X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/a23fa06e9849f2ab76fa271624e22a245c2abc47..f22f1e3c92e9a69e9e7f82fa6226ad100a8025da:/services/keep-web/handler_test.go diff --git a/services/keep-web/handler_test.go b/services/keep-web/handler_test.go index d877a5f550..4894ceb70b 100644 --- a/services/keep-web/handler_test.go +++ b/services/keep-web/handler_test.go @@ -45,12 +45,12 @@ func (s *UnitSuite) TestCORSPreflight(c *check.C) { c.Check(resp.Code, check.Equals, http.StatusOK) c.Check(resp.Body.String(), check.Equals, "") c.Check(resp.Header().Get("Access-Control-Allow-Origin"), check.Equals, "*") - c.Check(resp.Header().Get("Access-Control-Allow-Methods"), check.Equals, "GET, POST, OPTIONS, PROPFIND") - c.Check(resp.Header().Get("Access-Control-Allow-Headers"), check.Equals, "Range") + c.Check(resp.Header().Get("Access-Control-Allow-Methods"), check.Equals, "COPY, DELETE, GET, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PUT, RMCOL") + c.Check(resp.Header().Get("Access-Control-Allow-Headers"), check.Equals, "Authorization, Content-Type, Range") // Check preflight for a disallowed request resp = httptest.NewRecorder() - req.Header.Set("Access-Control-Request-Method", "DELETE") + req.Header.Set("Access-Control-Request-Method", "MAKE-COFFEE") h.ServeHTTP(resp, req) c.Check(resp.Body.String(), check.Equals, "") c.Check(resp.Code, check.Equals, http.StatusMethodNotAllowed) @@ -333,7 +333,20 @@ func (s *IntegrationSuite) TestVhostRedirectQueryTokenRequestAttachment(c *check http.StatusOK, "foo", ) - c.Check(strings.Split(resp.Header().Get("Content-Disposition"), ";")[0], check.Equals, "attachment") + c.Check(resp.Header().Get("Content-Disposition"), check.Matches, "attachment(;.*)?") +} + +func (s *IntegrationSuite) TestVhostRedirectQueryTokenSiteFS(c *check.C) { + s.testServer.Config.AttachmentOnlyHost = "download.example.com" + resp := s.testVhostRedirectTokenToCookie(c, "GET", + "download.example.com/by_id/"+arvadostest.FooCollection+"/foo", + "?api_token="+arvadostest.ActiveToken, + "", + "", + http.StatusOK, + "foo", + ) + c.Check(resp.Header().Get("Content-Disposition"), check.Matches, "attachment(;.*)?") } func (s *IntegrationSuite) TestVhostRedirectQueryTokenTrustAllContent(c *check.C) { @@ -493,10 +506,11 @@ func (s *IntegrationSuite) TestDirectoryListing(c *check.C) { "Authorization": {"OAuth2 " + arvadostest.ActiveToken}, } for _, trial := range []struct { - uri string - header http.Header - expect []string - cutDirs int + uri string + header http.Header + expect []string + redirect string + cutDirs int }{ { uri: strings.Replace(arvadostest.FooAndBarFilesInDirPDH, "+", "-", -1) + ".example.com/", @@ -508,7 +522,7 @@ func (s *IntegrationSuite) TestDirectoryListing(c *check.C) { uri: strings.Replace(arvadostest.FooAndBarFilesInDirPDH, "+", "-", -1) + ".example.com/dir1/", header: authHeader, expect: []string{"foo", "bar"}, - cutDirs: 0, + cutDirs: 1, }, { uri: "download.example.com/collections/" + arvadostest.FooAndBarFilesInDirUUID + "/", @@ -516,6 +530,50 @@ func (s *IntegrationSuite) TestDirectoryListing(c *check.C) { expect: []string{"dir1/foo", "dir1/bar"}, cutDirs: 