X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/a959f21c8147f26362df392bc3fd3290db69de85..c29fc69a571bc2e4a4e450a09d94adbb305633bd:/apps/workbench/test/integration/projects_test.rb

diff --git a/apps/workbench/test/integration/projects_test.rb b/apps/workbench/test/integration/projects_test.rb
index 73733d243d..adac0bf999 100644
--- a/apps/workbench/test/integration/projects_test.rb
+++ b/apps/workbench/test/integration/projects_test.rb
@@ -29,6 +29,7 @@ class ProjectsTest < ActionDispatch::IntegrationTest
     project_uuid = api_fixture('groups')['aproject']['uuid']
     specimen_uuid = api_fixture('specimens')['owned_by_aproject_with_no_name_link']['uuid']
     visit page_with_token 'active', '/projects/' + project_uuid
+    click_link 'Other objects'
     within(".selection-action-container") do
       within (first('tr', text: 'Specimen')) do
         find(".fa-pencil").click
@@ -43,6 +44,7 @@ class ProjectsTest < ActionDispatch::IntegrationTest
       find('.editable', text: 'Now I have a new name.')
     end
     visit current_path
+    click_link 'Other objects'
     within '.selection-action-container' do
       find '.editable', text: 'Now I have a new name.'
       page.assert_no_selector '.editable', text: 'Now I have a name.'
@@ -70,19 +72,83 @@ class ProjectsTest < ActionDispatch::IntegrationTest
     end
     wait_for_ajax
 
-    click_link 'Permissions'
-    find('input[value="Move to..."]').click
+    click_link 'Move project...'
     find('.selectable', text: 'Project 1234').click
-    find('a,button', text: 'Move').click
+    find('.modal-footer a,button', text: 'Move').click
     wait_for_ajax
 
-    # Wait for the page to refresh and show the new parent in Permissions panel
-    click_link 'Permissions'
-    find('.panel', text: 'Project 1234')
-
-    assert(find('.panel', text: 'Permissions for this project are inherited by the owner or parent project').
-           all('*', text: 'Project 1234').any?,
+    # Wait for the page to refresh and show the new parent in Sharing panel
+    click_link 'Sharing'
+    assert(page.has_link?("Project 1234"),
            "Project 5678 should now be inside project 1234")
   end
 
+  def show_project_using(auth_key, proj_key='aproject')
+    project_uuid = api_fixture('groups')[proj_key]['uuid']
+    visit(page_with_token(auth_key, "/projects/#{project_uuid}"))
+    assert(page.has_text?("A Project"), "not on expected project page")
+  end
+
+  def share_rows
+    find('#project_sharing').all('tr')
+  end
+
+  def add_share_and_check(share_type, name)
+    assert(page.has_no_text?(name), "project is already shared with #{name}")
+    start_share_count = share_rows.size
+    click_on("Share with #{share_type}")
+    find(".selectable", text: name).click
+    find(".modal-footer a,button", text: "Add").click
+    using_wait_time(Capybara.default_wait_time * 3) do
+      assert(page.has_link?(name),
+             "new share was not added to sharing table")
+      assert_equal(start_share_count + 1, share_rows.size,
+                   "new share did not add row to sharing table")
+    end
+  end
+
+  def modify_share_and_check(name)
+    start_rows = share_rows
+    link_row = start_rows.select { |row| row.has_text?(name) }
+    assert_equal(1, link_row.size, "row with new permission not found")
+    within(link_row.first) do
+      click_on("Read")
+      select("Write", from: "share_change_level")
+      click_on("editable-submit")
+      assert(has_link?("Write"),
+             "failed to change access level on new share")
+      click_on "Revoke"
+    end
+    using_wait_time(Capybara.default_wait_time * 3) do
+      assert(page.has_no_text?(name),
+             "new share row still exists after being revoked")
+      assert_equal(start_rows.size - 1, share_rows.size,
+                   "revoking share did not remove row from sharing table")
+    end
+  end
+
+  test "project viewer can't see project sharing tab" do
+    show_project_using("project_viewer")
+    assert(page.has_no_link?("Sharing"),
+           "read-only project user sees sharing tab")
+  end
+
+  test "project owner can manage sharing for another user" do
+    add_user = api_fixture('users')['future_project_user']
+    new_name = ["first_name", "last_name"].map { |k| add_user[k] }.join(" ")
+
+    show_project_using("active")
+    click_on "Sharing"
+    add_share_and_check("users", new_name)
+    modify_share_and_check(new_name)
+  end
+
+  test "project owner can manage sharing for another group" do
+    new_name = api_fixture('groups')['future_project_viewing_group']['name']
+
+    show_project_using("active")
+    click_on "Sharing"
+    add_share_and_check("groups", new_name)
+    modify_share_and_check(new_name)
+  end
 end