Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima@veritasgenetics.com>
# delete user signatures, login, repo, and vm perms, and mark as inactive
def unsetup
# delete oid_login_perms for this user
- Link.destroy_all(tail_uuid: self.email,
+ Link.where(tail_uuid: self.email,
link_class: 'permission',
- name: 'can_login')
+ name: 'can_login').destroy_all
# delete repo_perms for this user
- Link.destroy_all(tail_uuid: self.uuid,
+ Link.where(tail_uuid: self.uuid,
link_class: 'permission',
- name: 'can_manage')
+ name: 'can_manage').destroy_all
# delete vm_login_perms for this user
- Link.destroy_all(tail_uuid: self.uuid,
+ Link.where(tail_uuid: self.uuid,
link_class: 'permission',
- name: 'can_login')
+ name: 'can_login').destroy_all
# delete "All users" group read permissions for this user
group = Group.where(name: 'All users').select do |g|
g[:uuid].match(/-f+$/)
end.first
- Link.destroy_all(tail_uuid: self.uuid,
+ Link.where(tail_uuid: self.uuid,
head_uuid: group[:uuid],
link_class: 'permission',
- name: 'can_read')
+ name: 'can_read').destroy_all
# delete any signatures by this user
- Link.destroy_all(link_class: 'signature',
- tail_uuid: self.uuid)
+ Link.where(link_class: 'signature',
+ tail_uuid: self.uuid).destroy_all
# delete user preferences (including profile)
self.prefs = {}
test "should not get index with expired auth" do
authorize_with :expired
- get :index, format: :json
+ get :index, params: {format: :json}
assert_response 401
end
test "create system auth" do
authorize_with :admin_trustedclient
- post :create_system_auth, scopes: '["test"]'
+ post :create_system_auth, params: {scopes: '["test"]'}
assert_response :success
assert_not_nil JSON.parse(@response.body)['uuid']
end
test "prohibit create system auth with token from non-trusted client" do
authorize_with :admin
- post :create_system_auth, scopes: '["test"]'
+ post :create_system_auth, params: {scopes: '["test"]'}
assert_response 403
end
test "prohibit create system auth by non-admin" do
authorize_with :active
- post :create_system_auth, scopes: '["test"]'
+ post :create_system_auth, params: {scopes: '["test"]'}
assert_response 403
end
expected_tokens = expected.map do |name|
api_client_authorizations(name).api_token
end
- get :index, search_params
+ get :index, params: search_params
assert_response :success
got_tokens = JSON.parse(@response.body)['items']
.map { |a| a['api_token'] }
].each do |user, token, expect_get_response, expect_list_response, expect_list_items|
test "using '#{user}', get '#{token}' by uuid" do
authorize_with user
- get :show, {
+ get :show, params: {
id: api_client_authorizations(token).uuid,
}
assert_response expect_get_response
test "using '#{user}', update '#{token}' by uuid" do
authorize_with user
- put :update, {
+ put :update, params: {
id: api_client_authorizations(token).uuid,
api_client_authorization: {},
}
test "using '#{user}', delete '#{token}' by uuid" do
authorize_with user
- post :destroy, {
+ post :destroy, params: {
id: api_client_authorizations(token).uuid,
}
assert_response expect_get_response
test "using '#{user}', list '#{token}' by uuid" do
authorize_with user
- get :index, {
+ get :index, params: {
filters: [['uuid','=',api_client_authorizations(token).uuid]],
}
assert_response expect_list_response
if expect_list_items
test "using '#{user}', list '#{token}' by uuid with offset" do
authorize_with user
- get :index, {
+ get :index, params: {
filters: [['uuid','=',api_client_authorizations(token).uuid]],
offset: expect_list_items,
}
test "using '#{user}', list '#{token}' by token" do
authorize_with user
- get :index, {
+ get :index, params: {
filters: [['api_token','=',api_client_authorizations(token).api_token]],
}
assert_response expect_list_response
test "scoped token cannot change its own scopes" do
authorize_with :admin_vm
- put :update, {
+ put :update, params: {
id: api_client_authorizations(:admin_vm).uuid,
api_client_authorization: {scopes: ['all']},
}
test "token cannot change its own uuid" do
authorize_with :admin
- put :update, {
+ put :update, params: {
id: api_client_authorizations(:admin).uuid,
api_client_authorization: {uuid: 'zzzzz-gj3su-zzzzzzzzzzzzzzz'},
}
test "get index with include_old_versions" do
authorize_with :active
- get :index, {
+ get :index, params: {
include_old_versions: true
}
assert_response :success
test "collections.get returns signed locators, and no unsigned_manifest_text" do
permit_unsigned_manifests
authorize_with :active
- get :show, {id: collections(:foo_file).uuid}
+ get :show, params: {id: collections(:foo_file).uuid}
assert_response :success
assert_signed_manifest json_response['manifest_text'], 'foo_file'
refute_includes json_response, 'unsigned_manifest_text'
test "correct signatures are given for #{token_method}" do
token = api_client_authorizations(:active).send(token_method)
authorize_with_token token
- get :show, {id: collections(:foo_file).uuid}
+ get :show, params: {id: collections(:foo_file).uuid}
assert_response :success
assert_signed_manifest json_response['manifest_text'], 'foo_file', token: token
end
key: Rails.configuration.blob_signing_key,
api_token: token)
authorize_with_token token
- put :update, {
+ put :update, params: {
id: collections(:collection_owned_by_active).uuid,
collection: {
manifest_text: ". #{signed} 0:3:foo.txt\n",
test "index with manifest_text selected returns signed locators" do
columns = %w(uuid owner_uuid manifest_text)
authorize_with :active
- get :index, select: columns
+ get :index, params: {select: columns}
assert_response :success
assert(assigns(:objects).andand.any?,
"no Collections returned for index with columns selected")
test "index with unsigned_manifest_text selected returns only unsigned locators" do
authorize_with :active
- get :index, select: ['unsigned_manifest_text']
+ get :index, params: {select: ['unsigned_manifest_text']}
assert_response :success
assert_operator json_response["items"].count, :>, 0
locs = 0
['', nil, false, 'null'].each do |select|
test "index with select=#{select.inspect} returns everything except manifest" do
authorize_with :active
- get :index, select: select
+ get :index, params: {select: select}
assert_response :success
assert json_response['items'].any?
