X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/c3b26754a231ec909506f2ff28af1af9f2e27f2b..f28c121ae84586bec9cbadcfc5b296f563818112:/services/api/test/unit/api_client_authorization_test.rb

diff --git a/services/api/test/unit/api_client_authorization_test.rb b/services/api/test/unit/api_client_authorization_test.rb
index c390a02c04..e043f8914a 100644
--- a/services/api/test/unit/api_client_authorization_test.rb
+++ b/services/api/test/unit/api_client_authorization_test.rb
@@ -3,7 +3,6 @@
 # SPDX-License-Identifier: AGPL-3.0
 
 require 'test_helper'
-require 'sweep_trashed_objects'
 
 class ApiClientAuthorizationTest < ActiveSupport::TestCase
   include CurrentApiClient
@@ -20,10 +19,37 @@ class ApiClientAuthorizationTest < ActiveSupport::TestCase
     end
   end
 
-  test "delete expired in SweepTrashedObjects" do
-    assert_not_empty ApiClientAuthorization.where(uuid: api_client_authorizations(:expired).uuid)
-    SweepTrashedObjects.sweep_now
-    assert_empty ApiClientAuthorization.where(uuid: api_client_authorizations(:expired).uuid)
+  test "accepts SystemRootToken" do
+    assert_nil ApiClientAuthorization.validate(token: "xxxSystemRootTokenxxx")
+
+    # will create a new ApiClientAuthorization record
+    Rails.configuration.SystemRootToken = "xxxSystemRootTokenxxx"
+
+    auth = ApiClientAuthorization.validate(token: "xxxSystemRootTokenxxx")
+    assert_equal "xxxSystemRootTokenxxx", auth.api_token
+    assert_equal User.find_by_uuid(system_user_uuid).id, auth.user_id
+    assert auth.api_client.is_trusted
+
+    # now change the token and try to use the old one first
+    Rails.configuration.SystemRootToken = "newxxxSystemRootTokenxxx"
+
+    # old token will fail
+    assert_nil ApiClientAuthorization.validate(token: "xxxSystemRootTokenxxx")
+    # new token will work
+    auth = ApiClientAuthorization.validate(token: "newxxxSystemRootTokenxxx")
+    assert_equal "newxxxSystemRootTokenxxx", auth.api_token
+    assert_equal User.find_by_uuid(system_user_uuid).id, auth.user_id
+
+    # now change the token again and use the new one first
+    Rails.configuration.SystemRootToken = "new2xxxSystemRootTokenxxx"
+
+    # new token will work
+    auth = ApiClientAuthorization.validate(token: "new2xxxSystemRootTokenxxx")
+    assert_equal "new2xxxSystemRootTokenxxx", auth.api_token
+    assert_equal User.find_by_uuid(system_user_uuid).id, auth.user_id
+    # old token will fail
+    assert_nil ApiClientAuthorization.validate(token: "newxxxSystemRootTokenxxx")
   end
 
+
 end