- test "unsharing a project results in hiding it from previously shared user" do
- # Make the same call as in line 448.
- @controller = Arvados::V1::LinksController.new
- authorize_with :system_user
- post :create, params: {
- link: {
- link_class: "permission",
- name: "can_read",
- head_uuid: groups(:starred_and_shared_active_user_project).uuid,
- tail_uuid: users(:project_viewer).uuid,
- }
- }
- assert_response :success
- assert_equal 'permission', json_response['link_class']
- l = Link.find_by_uuid(json_response['uuid'])
- l.destroy
- @test_counter = 0
-
- # remove sharing link for project
- @controller = Arvados::V1::LinksController.new
- authorize_with :admin
- post :destroy, params: {id: links(:share_starred_project_with_project_viewer).uuid}
- assert_response :success
-
- # verify that the user can no longer see the project
- @test_counter = 0 # Reset executed action counter
- @controller = Arvados::V1::GroupsController.new
- authorize_with :project_viewer
- get :index, params: {filters: [['group_class', '=', 'project']], format: :json}
- assert_response :success
- found_projects = {}
- json_response['items'].each do |g|
- found_projects[g['uuid']] = g
- end
- assert_equal false, found_projects.include?(groups(:starred_and_shared_active_user_project).uuid)
-
- # share the project
- @test_counter = 0
- @controller = Arvados::V1::LinksController.new
- authorize_with :system_user
- post :create, params: {
- link: {
- link_class: "permission",
- name: "can_read",
- head_uuid: groups(:starred_and_shared_active_user_project).uuid,
- tail_uuid: users(:project_viewer).uuid,
- }
- }
- assert_response :success
- # This fails if the call at the beginning of the test isn't
- # made, because for some reason the links controller gets
- # an empty params list.
- assert_equal 'permission', json_response['link_class']
- # NOTE that if I manually create the link, the test pass:
- # Link.create(link_class: 'permission', name: 'can_read', head_uuid: groups(:starred_and_shared_active_user_project).uuid, tail_uuid: users(:project_viewer).uuid)
-
- # verify that project_viewer user can now see shared project again
- @test_counter = 0
- @controller = Arvados::V1::GroupsController.new
- authorize_with :project_viewer
- get :index, params: {filters: [['group_class', '=', 'project']], format: :json}
- assert_response :success
- found_projects = {}
- json_response['items'].each do |g|
- found_projects[g['uuid']] = g
- end
- assert_equal true, found_projects.include?(groups(:starred_and_shared_active_user_project).uuid)
- end
-