X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/bdc87ddb113a2e05dd859a7f68f5fe1135bbc650..56d21dc3d5823117729df3db6186da96f277b328:/services/api/test/integration/permissions_test.rb diff --git a/services/api/test/integration/permissions_test.rb b/services/api/test/integration/permissions_test.rb index 40a77e72c5..2ebd62bc8b 100644 --- a/services/api/test/integration/permissions_test.rb +++ b/services/api/test/integration/permissions_test.rb @@ -3,10 +3,6 @@ require 'test_helper' class PermissionsTest < ActionDispatch::IntegrationTest fixtures :users, :groups, :api_client_authorizations, :collections - def auth auth_fixture - {'HTTP_AUTHORIZATION' => "OAuth2 #{api_client_authorizations(auth_fixture).api_token}"} - end - test "adding and removing direct can_read links" do # try to read collection as spectator get "/arvados/v1/collections/#{collections(:foo_file).uuid}", {:format => :json}, auth(:spectator) @@ -16,11 +12,9 @@ class PermissionsTest < ActionDispatch::IntegrationTest post "/arvados/v1/links", { :format => :json, :link => { - tail_kind: 'arvados#user', tail_uuid: users(:spectator).uuid, link_class: 'permission', name: 'can_read', - head_kind: 'arvados#collection', head_uuid: collections(:foo_file).uuid, properties: {} } @@ -31,16 +25,14 @@ class PermissionsTest < ActionDispatch::IntegrationTest post "/arvados/v1/links", { :format => :json, :link => { - tail_kind: 'arvados#user', tail_uuid: users(:spectator).uuid, link_class: 'permission', name: 'can_read', - head_kind: 'arvados#collection', head_uuid: collections(:foo_file).uuid, properties: {} } }, auth(:admin) - u = jresponse['uuid'] + u = json_response['uuid'] assert_response :success # read collection as spectator @@ -70,11 +62,9 @@ class PermissionsTest < ActionDispatch::IntegrationTest post "/arvados/v1/links", { :format => :json, :link => { - tail_kind: 'arvados#user', tail_uuid: users(:spectator).uuid, link_class: 'permission', name: 'can_read', - head_kind: 'arvados#group', head_uuid: groups(:private).uuid, properties: {} } @@ -89,16 +79,14 @@ class PermissionsTest < ActionDispatch::IntegrationTest post "/arvados/v1/links", { :format => :json, :link => { - tail_kind: 'arvados#group', tail_uuid: groups(:private).uuid, link_class: 'permission', name: 'can_read', - head_kind: 'arvados#collection', head_uuid: collections(:foo_file).uuid, properties: {} } }, auth(:admin) - u = jresponse['uuid'] + u = json_response['uuid'] assert_response :success # try to read collection as spectator @@ -125,11 +113,9 @@ class PermissionsTest < ActionDispatch::IntegrationTest post "/arvados/v1/links", { :format => :json, :link => { - tail_kind: 'arvados#group', tail_uuid: groups(:private).uuid, link_class: 'permission', name: 'can_read', - head_kind: 'arvados#collection', head_uuid: collections(:foo_file).uuid, properties: {} } @@ -144,16 +130,14 @@ class PermissionsTest < ActionDispatch::IntegrationTest post "/arvados/v1/links", { :format => :json, :link => { - tail_kind: 'arvados#user', tail_uuid: users(:spectator).uuid, link_class: 'permission', name: 'can_read', - head_kind: 'arvados#group', head_uuid: groups(:private).uuid, properties: {} } }, auth(:admin) - u = jresponse['uuid'] + u = json_response['uuid'] assert_response :success # try to read collection as spectator @@ -179,11 +163,9 @@ class PermissionsTest < ActionDispatch::IntegrationTest post "/arvados/v1/links", { :format => :json, :link => { - tail_kind: 'arvados#user', tail_uuid: users(:spectator).uuid, link_class: 'permission', name: 'can_read', - head_kind: 'arvados#group', head_uuid: groups(:private).uuid, properties: {} } @@ -194,11 +176,9 @@ class PermissionsTest < ActionDispatch::IntegrationTest post "/arvados/v1/links", { :format => :json, :link => { - tail_kind: 'arvados#group', tail_uuid: groups(:private).uuid, link_class: 'permission', name: 'can_read', - head_kind: 'arvados#group', head_uuid: groups(:empty_lonely_group).uuid, properties: {} } @@ -209,16 +189,14 @@ class PermissionsTest < ActionDispatch::IntegrationTest post "/arvados/v1/links", { :format => :json, :link => { - tail_kind: 'arvados#group', tail_uuid: groups(:empty_lonely_group).uuid, link_class: 'permission', name: 'can_read', - head_kind: 'arvados#collection', head_uuid: collections(:foo_file).uuid, properties: {} } }, auth(:admin) - u = jresponse['uuid'] + u = json_response['uuid'] assert_response :success # try to read collection as spectator @@ -237,7 +215,7 @@ class PermissionsTest < ActionDispatch::IntegrationTest test "read-only group-admin sees correct subset of user list" do get "/arvados/v1/users", {:format => :json}, auth(:rominiadmin) assert_response :success - resp_uuids = jresponse['items'].collect { |i| i['uuid'] } + resp_uuids = json_response['items'].collect { |i| i['uuid'] } [[true, users(:rominiadmin).uuid], [true, users(:active).uuid], [false, users(:miniadmin).uuid], @@ -276,7 +254,7 @@ class PermissionsTest < ActionDispatch::IntegrationTest [:miniadmin, true]].each do |which_user, update_should_succeed| get "/arvados/v1/specimens", {:format => :json}, auth(which_user) assert_response :success - resp_uuids = jresponse['items'].collect { |i| i['uuid'] } + resp_uuids = json_response['items'].collect { |i| i['uuid'] } [[true, specimens(:owned_by_active_user).uuid], [true, specimens(:owned_by_private_group).uuid], [false, specimens(:owned_by_spectator).uuid],