X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/bc206979ee82a00374838fff3044dcaf33338f02..72aa70eec7693bfb5d46a4bdac3619b3c6b1f79c:/services/api/app/controllers/database_controller.rb

diff --git a/services/api/app/controllers/database_controller.rb b/services/api/app/controllers/database_controller.rb
index 4a872ebb02..a2e15ed156 100644
--- a/services/api/app/controllers/database_controller.rb
+++ b/services/api/app/controllers/database_controller.rb
@@ -3,7 +3,25 @@ class DatabaseController < ApplicationController
   skip_before_filter :render_404_if_no_object
   before_filter :admin_required
   def reset
-    raise ArvadosModel::PermissionDeniedError unless ENV['RAILS_ENV'] == 'test'
+    raise ArvadosModel::PermissionDeniedError unless Rails.env == 'test'
+
+    # Sanity check: If someone has actually logged in here, this might
+    # not really be a throwaway database. Client test suites should
+    # use @example.com email addresses when creating user records, so
+    # we can tell they're not valuable.
+    user_uuids = User.
+      where('email is null or email not like ?', '%@example.com').
+      collect &:uuid
+    fixture_uuids =
+      YAML::load_file(File.expand_path('../../../test/fixtures/users.yml',
+                                       __FILE__)).
+      values.collect { |u| u['uuid'] }
+    unexpected_uuids = user_uuids - fixture_uuids
+    if unexpected_uuids.any?
+      logger.error("Running in test environment, but non-fixture users exist: " +
+                   "#{unexpected_uuids}")
+      raise ArvadosModel::PermissionDeniedError
+    end
 
     require 'active_record/fixtures'