X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/fcb35ed42449c5ad58cd9ec62ff2ed353cf9d940..35658af99f09f2f6768583d65246429f789fc5a2:/services/api/test/functional/application_controller_test.rb

diff --git a/services/api/test/functional/application_controller_test.rb b/services/api/test/functional/application_controller_test.rb
index 4144d0a922..175a8f71ea 100644
--- a/services/api/test/functional/application_controller_test.rb
+++ b/services/api/test/functional/application_controller_test.rb
@@ -1,3 +1,7 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
 require 'test_helper'
 
 class ApplicationControllerTest < ActionController::TestCase
@@ -20,30 +24,113 @@ class ApplicationControllerTest < ActionController::TestCase
     token_time = token.split('+', 2).first.to_i
     assert_operator(token_time, :>=, @start_stamp, "error token too old")
     assert_operator(token_time, :<=, now_timestamp, "error token too new")
+    json_response['errors'].each do |err|
+      assert_match(/req-[a-z0-9]{20}/, err, "X-Request-Id value missing on error message")
+    end
   end
 
   def check_404(errmsg="Path not found")
     assert_response 404
-    assert_equal([errmsg], json_response['errors'])
+    json_response['errors'].each do |err|
+      assert(err.include?(errmsg), "error message '#{err}' expected to include '#{errmsg}'")
+    end
     check_error_token
   end
 
   test "requesting nonexistent object returns 404 error" do
     authorize_with :admin
-    get(:show, id: BAD_UUID)
+    get(:show, params: {id: BAD_UUID})
     check_404
   end
 
   test "requesting object without read permission returns 404 error" do
     authorize_with :spectator
-    get(:show, id: specimens(:owned_by_active_user).uuid)
+    get(:show, params: {id: specimens(:owned_by_active_user).uuid})
     check_404
   end
 
   test "submitting bad object returns error" do
     authorize_with :spectator
-    post(:create, specimen: {badattr: "badvalue"})
+    post(:create, params: {specimen: {badattr: "badvalue"}})
     assert_response 422
     check_error_token
   end
+
+  test "X-Request-Id header" do
+    authorize_with :spectator
+    get(:index)
+    assert_match /^req-[0-9a-zA-Z]{20}$/, response.headers['X-Request-Id']
+  end
+
+  # The response header is the one that gets logged, so this test also
+  # ensures we log the ID supplied in the request, if any.
+  test "X-Request-Id given by client" do
+    authorize_with :spectator
+    @request.headers['X-Request-Id'] = 'abcdefG'
+    get(:index)
+    assert_equal 'abcdefG', response.headers['X-Request-Id']
+  end
+
+  test "X-Request-Id given by client is ignored if too long" do
+    authorize_with :spectator
+    @request.headers['X-Request-Id'] = 'abcdefG' * 1000
+    get(:index)
+    assert_match /^req-[0-9a-zA-Z]{20}$/, response.headers['X-Request-Id']
+  end
+
+  ['foo', '', 'FALSE', 'TRUE', nil, [true], {a:true}, '"true"'].each do |bogus|
+    test "bogus boolean parameter #{bogus.inspect} returns error" do
+      @controller = Arvados::V1::GroupsController.new
+      authorize_with :active
+      post :create, params: {
+        group: {},
+        ensure_unique_name: bogus
+      }
+      assert_response 422
+      assert_match(/parameter must be a boolean/, json_response['errors'].first,
+                   'Helpful error message not found')
+    end
+  end
+
+  [[true, [true, 'true', 1, '1']],
+   [false, [false, 'false', 0, '0']]].each do |bool, boolparams|
+    boolparams.each do |boolparam|
+      # Ensure boolparam is acceptable as a boolean
+      test "boolean parameter #{boolparam.inspect} acceptable" do
+        @controller = Arvados::V1::GroupsController.new
+        authorize_with :active
+        post :create, params: {
+          group: {},
+          ensure_unique_name: boolparam
+        }
+        assert_response :success
+      end
+
+      # Ensure boolparam is acceptable as the _intended_ boolean
+      test "boolean parameter #{boolparam.inspect} accepted as #{bool.inspect}" do
+        @controller = Arvados::V1::GroupsController.new
+        authorize_with :active
+        post :create, params: {
+          group: {
+            name: groups(:aproject).name,
+            owner_uuid: groups(:aproject).owner_uuid
+          },
+          ensure_unique_name: boolparam
+        }
+        assert_response (bool ? :success : 422)
+      end
+    end
+  end
+
+  test "exceptions with backtraces get logged at exception_backtrace key" do
+    Group.stubs(:new).raises(Exception, 'Whoops')
+    Rails.logger.expects(:info).with(any_parameters) do |param|
+      param.include?('Whoops') and param.include?('"exception_backtrace":')
+    end
+    @controller = Arvados::V1::GroupsController.new
+    authorize_with :active
+    post :create, params: {
+      group: {},
+    }
+  end
 end