X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/dbdd94518d916b89f8e3a3fa0901da21a2493962..44c95f99098fa6c6acbfa82d4b6cbc6015eb6e39:/apps/workbench/test/controllers/application_controller_test.rb

diff --git a/apps/workbench/test/controllers/application_controller_test.rb b/apps/workbench/test/controllers/application_controller_test.rb
index 22ff7d4b2b..d38e88f2a6 100644
--- a/apps/workbench/test/controllers/application_controller_test.rb
+++ b/apps/workbench/test/controllers/application_controller_test.rb
@@ -1,3 +1,7 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
 require 'test_helper'
 
 class ApplicationControllerTest < ActionController::TestCase
@@ -334,6 +338,50 @@ class ApplicationControllerTest < ActionController::TestCase
     assert_response 404
   end
 
+  test "requesting to the API server includes client_session_id param" do
+    got_query = nil
+    stub_api_calls
+    stub_api_client.stubs(:post).with do |url, query, opts={}|
+      got_query = query
+      true
+    end.returns fake_api_response('{}', 200, {})
+
+    Rails.configuration.anonymous_user_token =
+      api_fixture("api_client_authorizations", "anonymous", "api_token")
+    @controller = ProjectsController.new
+    test_uuid = "zzzzz-j7d0g-zzzzzzzzzzzzzzz"
+    get(:show, {id: test_uuid})
+
+    assert_includes got_query, 'current_request_id'
+    assert_match /\d{10}-\d{9}/, got_query['current_request_id']
+  end
+
+  test "current_request_id is nil after a request" do
+    @controller = NodesController.new
+    get(:index, {}, session_for(:active))
+    assert_nil Thread.current[:current_request_id]
+  end
+
+  [".navbar .login-menu a",
+   ".navbar .login-menu .dropdown-menu a"
+  ].each do |css_selector|
+    test "login link at #{css_selector.inspect} includes return_to param" do
+      # Without an anonymous token, we're immediately redirected to login.
+      Rails.configuration.anonymous_user_token =
+        api_fixture("api_client_authorizations", "anonymous", "api_token")
+      @controller = ProjectsController.new
+      test_uuid = "zzzzz-j7d0g-zzzzzzzzzzzzzzz"
+      get(:show, {id: test_uuid})
+      login_link = css_select(css_selector).first
+      assert_not_nil(login_link, "failed to select login link")
+      login_href = URI.unescape(login_link.attributes["href"])
+      # The parameter needs to include the full URL to work.
+      assert_includes(login_href, "://")
+      assert_match(/[\?&]return_to=[^&]*\/projects\/#{test_uuid}(&|$)/,
+                   login_href)
+    end
+  end
+
   test "Workbench returns 4xx when API server is unreachable" do
     # We're really testing ApplicationController's render_exception.
     # Our primary concern is that it doesn't raise an error and
@@ -364,7 +412,7 @@ class ApplicationControllerTest < ActionController::TestCase
     [ProjectsController.new, api_fixture('groups')['anonymously_accessible_project']],
     [ProjectsController.new, api_fixture('groups')['anonymously_accessible_project'], false],
   ].each do |controller, fixture, anon_config=true|
-    test "#{controller} show method with anonymous config enabled" do
+    test "#{controller} show method with anonymous config #{anon_config ? '' : 'not '}enabled" do
       if anon_config
         Rails.configuration.anonymous_user_token = api_fixture('api_client_authorizations')['anonymous']['api_token']
       else
@@ -402,4 +450,61 @@ class ApplicationControllerTest < ActionController::TestCase
       assert_equal([['.', 'foo', 3]], assigns(:object).files)
     end
   end
+
+  test 'Edit name and verify that a duplicate is not created' do
+    @controller = ProjectsController.new
+    project = api_fixture("groups")["aproject"]
+    post :update, {
+      id: project["uuid"],
+      project: {
+        name: 'test name'
+      },
+      format: :json
+    }, session_for(:active)
+    assert_includes @response.body, 'test name'
+    updated = assigns(:object)
+    assert_equal updated.uuid, project["uuid"]
+    assert_equal 'test name', updated.name
+  end
+
+  [
+    [VirtualMachinesController.new, 'hostname', false],
+    [UsersController.new, 'first_name', true],
+  ].each do |controller, expect_str, expect_home_link|
+    test "access #{controller.controller_name} index as admin and verify Home link is#{' not' if !expect_home_link} shown" do
+      @controller = controller
+
+      get :index, {}, session_for(:admin)
+
+      assert_response 200
+      assert_includes @response.body, expect_str
+
+      home_link = "/projects/#{api_fixture('users')['active']['uuid']}"
+
+      if expect_home_link
+        refute_empty css_select("[href=\"/projects/#{api_fixture('users')['active']['uuid']}\"]")
+      else
+        assert_empty css_select("[href=\"/projects/#{api_fixture('users')['active']['uuid']}\"]")
+      end
+    end
+  end
+
+  [
+    [VirtualMachinesController.new, 'hostname', true],
+    [UsersController.new, 'first_name', false],
+  ].each do |controller, expect_str, expect_delete_link|
+    test "access #{controller.controller_name} index as admin and verify Delete option is#{' not' if !expect_delete_link} shown" do
+      @controller = controller
+
+      get :index, {}, session_for(:admin)
+
+      assert_response 200
+      assert_includes @response.body, expect_str
+      if expect_delete_link
+        refute_empty css_select('[data-method=delete]')
+      else
+        assert_empty css_select('[data-method=delete]')
+      end
+    end
+  end
 end