Merge branch 'master' into 7329-empty-block-issue

diff --git a/services/api/app/models/keep_service.rb b/services/api/app/models/keep_service.rb
index 6854ed2625218c462f786ab960268a8be7708910..58055297a1cf9945f36d441562d3818997b4da3a 100644 (file)
--- a/services/api/app/models/keep_service.rb
+++ b/services/api/app/models/keep_service.rb
@@ -13,4 +13,13 @@ class KeepService < ArvadosModel
   api_accessible :superuser, :extend => :user do |t|
   end
 
+  protected
+
+  def permission_to_create
+    current_user.andand.is_admin
+  end
+
+  def permission_to_update
+    current_user.andand.is_admin
+  end
 end

diff --git a/services/api/test/unit/keep_service_test.rb b/services/api/test/unit/keep_service_test.rb
index 72c4f8ed0266361348a3cc113bbb8f7ce502452d..8ca8c523d2f0cfb3c844ebdebf2efc68d6608296 100644 (file)
--- a/services/api/test/unit/keep_service_test.rb
+++ b/services/api/test/unit/keep_service_test.rb
@@ -1,7 +1,33 @@
 require 'test_helper'
 
 class KeepServiceTest < ActiveSupport::TestCase
-  # test "the truth" do
-  #   assert true
-  # end
+  test "non-admins cannot create services" do
+    set_user_from_auth :active
+    ks = KeepService.new
+    assert_not_allowed do
+      ks.save
+    end
+  end
+
+  test "non-admins cannot update services" do
+    set_user_from_auth :active
+    ks = keep_services(:proxy)
+    ks.service_port = 64434
+    assert_not_allowed do
+      ks.save
+    end
+  end
+
+  test "admins can create services" do
+    set_user_from_auth :admin
+    ks = KeepService.new
+    assert(ks.save, "saving new service failed")
+  end
+
+  test "admins can update services" do
+    set_user_from_auth :admin
+    ks = keep_services(:proxy)
+    ks.service_port = 64434
+    assert(ks.save, "saving updated service failed")
+  end
 end

diff --git a/services/arv-git-httpd/gitolite_test.go b/services/arv-git-httpd/gitolite_test.go
index 84587302c7ac3a4a13c832c68fda36608c49a434..aa710262b499b9c0a5e5168a8a69fc039ddeca36 100644 (file)
--- a/services/arv-git-httpd/gitolite_test.go
+++ b/services/arv-git-httpd/gitolite_test.go
@@ -70,7 +70,7 @@ func (s *GitoliteSuite) TestFetchUnreadable(c *check.C) {
 }
 
 func (s *GitoliteSuite) TestPush(c *check.C) {
-       err := s.RunGit(c, activeToken, "push", "active/foo.git")
+       err := s.RunGit(c, activeToken, "push", "active/foo.git", "master:gitolite-push")
        c.Check(err, check.Equals, nil)
 
        // Check that the commit hash appears in the gitolite log, as
@@ -88,6 +88,6 @@ func (s *GitoliteSuite) TestPush(c *check.C) {
 }
 
 func (s *GitoliteSuite) TestPushUnwritable(c *check.C) {
-       err := s.RunGit(c, spectatorToken, "push", "active/foo.git")
+       err := s.RunGit(c, spectatorToken, "push", "active/foo.git", "master:gitolite-push-fail")
        c.Check(err, check.ErrorMatches, `.*HTTP code = 403.*`)
 }