json_response['items'].each do |coll|
'["uuid", "manifest_text"]'].each do |select|
test "index with select=#{select.inspect} returns no name" do
authorize_with :active
- get :index, select: select
+ get :index, params: {select: select}
assert_response :success
assert json_response['items'].any?
json_response['items'].each do |coll|
[0,1,2].each do |limit|
test "get index with limit=#{limit}" do
authorize_with :active
- get :index, limit: limit
+ get :index, params: {limit: limit}
assert_response :success
assert_equal limit, assigns(:objects).count
resp = JSON.parse(@response.body)
test "items.count == items_available" do
authorize_with :active
- get :index, limit: 100000
+ get :index, params: {limit: 100000}
assert_response :success
resp = JSON.parse(@response.body)
assert_equal resp['items_available'], assigns(:objects).length
test "items.count == items_available with filters" do
authorize_with :active
- get :index, {
+ get :index, params: {
limit: 100,
filters: [['uuid','=',collections(:foo_file).uuid]]
}
test "get index with limit=2 offset=99999" do
# Assume there are not that many test fixtures.
authorize_with :active
- get :index, limit: 2, offset: 99999
+ get :index, params: {limit: 2, offset: 99999}
assert_response :success
assert_equal 0, assigns(:objects).count
resp = JSON.parse(@response.body)
coll1 = collections(:collection_1_of_201)
Rails.configuration.max_index_database_read =
yield(coll1.manifest_text.size)
- get :index, {
+ get :index, params: {
select: %w(uuid manifest_text),
filters: [["owner_uuid", "=", coll1.owner_uuid]],
limit: 300,
# post :create will modify test_collection in place, so we save a copy first.
# Hash.deep_dup is not sufficient as it preserves references of strings (??!?)
post_collection = Marshal.load(Marshal.dump(test_collection))
- post :create, {
+ post :create, params: {
collection: post_collection
}
foo_collection = collections(:foo_file)
# Get foo_file using its portable data hash
- get :show, {
+ get :show, params: {
id: foo_collection[:portable_data_hash]
}
assert_response :success
permit_unsigned_manifests
authorize_with :active
manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n"
- post :create, {
+ post :create, params: {
collection: {
owner_uuid: 'zzzzz-j7d0g-rew6elm53kancon',
manifest_text: manifest_text,
permit_unsigned_manifests
authorize_with :admin
manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n"
- post :create, {
+ post :create, params: {
collection: {
owner_uuid: 'zzzzz-tpzed-000000000000000',
manifest_text: manifest_text,
if !unsigned
manifest_text = Collection.sign_manifest manifest_text, api_token(:active)
end
- post :create, {
+ post :create, params: {
collection: {
owner_uuid: users(:active).uuid,
manifest_text: manifest_text,
permit_unsigned_manifests
authorize_with :active
manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n"
- post :create, {
+ post :create, params: {
collection: {
owner_uuid: groups(:active_user_has_can_manage).uuid,
manifest_text: manifest_text,
permit_unsigned_manifests
authorize_with :active
manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n"
- post :create, {
+ post :create, params: {
collection: {
owner_uuid: groups(:all_users).uuid,
manifest_text: manifest_text,
permit_unsigned_manifests
authorize_with :active
manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n"
- post :create, {
+ post :create, params: {
collection: {
owner_uuid: groups(:public).uuid,
manifest_text: manifest_text,
permit_unsigned_manifests
authorize_with :admin
manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n"
- post :create, {
+ post :create, params: {
collection: {
owner_uuid: 'zzzzz-j7d0g-it30l961gq3t0oi',
manifest_text: manifest_text,
test "should create with collection passed as json" do
permit_unsigned_manifests
authorize_with :active
- post :create, {
+ post :create, params: {
collection: <<-EOS
{
"manifest_text":". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n",\
test "should fail to create with checksum mismatch" do
permit_unsigned_manifests
authorize_with :active
- post :create, {
+ post :create, params: {
collection: <<-EOS
{
"manifest_text":". d41d8cd98f00b204e9800998ecf8427e 0:0:bar.txt\n",\
test "collection UUID is normalized when created" do
permit_unsigned_manifests
authorize_with :active
- post :create, {
+ post :create, params: {
collection: {
manifest_text: ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n",
portable_data_hash: "d30fe8ae534397864cb96c544f4cf102+47+Khint+Xhint+Zhint"
test "get full provenance for baz file" do
authorize_with :active
- get :provenance, id: 'ea10d51bcf88862dbcc36eb292017dfd+45'
+ get :provenance, params: {id: 'ea10d51bcf88862dbcc36eb292017dfd+45'}
assert_response :success
resp = JSON.parse(@response.body)
assert_not_nil resp['ea10d51bcf88862dbcc36eb292017dfd+45'] # baz
test "get no provenance for foo file" do
# spectator user cannot even see baz collection
authorize_with :spectator
- get :provenance, id: '1f4b0bc7583c2a7f9102c395f4ffc5e3+45'
+ get :provenance, params: {id: '1f4b0bc7583c2a7f9102c395f4ffc5e3+45'}
assert_response 404
end
test "get partial provenance for baz file" do
# spectator user can see bar->baz job, but not foo->bar job
authorize_with :spectator
- get :provenance, id: 'ea10d51bcf88862dbcc36eb292017dfd+45'
+ get :provenance, params: {id: 'ea10d51bcf88862dbcc36eb292017dfd+45'}
assert_response :success
resp = JSON.parse(@response.body)
assert_not_nil resp['ea10d51bcf88862dbcc36eb292017dfd+45'] # baz
test "search collections with 'any' operator" do
expect_pdh = collections(:docker_image).portable_data_hash
authorize_with :active
- get :index, {
+ get :index, params: {
where: { any: ['contains', expect_pdh[5..25]] }
}
assert_response :success
". " + signed_locators[1] + " 0:0:foo.txt\n" +
". " + signed_locators[2] + " 0:0:foo.txt\n"
- post :create, {
+ post :create, params: {
collection: {
manifest_text: signed_manifest,
portable_data_hash: manifest_uuid,
". " + Blob.sign_locator(locators[1], signing_opts) + " 0:0:foo.txt\n" +
". " + Blob.sign_locator(locators[2], signing_opts) + " 0:0:foo.txt\n"
- post :create, {
+ post :create, params: {
collection: {
manifest_text: signed_manifest,
portable_data_hash: manifest_uuid,
unsigned_manifest.length.to_s
bad_manifest = ". #{bad_locator} 0:0:foo.txt\n"
- post :create, {
+ post :create, params: {
collection: {
manifest_text: bad_manifest,
portable_data_hash: manifest_uuid
'+' +
signed_manifest.length.to_s
- post :create, {
+ post :create, params: {
collection: {
manifest_text: signed_manifest,
portable_data_hash: manifest_uuid
