X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/d6399c117f03f45e83648dca6e23dd7174793253..ccce5e8ad71ed2e50ecd57c0f73f1aaafc468539:/services/api/test/functional/arvados/v1/users_controller_test.rb diff --git a/services/api/test/functional/arvados/v1/users_controller_test.rb b/services/api/test/functional/arvados/v1/users_controller_test.rb index 948b601f88..1fefcb6c68 100644 --- a/services/api/test/functional/arvados/v1/users_controller_test.rb +++ b/services/api/test/functional/arvados/v1/users_controller_test.rb @@ -13,7 +13,7 @@ class Arvados::V1::UsersControllerTest < ActionController::TestCase get :current assert_response :success me = JSON.parse(@response.body) - post :activate, uuid: me['uuid'] + post :activate, id: me['uuid'] assert_response :success assert_not_nil assigns(:object) me = JSON.parse(@response.body) @@ -21,12 +21,37 @@ class Arvados::V1::UsersControllerTest < ActionController::TestCase end test "refuse to activate a user before signing UA" do + act_as_system_user do + required_uuids = Link.where("owner_uuid = ? and link_class = ? and name = ? and tail_uuid = ? and head_uuid like ?", + system_user_uuid, + 'signature', + 'require', + system_user_uuid, + Collection.uuid_like_pattern). + collect(&:head_uuid) + + assert required_uuids.length > 0 + + signed_uuids = Link.where(owner_uuid: system_user_uuid, + link_class: 'signature', + name: 'click', + tail_uuid: users(:inactive).uuid, + head_uuid: required_uuids). + collect(&:head_uuid) + + assert_equal 0, signed_uuids.length + end + authorize_with :inactive + get :current assert_response :success me = JSON.parse(@response.body) - post :activate, uuid: me['uuid'] + assert_equal false, me['is_active'] + + post :activate, id: me['uuid'] assert_response 403 + get :current assert_response :success me = JSON.parse(@response.body) @@ -38,7 +63,7 @@ class Arvados::V1::UsersControllerTest < ActionController::TestCase get :current assert_response :success me = JSON.parse(@response.body) - post :activate, uuid: me['uuid'] + post :activate, id: me['uuid'] assert_response :success me = JSON.parse(@response.body) assert_equal true, me['is_active'] @@ -416,8 +441,11 @@ class Arvados::V1::UsersControllerTest < ActionController::TestCase 'expected same uuid as first create operation' assert_equal response_object['email'], 'foo@example.com', 'expected given email' - # +1 extra login link +1 extra system_group link pointing to the new User - verify_num_links @all_links_at_start, 6 + # +1 extra can_read 'all users' group link + # +1 extra system_group can_manage link pointing to the new User + # +1 extra can_login permission link + # no repo link, no vm link + verify_num_links @all_links_at_start, 7 end test "setup user with openid prefix" do @@ -669,7 +697,7 @@ class Arvados::V1::UsersControllerTest < ActionController::TestCase verify_link_existence created['uuid'], created['email'], true, true, true, true, false # now unsetup this user - post :unsetup, uuid: created['uuid'] + post :unsetup, id: created['uuid'] assert_response :success created2 = JSON.parse(@response.body) @@ -694,7 +722,7 @@ class Arvados::V1::UsersControllerTest < ActionController::TestCase authorize_with :admin # now unsetup this user - post :unsetup, uuid: active_user['uuid'] + post :unsetup, id: active_user['uuid'] assert_response :success response_user = JSON.parse(@response.body) @@ -880,80 +908,4 @@ class Arvados::V1::UsersControllerTest < ActionController::TestCase tail_uuid: system_group_uuid, head_uuid: user_uuid).count end - - test 'get user-owned objects' do - authorize_with :active - get :owned_items, { - id: users(:active).uuid, - limit: 500, - format: :json, - } - assert_response :success - assert_operator 2, :<=, jresponse['items_available'] - assert_operator 2, :<=, jresponse['items'].count - kinds = jresponse['items'].collect { |i| i['kind'] }.uniq - expect_kinds = %w'arvados#group arvados#specimen arvados#pipelineTemplate arvados#job' - assert_equal expect_kinds, (expect_kinds & kinds) - end - - [false, true].each do |inc_ind| - test "get all pages of user-owned #{'and -linked ' if inc_ind}objects" do - authorize_with :active - limit = 5 - offset = 0 - items_available = nil - uuid_received = {} - owner_received = {} - while true - # Behaving badly here, using the same controller multiple - # times within a test. - @jresponse = nil - get :owned_items, { - id: users(:active).uuid, - include_linked: inc_ind, - limit: limit, - offset: offset, - format: :json, - } - assert_response :success - assert_operator(0, :<, jresponse['items'].count, - "items_available=#{items_available} but received 0 "\ - "items with offset=#{offset}") - items_available ||= jresponse['items_available'] - assert_equal(items_available, jresponse['items_available'], - "items_available changed between page #{offset/limit} "\ - "and page #{1+offset/limit}") - jresponse['items'].each do |item| - uuid = item['uuid'] - assert_equal(nil, uuid_received[uuid], - "Received '#{uuid}' again on page #{1+offset/limit}") - uuid_received[uuid] = true - owner_received[item['owner_uuid']] = true - offset += 1 - if not inc_ind - assert_equal users(:active).uuid, item['owner_uuid'] - end - end - break if offset >= items_available - end - if inc_ind - assert_operator 0, :<, (jresponse.keys - [users(:active).uuid]).count, - "Set include_linked=true but did not receive any non-owned items" - end - end - end - - %w(offset limit).each do |arg| - ['foo', '', '1234five', '0x10', '-8'].each do |val| - test "Raise error on bogus #{arg} parameter #{val.inspect}" do - authorize_with :active - get :owned_items, { - :id => users(:active).uuid, - :format => :json, - arg => val, - } - assert_response 422 - end - end - end end