected_tokens = expected.map do |name| api_client_authorizations(name).api_token end - get :index, search_params + get :index, params: search_params assert_response :success got_tokens = JSON.parse(@response.body)['items'] - .map { |auth| auth['api_token'] } + .map { |a| a['api_token'] } assert_equal(expected_tokens.sort, got_tokens.sort, "wrong results for #{search_params.inspect}") end @@ -90,7 +94,7 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes ].each do |user, token, expect_get_response, expect_list_response, expect_list_items| test "using '#{user}', get '#{token}' by uuid" do authorize_with user - get :show, { + get :show, params: { id: api_client_authorizations(token).uuid, } assert_response expect_get_response @@ -98,7 +102,7 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes test "using '#{user}', update '#{token}' by uuid" do authorize_with user - put :update, { + put :update, params: { id: api_client_authorizations(token).uuid, api_client_authorization: {}, } @@ -107,7 +111,7 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes test "using '#{user}', delete '#{token}' by uuid" do authorize_with user - post :destroy, { + post :destroy, params: { id: api_client_authorizations(token).uuid, } assert_response expect_get_response @@ -115,7 +119,7 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes test "using '#{user}', list '#{token}' by uuid" do authorize_with user - get :index, { + get :index, params: { filters: [['uuid','=',api_client_authorizations(token).uuid]], } assert_response expect_list_response @@ -128,7 +132,7 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes if expect_list_items test "using '#{user}', list '#{token}' by uuid with offset" do authorize_with user - get :index, { + get :index, params: { filters: [['uuid','=',api_client_authorizations(token).uuid]], offset: expect_list_items, } @@ -140,7 +144,7 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes test "using '#{user}', list '#{token}' by token" do authorize_with user - get :index, { + get :index, params: { filters: [['api_token','=',api_client_authorizations(token).api_token]], } assert_response expect_list_response @@ -153,7 +157,7 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes test "scoped token cannot change its own scopes" do authorize_with :admin_vm - put :update, { + put :update, params: { id: api_client_authorizations(:admin_vm).uuid, api_client_authorization: {scopes: ['all']}, } @@ -162,10 +166,32 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes test "token cannot change its own uuid" do authorize_with :admin - put :update, { + put :update, params: { id: api_client_authorizations(:admin).uuid, api_client_authorization: {uuid: 'zzzzz-gj3su-zzzzzzzzzzzzzzz'}, } assert_response 403 end + + test "get current token" do + authorize_with :active + get :current + assert_response :success + assert_equal(json_response['api_token'], + api_client_authorizations(:active).api_token) + end + + test "get current token using SystemRootToken" do + Rails.configuration.SystemRootToken = "xyzzy-systemroottoken" + authorize_with_token Rails.configuration.SystemRootToken + get :current + assert_response :success + assert_equal(Rails.configuration.SystemRootToken, json_response['api_token']) + assert_not_empty(json_response['uuid']) + end + + test "get current token, no auth" do + get :current + assert_response 401 + end end