test "reject manifest with unsigned block as stream name" do
authorize_with :active
- post :create, {
+ post :create, params: {
collection: {
manifest_text: "00000000000000000000000000000000+1234 d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo.txt\n"
}
portable_data_hash: manifest_uuid,
}
post_collection = Marshal.load(Marshal.dump(test_collection))
- post :create, {
+ post :create, params: {
collection: post_collection
}
assert_response :success
signed_locators = locators.map { |loc| Blob.sign_locator loc, signing_opts }
signed_manifest = [".", *signed_locators, "0:0:foo.txt\n"].join(" ")
- post :create, {
+ post :create, params: {
collection: {
manifest_text: signed_manifest,
portable_data_hash: manifest_uuid,
authorize_with :active
unsigned_manifest = ". 0cc175b9c0f1b6a831c399e269772661+1 0:1:a.txt\n"
manifest_uuid = Digest::MD5.hexdigest(unsigned_manifest)
- post :create, {
+ post :create, params: {
collection: {
manifest_text: unsigned_manifest,
portable_data_hash: manifest_uuid,
test 'List expired collection returns empty list' do
authorize_with :active
- get :index, {
+ get :index, params: {
where: {name: 'expired_collection'},
}
assert_response :success
test 'Show expired collection returns 404' do
authorize_with :active
- get :show, {
+ get :show, params: {
id: 'zzzzz-4zz18-mto52zx1s7sn3ih',
}
assert_response 404
test 'Update expired collection returns 404' do
authorize_with :active
- post :update, {
+ post :update, params: {
id: 'zzzzz-4zz18-mto52zx1s7sn3ih',
collection: {
name: "still expired"
test 'List collection with future expiration time succeeds' do
authorize_with :active
- get :index, {
+ get :index, params: {
where: {name: 'collection_expires_in_future'},
}
found = assigns(:objects)
test 'Show collection with future expiration time succeeds' do
authorize_with :active
- get :show, {
+ get :show, params: {
id: 'zzzzz-4zz18-padkqo7yb8d9i3j',
}
assert_response :success
test 'Update collection with future expiration time succeeds' do
authorize_with :active
- post :update, {
+ post :update, params: {
id: 'zzzzz-4zz18-padkqo7yb8d9i3j',
collection: {
name: "still not expired"
test "get collection and verify that file_names is not included" do
authorize_with :active
- get :show, {id: collections(:foo_file).uuid}
+ get :show, params: {id: collections(:foo_file).uuid}
assert_response :success
assert_equal collections(:foo_file).uuid, json_response['uuid']
assert_nil json_response['file_names']
description = description + description
end
- post :create, collection: {
- manifest_text: ". d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo.txt\n",
- description: description,
+ post :create, params: {
+ collection: {
+ manifest_text: ". d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo.txt\n",
+ description: description,
+ }
}
assert_response expected_response
test "Set replication_desired=#{ask.inspect}" do
Rails.configuration.default_collection_replication = 2
authorize_with :active
- put :update, {
+ put :update, params: {
id: collections(:replication_undesired_unconfirmed).uuid,
collection: {
replication_desired: ask,
test "get collection with properties" do
authorize_with :active
- get :show, {id: collections(:collection_with_one_property).uuid}
+ get :show, params: {id: collections(:collection_with_one_property).uuid}
assert_response :success
assert_not_nil json_response['uuid']
assert_equal 'value1', json_response['properties']['property1']
test "create collection with properties" do
authorize_with :active
manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n"
- post :create, {
+ post :create, params: {
collection: {
manifest_text: manifest_text,
portable_data_hash: "d30fe8ae534397864cb96c544f4cf102+47",
].each do |manifest_text|
test "create collection with invalid manifest #{manifest_text} and expect error" do
authorize_with :active
- post :create, {
+ post :create, params: {
collection: {
manifest_text: manifest_text,
portable_data_hash: "d41d8cd98f00b204e9800998ecf8427e+0"
].each do |manifest_text, pdh|
test "create collection with valid manifest #{manifest_text.inspect} and expect success" do
authorize_with :active
- post :create, {
+ post :create, params: {
collection: {
manifest_text: manifest_text,
portable_data_hash: pdh
].each do |manifest_text|
test "update collection with invalid manifest #{manifest_text} and expect error" do
authorize_with :active
- post :update, {
+ post :update, params: {
id: 'zzzzz-4zz18-bv31uwvy3neko21',
collection: {
manifest_text: manifest_text,
].each do |manifest_text|
test "update collection with valid manifest #{manifest_text.inspect} and expect success" do
authorize_with :active
- post :update, {
+ post :update, params: {
id: 'zzzzz-4zz18-bv31uwvy3neko21',
collection: {
manifest_text: manifest_text,
test 'get trashed collection with include_trash' do
uuid = 'zzzzz-4zz18-mto52zx1s7sn3ih' # expired_collection
authorize_with :active
- get :show, {
+ get :show, params: {
id: uuid,
include_trash: true,
}
test "get trashed collection via filters and #{user} user" do
uuid = 'zzzzz-4zz18-mto52zx1s7sn3ih' # expired_collection
authorize_with user
- get :index, {
+ get :index, params: {
filters: [["current_version_uuid", "=", uuid]],
include_trash: true,
}
test "get trashed collection via filters and #{user} user, including its past versions" do
uuid = 'zzzzz-4zz18-mto52zx1s7sn3ih' # expired_collection
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [["current_version_uuid", "=", uuid]],
include_trash: true,
include_old_versions: true,
versions.each do |col|
refute col.is_trashed
end
- post :trash, {
+ post :trash, params: {
id: uuid,
}
assert_response 200
test 'get trashed collection without include_trash' do
uuid = 'zzzzz-4zz18-mto52zx1s7sn3ih' # expired_collection
authorize_with :active
- get :show, {
+ get :show, params: {
id: uuid,
}
assert_response 404
test 'trash collection using http DELETE verb' do
uuid = collections(:collection_owned_by_active).uuid
authorize_with :active
- delete :destroy, {
+ delete :destroy, params: {
id: uuid,
}
assert_response 200
test 'delete long-trashed collection immediately using http DELETE verb' do
uuid = 'zzzzz-4zz18-mto52zx1s7sn3ih' # expired_collection
authorize_with :active
- delete :destroy, {
+ delete :destroy, params: {
id: uuid,
}
assert_response 200
end
authorize_with :active
time_before_trashing = db_current_time
- post :trash, {
+ post :trash, params: {
id: uuid,
}
assert_response 200
test 'untrash a trashed collection' do
authorize_with :active
- post :untrash, {
+ post :untrash, params: {
id: collections(:expired_collection).uuid,
}
assert_response 200