2, }, + { + uri: "download.example.com/users/active/foo_file_in_dir/", + header: authHeader, + expect: []string{"dir1/"}, + cutDirs: 3, + }, + { + uri: "download.example.com/users/active/foo_file_in_dir/dir1/", + header: authHeader, + expect: []string{"bar"}, + cutDirs: 4, + }, + { + uri: "download.example.com/", + header: authHeader, + expect: []string{"users/"}, + cutDirs: 0, + }, + { + uri: "download.example.com/users", + header: authHeader, + redirect: "/users/", + expect: []string{"active/"}, + cutDirs: 1, + }, + { + uri: "download.example.com/users/", + header: authHeader, + expect: []string{"active/"}, + cutDirs: 1, + }, + { + uri: "download.example.com/users/active", + header: authHeader, + redirect: "/users/active/", + expect: []string{"foo_file_in_dir/"}, + cutDirs: 2, + }, + { + uri: "download.example.com/users/active/", + header: authHeader, + expect: []string{"foo_file_in_dir/"}, + cutDirs: 2, + }, { uri: "collections.example.com/collections/download/" + arvadostest.FooAndBarFilesInDirUUID + "/" + arvadostest.ActiveToken + "/", header: nil, @@ -529,22 +587,36 @@ func (s *IntegrationSuite) TestDirectoryListing(c *check.C) { cutDirs: 2, }, { - uri: "download.example.com/c=" + arvadostest.FooAndBarFilesInDirUUID + "/dir1/", + uri: "collections.example.com/c=" + arvadostest.FooAndBarFilesInDirUUID + "/t=" + arvadostest.ActiveToken, + header: nil, + expect: []string{"dir1/foo", "dir1/bar"}, + cutDirs: 2, + }, + { + uri: "download.example.com/c=" + arvadostest.FooAndBarFilesInDirUUID, header: authHeader, - expect: []string{"foo", "bar"}, + expect: []string{"dir1/foo", "dir1/bar"}, cutDirs: 1, }, + { + uri: "download.example.com/c=" + arvadostest.FooAndBarFilesInDirUUID + "/dir1", + header: authHeader, + redirect: "/c=" + arvadostest.FooAndBarFilesInDirUUID + "/dir1/", + expect: []string{"foo", "bar"}, + cutDirs: 2, + }, { uri: "download.example.com/c=" + arvadostest.FooAndBarFilesInDirUUID + "/_/dir1/", header: authHeader, expect: []string{"foo", "bar"}, - cutDirs: 2, + cutDirs: 3, }, { - uri: arvadostest.FooAndBarFilesInDirUUID + ".example.com/dir1?api_token=" + arvadostest.ActiveToken, - header: authHeader, - expect: []string{"foo", "bar"}, - cutDirs: 0, + uri: arvadostest.FooAndBarFilesInDirUUID + ".example.com/dir1?api_token=" + arvadostest.ActiveToken, + header: authHeader, + redirect: "/dir1/", + expect: []string{"foo", "bar"}, + cutDirs: 1, }, { uri: "collections.example.com/c=" + arvadostest.FooAndBarFilesInDirUUID + "/theperthcountyconspiracydoesnotexist/", @@ -571,7 +643,7 @@ func (s *IntegrationSuite) TestDirectoryListing(c *check.C) { Host: u.Host, URL: u, RequestURI: u.RequestURI(), - Header: http.Header{}, + Header: trial.header, } cookies = append(cookies, (&http.Response{Header: resp.Header()}).Cookies()...) for _, c := range cookies { @@ -580,6 +652,9 @@ func (s *IntegrationSuite) TestDirectoryListing(c *check.C) { resp = httptest.NewRecorder() s.testServer.Handler.ServeHTTP(resp, req) } + if trial.redirect != "" { + c.Check(req.URL.Path, check.Equals, trial.redirect) + } if trial.expect == nil { c.Check(resp.Code, check.Equals, http.StatusNotFound) } else {