X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/966ab8387e2762d1720e6104a5f5f6d1e0cc52fe..3cc699f70a514878b7ce7adbc3c96e73f92fdf82:/services/api/test/unit/log_test.rb diff --git a/services/api/test/unit/log_test.rb b/services/api/test/unit/log_test.rb index 6f793afe7c..4fc273be73 100644 --- a/services/api/test/unit/log_test.rb +++ b/services/api/test/unit/log_test.rb @@ -39,7 +39,6 @@ class LogTest < ActiveSupport::TestCase "log is not 'modified by' current user") assert_equal(current_api_client.andand.uuid, log.modified_by_client_uuid, "log is not 'modified by' current client") - assert_equal(thing.kind, log.object_kind, "log kind mismatch") assert_equal(thing.uuid, log.object_uuid, "log UUID mismatch") assert_equal(event_type.to_s, log.event_type, "log event type mismatch") time_method, old_props_test, new_props_test = EVENT_TEST_METHODS[event_type] @@ -55,11 +54,15 @@ class LogTest < ActiveSupport::TestCase yield props if block_given? end - def set_user_from_auth(auth_name) - client_auth = api_client_authorizations(auth_name) - Thread.current[:api_client_authorization] = client_auth - Thread.current[:api_client] = client_auth.api_client - Thread.current[:user] = client_auth.user + def assert_auth_logged_with_clean_properties(auth, event_type) + assert_logged(auth, event_type) do |props| + ['old_attributes', 'new_attributes'].map { |k| props[k] }.compact + .each do |attributes| + refute_includes(attributes, 'api_token', + "auth log properties include sensitive API token") + end + yield props if block_given? + end end test "creating a user makes a log" do @@ -96,6 +99,7 @@ class LogTest < ActiveSupport::TestCase auth = api_client_authorizations(:spectator) orig_etag = auth.etag orig_attrs = auth.attributes + orig_attrs.delete 'api_token' auth.destroy assert_logged(auth, :destroy) do |props| assert_equal(orig_etag, props['old_etag'], "destroyed auth etag mismatch") @@ -199,4 +203,39 @@ class LogTest < ActiveSupport::TestCase auth.save! assert_logged(auth, :update) end + + test "token isn't included in ApiClientAuthorization logs" do + set_user_from_auth :admin_trustedclient + auth = ApiClientAuthorization.new + auth.user = users(:spectator) + auth.api_client = api_clients(:untrusted) + auth.save! + assert_auth_logged_with_clean_properties(auth, :create) + auth.expires_at = Time.now + auth.save! + assert_auth_logged_with_clean_properties(auth, :update) + auth.destroy + assert_auth_logged_with_clean_properties(auth, :destroy) + end + + test "use ownership and permission links to determine which logs a user can see" do + c = Log.readable_by(users(:admin)).order("id asc").each.to_a + assert_equal 5, c.size + assert_equal 1, c[0].id # no-op + assert_equal 2, c[1].id # admin changes repository foo, which is owned by active user + assert_equal 3, c[2].id # admin changes specimen owned_by_spectator + assert_equal 4, c[3].id # foo collection added, readable by active through link + assert_equal 5, c[4].id # baz collection added, readable by active and spectator through group 'all users' group membership + + c = Log.readable_by(users(:active)).order("id asc").each.to_a + assert_equal 3, c.size + assert_equal 2, c[0].id # admin changes repository foo, which is owned by active user + assert_equal 4, c[1].id # foo collection added, readable by active through link + assert_equal 5, c[2].id # baz collection added, readable by active and spectator through group 'all users' group membership + + c = Log.readable_by(users(:spectator)).order("id asc").each.to_a + assert_equal 2, c.size + assert_equal 3, c[0].id # admin changes specimen owned_by_spectator + assert_equal 5, c[1].id # baz collection added, readable by active and spectator through group 'all users' group membership + end end