test 'untrash error on not trashed collection' do
authorize_with :active
- post :untrash, {
+ post :untrash, params: {
id: collections(:collection_owned_by_active).uuid,
}
assert_response 422
[:active, :admin].each do |user|
test "get trashed collections as #{user}" do
authorize_with user
- get :index, {
+ get :index, params: {
filters: [["is_trashed", "=", true]],
include_trash: true,
}
test 'untrash collection with same name as another with no ensure unique name' do
authorize_with :active
- post :untrash, {
+ post :untrash, params: {
id: collections(:trashed_collection_to_test_name_conflict_on_untrash).uuid,
}
assert_response 422
test 'untrash collection with same name as another with ensure unique name' do
authorize_with :active
- post :untrash, {
+ post :untrash, params: {
id: collections(:trashed_collection_to_test_name_conflict_on_untrash).uuid,
ensure_unique_name: true
}
test 'cannot show collection in trashed subproject' do
authorize_with :active
- get :show, {
+ get :show, params: {
id: collections(:collection_in_trashed_subproject).uuid,
format: :json
}
test 'can show collection in untrashed subproject' do
authorize_with :active
Group.find_by_uuid(groups(:trashed_project).uuid).update! is_trashed: false
- get :show, {
+ get :show, params: {
id: collections(:collection_in_trashed_subproject).uuid,
format: :json,
}
test 'cannot index collection in trashed subproject' do
authorize_with :active
- get :index, { limit: 1000 }
+ get :index, params: { limit: 1000 }
assert_response :success
item_uuids = json_response['items'].map do |item|
item['uuid']
test 'can index collection in untrashed subproject' do
authorize_with :active
Group.find_by_uuid(groups(:trashed_project).uuid).update! is_trashed: false
- get :index, { limit: 1000 }
+ get :index, params: { limit: 1000 }
assert_response :success
item_uuids = json_response['items'].map do |item|
item['uuid']
test 'can index trashed subproject collection with include_trash' do
authorize_with :active
- get :index, {
+ get :index, params: {
include_trash: true,
limit: 1000
}
test 'can get collection with past versions' do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['current_version_uuid','=',collections(:collection_owned_by_active).uuid]],
include_old_versions: true
}
test 'can get old version collection by uuid' do
authorize_with :active
- get :show, {
+ get :show, params: {
id: collections(:collection_owned_by_active_past_version_1).uuid,
}
assert_response :success
permit_unsigned_manifests
authorize_with :active
manifest_text = ". d41d8cd98f00b204e9800998ecf8427e 0:0:foo.txt\n"
- post :create, {
+ post :create, params: {
collection: {
name: 'Test collection',
version: 42,
key: Rails.configuration.blob_signing_key,
api_token: token)
authorize_with_token token
- put :update, {
+ put :update, params: {
id: col.uuid,
collection: {
manifest_text: ". #{signed} 0:3:foo.txt\n",
authorize_with :active
sp = {'partitions' => ['test1', 'test2']}
- post :create, {
+ post :create, params: {
container_request: minimal_cr.merge(scheduling_parameters: sp.dup)
}
assert_response :success
test "secret_mounts not in #create responses" do
authorize_with :active
- post :create, {
+ post :create, params: {
container_request: minimal_cr.merge(
secret_mounts: {'/foo' => {'kind' => 'json', 'content' => 'bar'}}),
}
authorize_with :active
req = container_requests(:uncommitted)
- patch :update, {
+ patch :update, params: {
id: req.uuid,
container_request: {
secret_mounts: {'/foo' => {'kind' => 'json', 'content' => 'bar'}},
req = container_requests(:uncommitted)
req.update_attributes!(secret_mounts: {'/foo' => {'kind' => 'json', 'content' => 'bar'}})
- patch :update, {
+ patch :update, params: {
id: req.uuid,
container_request: {
command: ['echo', 'test'],
test "runtime_token not in #create responses" do
authorize_with :active
- post :create, {
+ post :create, params: {
container_request: minimal_cr.merge(
runtime_token: api_client_authorizations(:spectator).token)
}
class Arvados::V1::ContainersControllerTest < ActionController::TestCase
test 'create' do
authorize_with :system_user
- post :create, {
+ post :create, params: {
container: {
command: ['echo', 'hello'],
container_image: 'test',
[Container::Queued, Container::Complete].each do |state|
test "cannot get auth in #{state} state" do
authorize_with :dispatch1
- get :auth, id: containers(:queued).uuid
+ get :auth, params: {id: containers(:queued).uuid}
assert_response 403
end
end
assert c.lock, show_errors(c)
authorize_with :system_user
- get :auth, id: c.uuid
+ get :auth, params: {id: c.uuid}
assert_response 403
end
authorize_with :dispatch1
c = containers(:queued)
assert c.lock, show_errors(c)
- get :auth, id: c.uuid
+ get :auth, params: {id: c.uuid}
assert_response :success
assert_operator 32, :<, json_response['api_token'].length
assert_equal 'arvados#apiClientAuthorization', json_response['kind']
authorize_with :dispatch1
c = containers(:queued)
assert c.lock, show_errors(c)
- get :show, id: c.uuid
+ get :show, params: {id: c.uuid}
assert_response :success
assert_nil json_response['auth']
assert_nil json_response['secret_mounts']
test "lock container" do
authorize_with :dispatch1
uuid = containers(:queued).uuid
- post :lock, {id: uuid}
+ post :lock, params: {id: uuid}
assert_response :success
assert_nil json_response['mounts']
assert_nil json_response['command']
test "unlock container" do
authorize_with :dispatch1
uuid = containers(:locked).uuid
- post :unlock, {id: uuid}
+ post :unlock, params: {id: uuid}
assert_response :success
assert_nil json_response['mounts']
assert_nil json_response['command']
test "unlock container locked by different dispatcher" do
authorize_with :dispatch2
uuid = containers(:locked).uuid
- post :unlock, {id: uuid}
+ post :unlock, params: {id: uuid}
assert_response 422
end
test "state transitions from #{fixture} to #{action}" do
authorize_with :dispatch1
uuid = containers(fixture).uuid
- post action, {id: uuid}
+ post action, params: {id: uuid}
assert_response response
assert_equal state, Container.where(uuid: uuid).first.state
end
].each do |expect_success, auth|
test "get secret_mounts with #{auth} token" do
authorize_with auth
- get :secret_mounts, {id: containers(:running).uuid}
+ get :secret_mounts, params: {id: containers(:running).uuid}
if expect_success
assert_response :success
assert_equal "42\n", json_response["secret_mounts"]["/secret/6x9"]["content"]
test 'get runtime_token auth' do
authorize_with :dispatch2
c = containers(:runtime_token)
- get :auth, id: c.uuid
+ get :auth, params: {id: c.uuid}
assert_response :success
