X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/c8bea0c6dd47a9b9a7a892602d9869177d4c231f..04b9d6e93ca8bd18dca697e56689820516c8c572:/apps/workbench/test/controllers/application_controller_test.rb

diff --git a/apps/workbench/test/controllers/application_controller_test.rb b/apps/workbench/test/controllers/application_controller_test.rb
index 15d52da3c3..45952ceba3 100644
--- a/apps/workbench/test/controllers/application_controller_test.rb
+++ b/apps/workbench/test/controllers/application_controller_test.rb
@@ -1,3 +1,7 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
 require 'test_helper'
 
 class ApplicationControllerTest < ActionController::TestCase
@@ -334,6 +338,57 @@ class ApplicationControllerTest < ActionController::TestCase
     assert_response 404
   end
 
+  test "requesting to the API server includes X-Request-Id header" do
+    got_header = nil
+    stub_api_calls
+    stub_api_client.stubs(:post).with do |url, query, header={}|
+      got_header = header
+      true
+    end.returns fake_api_response('{}', 200, {})
+
+    Rails.configuration.anonymous_user_token =
+      api_fixture("api_client_authorizations", "anonymous", "api_token")
+    @controller = ProjectsController.new
+    test_uuid = "zzzzz-j7d0g-zzzzzzzzzzzzzzz"
+    get(:show, {id: test_uuid})
+
+    assert_not_nil got_header
+    assert_includes got_header, 'X-Request-Id'
+    assert_match /^req-[0-9a-zA-Z]{20}$/, got_header["X-Request-Id"]
+  end
+
+  test "current request_id is nil after a request" do
+    @controller = NodesController.new
+    get(:index, {}, session_for(:active))
+    assert_nil Thread.current[:request_id]
+  end
+
+  test "X-Request-Id header" do
+    @controller = NodesController.new
+    get(:index, {}, session_for(:active))
+    assert_match /^req-[0-9a-zA-Z]{20}$/, response.headers['X-Request-Id']
+  end
+
+  [".navbar .login-menu a",
+   ".navbar .login-menu .dropdown-menu a"
+  ].each do |css_selector|
+    test "login link at #{css_selector.inspect} includes return_to param" do
+      # Without an anonymous token, we're immediately redirected to login.
+      Rails.configuration.anonymous_user_token =
+        api_fixture("api_client_authorizations", "anonymous", "api_token")
+      @controller = ProjectsController.new
+      test_uuid = "zzzzz-j7d0g-zzzzzzzzzzzzzzz"
+      get(:show, {id: test_uuid})
+      login_link = css_select(css_selector).first
+      assert_not_nil(login_link, "failed to select login link")
+      login_href = URI.unescape(login_link.attributes["href"].value)
+      # The parameter needs to include the full URL to work.
+      assert_includes(login_href, "://")
+      assert_match(/[\?&]return_to=[^&]*\/projects\/#{test_uuid}(&|$)/,
+                   login_href)
+    end
+  end
+
   test "Workbench returns 4xx when API server is unreachable" do
     # We're really testing ApplicationController's render_exception.
     # Our primary concern is that it doesn't raise an error and
@@ -364,7 +419,7 @@ class ApplicationControllerTest < ActionController::TestCase
     [ProjectsController.new, api_fixture('groups')['anonymously_accessible_project']],
     [ProjectsController.new, api_fixture('groups')['anonymously_accessible_project'], false],
   ].each do |controller, fixture, anon_config=true|
-    test "#{controller} show method with anonymous config enabled" do
+    test "#{controller} show method with anonymous config #{anon_config ? '' : 'not '}enabled" do
       if anon_config
         Rails.configuration.anonymous_user_token = api_fixture('api_client_authorizations')['anonymous']['api_token']
       else