X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/ac86cc3a04d65c1f330e237aa70df468faffd207..80be122d6b73044f5e3f740b5c38a38d3b3f79d7:/services/api/test/functional/arvados/v1/collections_controller_test.rb diff --git a/services/api/test/functional/arvados/v1/collections_controller_test.rb b/services/api/test/functional/arvados/v1/collections_controller_test.rb index 4f33d0b3c9..bffb47a75c 100644 --- a/services/api/test/functional/arvados/v1/collections_controller_test.rb +++ b/services/api/test/functional/arvados/v1/collections_controller_test.rb @@ -21,6 +21,62 @@ class Arvados::V1::CollectionsControllerTest < ActionController::TestCase assert_nil assigns(:objects) end + test "create with owner_uuid set to owned group" do + authorize_with :active + manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n" + post :create, { + collection: { + owner_uuid: 'zzzzz-j7d0g-rew6elm53kancon', + manifest_text: manifest_text, + uuid: "d30fe8ae534397864cb96c544f4cf102" + } + } + assert_response :success + resp = JSON.parse(@response.body) + assert_equal 'zzzzz-tpzed-000000000000000', resp['owner_uuid'] + end + + test "create with owner_uuid set to group i can_manage" do + authorize_with :active + manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n" + post :create, { + collection: { + owner_uuid: 'zzzzz-j7d0g-8ulrifv67tve5sx', + manifest_text: manifest_text, + uuid: "d30fe8ae534397864cb96c544f4cf102" + } + } + assert_response :success + resp = JSON.parse(@response.body) + assert_equal 'zzzzz-tpzed-000000000000000', resp['owner_uuid'] + end + + test "create with owner_uuid set to group with no can_manage permission" do + authorize_with :active + manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n" + post :create, { + collection: { + owner_uuid: 'zzzzz-j7d0g-it30l961gq3t0oi', + manifest_text: manifest_text, + uuid: "d30fe8ae534397864cb96c544f4cf102" + } + } + assert_response 403 + end + + test "admin create with owner_uuid set to group with no permission" do + authorize_with :admin + manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n" + post :create, { + collection: { + owner_uuid: 'zzzzz-j7d0g-it30l961gq3t0oi', + manifest_text: manifest_text, + uuid: "d30fe8ae534397864cb96c544f4cf102" + } + } + assert_response :success + end + test "should create with collection passed as json" do authorize_with :active post :create, { @@ -47,4 +103,36 @@ class Arvados::V1::CollectionsControllerTest < ActionController::TestCase assert_response 422 end + test "get full provenance for baz file" do + authorize_with :active + get :provenance, uuid: 'ea10d51bcf88862dbcc36eb292017dfd+45' + assert_response :success + resp = JSON.parse(@response.body) + assert_not_nil resp['ea10d51bcf88862dbcc36eb292017dfd+45'] # baz + assert_not_nil resp['fa7aeb5140e2848d39b416daeef4ffc5+45'] # bar + assert_not_nil resp['1f4b0bc7583c2a7f9102c395f4ffc5e3+45'] # foo + assert_not_nil resp['zzzzz-8i9sb-cjs4pklxxjykyuq'] # bar->baz + assert_not_nil resp['zzzzz-8i9sb-aceg2bnq7jt7kon'] # foo->bar + end + + test "get no provenance for foo file" do + # spectator user cannot even see baz collection + authorize_with :spectator + get :provenance, uuid: '1f4b0bc7583c2a7f9102c395f4ffc5e3+45' + assert_response 404 + end + + test "get partial provenance for baz file" do + # spectator user can see bar->baz job, but not foo->bar job + authorize_with :spectator + get :provenance, uuid: 'ea10d51bcf88862dbcc36eb292017dfd+45' + assert_response :success + resp = JSON.parse(@response.body) + assert_not_nil resp['ea10d51bcf88862dbcc36eb292017dfd+45'] # baz + assert_not_nil resp['fa7aeb5140e2848d39b416daeef4ffc5+45'] # bar + assert_not_nil resp['zzzzz-8i9sb-cjs4pklxxjykyuq'] # bar->baz + assert_nil resp['zzzzz-8i9sb-aceg2bnq7jt7kon'] # foo->bar + assert_nil resp['1f4b0bc7583c2a7f9102c395f4ffc5e3+45'] # foo + end + end