assert_equal "v2/#{json_response['uuid']}/#{json_response['api_token']}", api_client_authorizations(:container_runtime_token).token
assert_equal 'arvados#apiClientAuthorization', json_response['kind']
end
-
end
test '"not in" filter passes null values' do
@controller = Arvados::V1::GroupsController.new
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['group_class', 'not in', ['project']] ],
controller: 'groups',
}
test 'error message for non-array element in filters array' do
@controller = Arvados::V1::CollectionsController.new
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [{bogus: 'filter'}],
}
assert_response 422
test 'error message for full text search on a specific column' do
@controller = Arvados::V1::CollectionsController.new
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['uuid', '@@', 'abcdef']],
}
assert_response 422
test 'difficult characters in full text search' do
@controller = Arvados::V1::CollectionsController.new
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['any', '@@', 'a|b"c']],
}
assert_response :success
test 'array operand in full text search' do
@controller = Arvados::V1::CollectionsController.new
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['any', '@@', ['abc', 'def']]],
}
assert_response 422
timestamp = mine.modified_at.strftime('%Y-%m-%dT%H:%M:%S.%NZ')
@controller = Arvados::V1::CollectionsController.new
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['modified_at', operator, timestamp],
['uuid', '=', mine.uuid]],
}
@controller = Arvados::V1::GroupsController.new
authorize_with :admin
- get :contents, {
+ get :contents, params: {
format: :json,
count: 'none',
limit: 1000,
@controller = Arvados::V1::GroupsController.new
- get :contents, {
+ get :contents, params: {
format: :json,
count: 'none',
limit: 1000,
test "jsonb filter properties.#{prop} #{op} #{opr})" do
@controller = Arvados::V1::CollectionsController.new
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: SafeJSON.dump([ ["properties.#{prop}", op, opr] ]),
limit: 1000
}
test "jsonb hash 'exists' and '!=' filter" do
@controller = Arvados::V1::CollectionsController.new
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['properties.prop1', 'exists', true], ['properties.prop1', '!=', 'value1'] ]
}
assert_response :success
test "jsonb array 'exists'" do
@controller = Arvados::V1::CollectionsController.new
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['storage_classes_confirmed.default', 'exists', true] ]
}
assert_response :success
test "jsonb hash alternate form 'exists' and '!=' filter" do
@controller = Arvados::V1::CollectionsController.new
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['properties', 'exists', 'prop1'], ['properties.prop1', '!=', 'value1'] ]
}
assert_response :success
test "jsonb array alternate form 'exists' filter" do
@controller = Arvados::V1::CollectionsController.new
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['storage_classes_confirmed', 'exists', 'default'] ]
}
assert_response :success
test "jsonb 'exists' must be boolean" do
@controller = Arvados::V1::CollectionsController.new
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['properties.prop1', 'exists', nil] ]
}
assert_response 422
test "jsonb checks column exists" do
@controller = Arvados::V1::CollectionsController.new
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['puppies.prop1', '=', 'value1'] ]
}
assert_response 422
test "jsonb checks column is valid" do
@controller = Arvados::V1::CollectionsController.new
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['name.prop1', '=', 'value1'] ]
}
assert_response 422
test "jsonb invalid operator" do
@controller = Arvados::V1::CollectionsController.new
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['properties.prop1', '###', 'value1'] ]
}
assert_response 422
test "replication_desired = 2" do
@controller = Arvados::V1::CollectionsController.new
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: SafeJSON.dump([ ['replication_desired', '=', 2] ])
}
assert_response :success
assert_includes(found, collections(:replication_desired_2_unconfirmed).uuid)
assert_includes(found, collections(:replication_desired_2_confirmed_2).uuid)
end
-
end
test "attempt to delete group without read or write access" do
authorize_with :active
- post :destroy, id: groups(:empty_lonely_group).uuid
+ post :destroy, params: {id: groups(:empty_lonely_group).uuid}
assert_response 404
end
test "attempt to delete group without write access" do
authorize_with :active
- post :destroy, id: groups(:all_users).uuid
+ post :destroy, params: {id: groups(:all_users).uuid}
assert_response 403
end
test "get list of projects" do
authorize_with :active
- get :index, filters: [['group_class', '=', 'project']], format: :json
+ get :index, params: {filters: [['group_class', '=', 'project']], format: :json}
assert_response :success
group_uuids = []
json_response['items'].each do |group|
test "get list of groups that are not projects" do
authorize_with :active
- get :index, filters: [['group_class', '!=', 'project']], format: :json
+ get :index, params: {filters: [['group_class', '!=', 'project']], format: :json}
assert_response :success
group_uuids = []
json_response['items'].each do |group|
test "get list of groups with bogus group_class" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['group_class', '=', 'nogrouphasthislittleclass']],
format: :json,
}
test 'get group-owned objects' do
authorize_with :active
- get :contents, {
+ get :contents, params: {
id: groups(:aproject).uuid,
format: :json,
}
test "user with project read permission can see project objects" do
authorize_with :project_viewer
- get :contents, {
+ get :contents, params: {
id: groups(:aproject).uuid,
format: :json,
}
test "list objects across projects" do
authorize_with :project_viewer
- get :contents, {
+ get :contents, params: {
format: :json,
filters: [['uuid', 'is_a', 'arvados#specimen']]
}
test "list trashed collections and projects" do
authorize_with :active
- get(:contents, {
+ get(:contents, params: {
format: :json,
include_trash: true,
filters: [
test "list objects in home project" do
authorize_with :active
- get :contents, {
+ get :contents, params: {
format: :json,
limit: 200,
id: users(:active).uuid
test "user with project read permission can see project collections" do
authorize_with :project_viewer
- get :contents, {
+ get :contents, params: {
id: groups(:asubproject).uuid,
format: :json,
}
].each do |column, order, operator, field|
test "user with project read permission can sort projects on #{column} #{order}" do
authorize_with :project_viewer
- get :contents, {
+ get :contents, params: {
id: groups(:asubproject).uuid,
format: :json,
filters: [['uuid', 'is_a', "arvados#collection"]],
# project tests.
def check_new_project_link_fails(link_attrs)
@controller = Arvados::V1::LinksController.new
- post :create, link: {
- link_class: "permission",
- name: "can_read",
- head_uuid: groups(:aproject).uuid,
- }.merge(link_attrs)
+ post :create, params: {
+ link: {
+ link_class: "permission",
+ name: "can_read",
+ head_uuid: groups(:aproject).uuid,
+ }.merge(link_attrs)
+ }
assert_includes(403..422, response.status)
end
test "user with project read permission can't rename items in it" do
authorize_with :project_viewer
@controller = Arvados::V1::LinksController.new
- post :update, {
+ post :update, params: {
id: jobs(:running).uuid,
name: "Denied test name",
}
test "user with project read permission can't remove items from it" do
@controller = Arvados::V1::PipelineTemplatesController.new
authorize_with :project_viewer
- post :update, {
+ post :update, params: {
id: pipeline_templates(:two_part).uuid,
pipeline_template: {
owner_uuid: users(:project_viewer).uuid,
test "user with project read permission can't delete it" do
authorize_with :project_viewer
- post :destroy, {id: groups(:aproject).uuid}
+ post :destroy, params: {id: groups(:aproject).uuid}
assert_response 403
end
test 'get group-owned objects with limit' do
authorize_with :active
- get :contents, {
+ get :contents, params: {
id: groups(:aproject).uuid,
limit: 1,
format: :json,
test 'get group-owned objects with limit and offset' do
authorize_with :active
- get :contents, {
+ get :contents, params: {
id: groups(:aproject).uuid,
limit: 1,
offset: 12345,
test 'get group-owned objects with additional filter matching nothing' do
authorize_with :active
- get :contents, {
+ get :contents, params: {
id: groups(:aproject).uuid,
filters: [['uuid', 'in', ['foo_not_a_uuid','bar_not_a_uuid']]],
format: :json,
['foo', '', '1234five', '0x10', '-8'].each do |val|
test "Raise error on bogus #{arg} parameter #{val.inspect}" do
authorize_with :active
- get :contents, {
+ get :contents, params: {
:id => groups(:aproject).uuid,
:format => :json,
arg => val,
test "Collection contents don't include manifest_text" do
authorize_with :active
- get :contents, {
+ get :contents, params: {
id: groups(:aproject).uuid,
filters: [["uuid", "is_a", "arvados#collection"]],
format: :json,
test 'get writable_by list for owned group' do
authorize_with :active
- get :show, {
+ get :show, params: {
id: groups(:aproject).uuid,
format: :json
}
test 'no writable_by list for group with read-only access' do
authorize_with :rominiadmin
- get :show, {
+ get :show, params: {
id: groups(:testusergroup_admins).uuid,
format: :json
}
test 'get writable_by list by admin user' do
authorize_with :admin
- get :show, {
+ get :show, params: {
id: groups(:testusergroup_admins).uuid,
format: :json
}
test 'creating subproject with duplicate name fails' do
authorize_with :active
- post :create, {
+ post :create, params: {
group: {
name: 'A Project',
owner_uuid: users(:active).uuid,
test 'creating duplicate named subproject succeeds with ensure_unique_name' do
authorize_with :active
- post :create, {
+ post :create, params: {
group: {
name: 'A Project',
owner_uuid: users(:active).uuid,
# remove sharing link for project
@controller = Arvados::V1::LinksController.new
authorize_with :admin
- post :destroy, id: links(:share_starred_project_with_project_viewer).uuid
+ post :destroy, params: {id: links(:share_starred_project_with_project_viewer).uuid}
assert_response :success
# verify that the user can no longer see the project
@test_counter = 0 # Reset executed action counter
@controller = Arvados::V1::GroupsController.new
authorize_with :project_viewer
- get :index, filters: [['group_class', '=', 'project']], format: :json
+ get :index, params: {filters: [['group_class', '=', 'project']], format: :json}
assert_response :success
found_projects = {}
json_response['items'].each do |g|
@test_counter = 0
@controller = Arvados::V1::LinksController.new
authorize_with :system_user
- post :create, link: {
- link_class: "permission",
- name: "can_read",
- head_uuid: groups(:starred_and_shared_active_user_project).uuid,
- tail_uuid: users(:project_viewer).uuid,
+ post :create, params: {
+ link: {
+ link_class: "permission",
+ name: "can_read",
+ head_uuid: groups(:starred_and_shared_active_user_project).uuid,
+ tail_uuid: users(:project_viewer).uuid,
+ }
}
# verify that project_viewer user can now see shared project again
@test_counter = 0
@controller = Arvados::V1::GroupsController.new
authorize_with :project_viewer
- get :index, filters: [['group_class', '=', 'project']], format: :json
+ get :index, params: {filters: [['group_class', '=', 'project']], format: :json}
assert_response :success
found_projects = {}
json_response['items'].each do |g|
].each do |filter, expect_code, expect_uuid, not_expect_uuid|
test "get contents with '#{filter}' filter" do
authorize_with :active
- get :contents, filters: [filter], format: :json
+ get :contents, params: {filters: [filter], format: :json}
assert_response expect_code
if expect_code == 200
assert_not_empty json_response['items']
Rails.configuration.disable_api_methods = ['jobs.index', 'pipeline_instances.index']
authorize_with :active
- get :contents, {
+ get :contents, params: {
id: groups(:aproject).uuid,
format: :json,
}
# restricted column
Rails.configuration.max_index_database_read = 12
authorize_with :active
- get :contents, {
+ get :contents, params: {
id: groups(:aproject).uuid,
format: :json,
}
recursive: true,
format: :json,
}
- get :contents, params
+ get :contents, params: params
owners = json_response['items'].map do |item|
item['owner_uuid']
end
format: :json,
}
params[:recursive] = false if recursive == false
- get :contents, params
+ get :contents, params: params
owners = json_response['items'].map do |item|
item['owner_uuid']
end
test 'get home project contents, recursive=true' do
authorize_with :active
- get :contents, {
+ get :contents, params: {
id: users(:active).uuid,
recursive: true,
format: :json,
untrash.each do |pr|
Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false
end
- get :contents, {
+ get :contents, params: {
id: groups(project).owner_uuid,
format: :json
}
untrash.each do |pr|
Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false
end
- get :contents, {
+ get :contents, params: {
id: groups(project).uuid,
format: :json
}
untrash.each do |pr|
Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false
end
- get :index, {
+ get :index, params: {
format: :json,
}
assert_response :success
untrash.each do |pr|
Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false
end
- get :show, {
+ get :show, params: {
id: groups(project).uuid,
format: :json
}
untrash.each do |pr|
Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false
end
- get :show, {
+ get :show, params: {
id: groups(project).uuid,
format: :json,
include_trash: true
untrash.each do |pr|
Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false
end
- get :index, {
+ get :index, params: {
format: :json,
include_trash: true
}
Group.find_by_uuid(groups(pr).uuid).update! is_trashed: false
end
assert !Group.find_by_uuid(groups(:trashed_project).uuid).is_trashed
- post :destroy, {
+ post :destroy, params: {
id: groups(:trashed_project).uuid,
format: :json,
}
test "untrash project #{auth}" do
authorize_with auth
assert Group.find_by_uuid(groups(:trashed_project).uuid).is_trashed
- post :untrash, {
+ post :untrash, params: {
id: groups(:trashed_project).uuid,
format: :json,
}
gc = Group.create!({owner_uuid: "zzzzz-j7d0g-trashedproject1",
name: "trashed subproject 3",
group_class: "project"})
- post :untrash, {
+ post :untrash, params: {
id: groups(:trashed_subproject3).uuid,
format: :json,
ensure_unique_name: true
test "move trashed subproject to new owner #{auth}" do
authorize_with auth
assert_nil Group.readable_by(users(auth)).where(uuid: groups(:trashed_subproject).uuid).first
- put :update, {
+ put :update, params: {
id: groups(:trashed_subproject).uuid,
group: {
owner_uuid: users(:active).uuid
head_uuid: groups(:project_owned_by_foo).uuid)
end
- get :shared, {:filters => [["group_class", "=", "project"]], :include => "owner_uuid"}
+ get :shared, params: {:filters => [["group_class", "=", "project"]], :include => "owner_uuid"}
assert_equal 1, json_response['items'].length
assert_equal json_response['items'][0]["uuid"], groups(:project_owned_by_foo).uuid
head_uuid: groups(:project_owned_by_foo).uuid)
end
- get :shared, {:filters => [["group_class", "=", "project"]], :include => "owner_uuid"}
+ get :shared, params: {:filters => [["group_class", "=", "project"]], :include => "owner_uuid"}
assert_equal 1, json_response['items'].length
assert_equal json_response['items'][0]["uuid"], groups(:project_owned_by_foo).uuid
Group.find_by_uuid(groups(:project_owned_by_foo).uuid).update!(owner_uuid: groups(:group_for_sharing_tests).uuid)
end
- get :shared, {:filters => [["group_class", "=", "project"]], :include => "owner_uuid"}
+ get :shared, params: {:filters => [["group_class", "=", "project"]], :include => "owner_uuid"}
assert_equal 1, json_response['items'].length
assert_equal json_response['items'][0]["uuid"], groups(:project_owned_by_foo).uuid
head_uuid: collections(:collection_owned_by_foo).uuid)
end
- get :contents, {:include => "owner_uuid", :exclude_home_project => true}
+ get :contents, params: {:include => "owner_uuid", :exclude_home_project => true}
assert_equal 2, json_response['items'].length
assert_equal json_response['items'][0]["uuid"], groups(:project_owned_by_foo).uuid
head_uuid: groups(:project_owned_by_foo).uuid)
end
- get :contents, {:include => "owner_uuid", :exclude_home_project => true}
+ get :contents, params: {:include => "owner_uuid", :exclude_home_project => true}
assert_equal 1, json_response['items'].length
assert_equal json_response['items'][0]["uuid"], groups(:project_owned_by_foo).uuid
Group.find_by_uuid(groups(:project_owned_by_foo).uuid).update!(owner_uuid: groups(:group_for_sharing_tests).uuid)
end
- get :contents, {:include => "owner_uuid", :exclude_home_project => true}
+ get :contents, params: {:include => "owner_uuid", :exclude_home_project => true}
assert_equal 1, json_response['items'].length
assert_equal json_response['items'][0]["uuid"], groups(:project_owned_by_foo).uuid
assert_equal json_response['included'][0]["uuid"], groups(:group_for_sharing_tests).uuid
end
-
test 'contents, exclude home, with parent specified' do
authorize_with :active
- get :contents, {id: groups(:aproject).uuid, :include => "owner_uuid", :exclude_home_project => true}
+ get :contents, params: {id: groups(:aproject).uuid, :include => "owner_uuid", :exclude_home_project => true}
assert_response 422
end
-
end
end
test "reuse job with no_reuse=false" do
- post :create, job: {
- no_reuse: false,
- script: "hash",
- script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
- repository: "active/foo",
- script_parameters: {
- an_integer: '1',
- input: 'fa7aeb5140e2848d39b416daeef4ffc5+45'
+ post :create, params: {
+ job: {
+ no_reuse: false,
+ script: "hash",
+ script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
+ repository: "active/foo",
+ script_parameters: {
+ an_integer: '1',
+ input: 'fa7aeb5140e2848d39b416daeef4ffc5+45'
+ }
}
}
assert_response :success
end
test "reuse job with find_or_create=true" do
- post :create, {
+ post :create, params: {
job: {
script: "hash",
script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
end
test "no reuse job with null log" do
- post :create, {
+ post :create, params: {
job: {
script: "hash",
script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
end
test "reuse job with symbolic script_version" do
- post :create, {
+ post :create, params: {
job: {
script: "hash",
script_version: "tag1",
end
test "do not reuse job because no_reuse=true" do
- post :create, {
+ post :create, params: {
job: {
no_reuse: true,
script: "hash",
[false, "false"].each do |whichfalse|
test "do not reuse job because find_or_create=#{whichfalse.inspect}" do
- post :create, {
+ post :create, params: {
job: {
script: "hash",
script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
test "do not reuse job because output is not readable by user" do
authorize_with :job_reader
- post :create, {
+ post :create, params: {
job: {
script: "hash",
script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
end
test "test_cannot_reuse_job_no_output" do
- post :create, job: {
- no_reuse: false,
- script: "hash",
- script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
- repository: "active/foo",
- script_parameters: {
- input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
- an_integer: '2'
+ post :create, params: {
+ job: {
+ no_reuse: false,
+ script: "hash",
+ script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
+ repository: "active/foo",
+ script_parameters: {
+ input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
+ an_integer: '2'
+ }
}
}
assert_response :success
end
test "test_reuse_job_range" do
- post :create, job: {
- no_reuse: false,
- script: "hash",
- minimum_script_version: "tag1",
- script_version: "master",
- repository: "active/foo",
- script_parameters: {
- input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
- an_integer: '1'
+ post :create, params: {
+ job: {
+ no_reuse: false,
+ script: "hash",
+ minimum_script_version: "tag1",
+ script_version: "master",
+ repository: "active/foo",
+ script_parameters: {
+ input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
+ an_integer: '1'
+ }
}
}
assert_response :success
end
test "cannot_reuse_job_no_minimum_given_so_must_use_specified_commit" do
- post :create, job: {
- no_reuse: false,
- script: "hash",
- script_version: "master",
- repository: "active/foo",
- script_parameters: {
- input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
- an_integer: '1'
+ post :create, params: {
+ job: {
+ no_reuse: false,
+ script: "hash",
+ script_version: "master",
+ repository: "active/foo",
+ script_parameters: {
+ input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
+ an_integer: '1'
+ }
}
}
assert_response :success
end
test "test_cannot_reuse_job_different_input" do
- post :create, job: {
- no_reuse: false,
- script: "hash",
- script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
- repository: "active/foo",
- script_parameters: {
- input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
- an_integer: '2'
+ post :create, params: {
+ job: {
+ no_reuse: false,
+ script: "hash",
+ script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
+ repository: "active/foo",
+ script_parameters: {
+ input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
+ an_integer: '2'
+ }
}
}
assert_response :success
end
test "test_cannot_reuse_job_different_version" do
- post :create, job: {
- no_reuse: false,
- script: "hash",
- script_version: "master",
- repository: "active/foo",
- script_parameters: {
- input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
- an_integer: '2'
+ post :create, params: {
+ job: {
+ no_reuse: false,
+ script: "hash",
+ script_version: "master",
+ repository: "active/foo",
+ script_parameters: {
+ input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
+ an_integer: '2'
+ }
}
}
assert_response :success
end
test "test_can_reuse_job_submitted_nondeterministic" do
- post :create, job: {
- no_reuse: false,
- script: "hash",
- script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
- repository: "active/foo",
- script_parameters: {
- input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
- an_integer: '1'
- },
- nondeterministic: true
+ post :create, params: {
+ job: {
+ no_reuse: false,
+ script: "hash",
+ script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
+ repository: "active/foo",
+ script_parameters: {
+ input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
+ an_integer: '1'
+ },
+ nondeterministic: true
+ }
}
assert_response :success
assert_not_nil assigns(:object)
end
test "test_cannot_reuse_job_past_nondeterministic" do
- post :create, job: {
- no_reuse: false,
- script: "hash2",
- script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
- repository: "active/foo",
- script_parameters: {
- input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
- an_integer: '1'
+ post :create, params: {
+ job: {
+ no_reuse: false,
+ script: "hash2",
+ script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
+ repository: "active/foo",
+ script_parameters: {
+ input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
+ an_integer: '1'
+ }
}
}
assert_response :success
test "test_cannot_reuse_job_no_permission" do
authorize_with :spectator
- post :create, job: {
- no_reuse: false,
- script: "hash",
- script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
- repository: "active/foo",
- script_parameters: {
- input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
- an_integer: '1'
+ post :create, params: {
+ job: {
+ no_reuse: false,
+ script: "hash",
+ script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
+ repository: "active/foo",
+ script_parameters: {
+ input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
+ an_integer: '1'
+ }
}
}
assert_response :success
end
test "test_cannot_reuse_job_excluded" do
- post :create, job: {
- no_reuse: false,
- script: "hash",
- minimum_script_version: "31ce37fe365b3dc204300a3e4c396ad333ed0556",
- script_version: "master",
- repository: "active/foo",
- exclude_script_versions: ["tag1"],
- script_parameters: {
- input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
- an_integer: '1'
+ post :create, params: {
+ job: {
+ no_reuse: false,
+ script: "hash",
+ minimum_script_version: "31ce37fe365b3dc204300a3e4c396ad333ed0556",
+ script_version: "master",
+ repository: "active/foo",
+ exclude_script_versions: ["tag1"],
+ script_parameters: {
+ input: 'fa7aeb5140e2848d39b416daeef4ffc5+45',
+ an_integer: '1'
+ }
}
}
assert_response :success
end
test "cannot reuse job with find_or_create but excluded version" do
- post :create, {
+ post :create, params: {
job: {
script: "hash",
script_version: "master",
test "can reuse a Job based on filters" do
filters_hash = BASE_FILTERS.
merge('script_version' => ['in git', 'tag1'])
- post(:create, {
+ post(:create, params: {
job: {
script: "hash",
script_version: "master",
filters += [["script_version", "in git",
"31ce37fe365b3dc204300a3e4c396ad333ed0556"],
["script_version", "not in git", ["tag1"]]]
- post(:create, {
+ post(:create, params: {
job: {
script: "hash",
script_version: "master",
test "can not reuse a Job based on arbitrary filters" do
filters_hash = BASE_FILTERS.
merge("created_at" => ["<", "2010-01-01T00:00:00Z"])
- post(:create, {
+ post(:create, params: {
job: {
script: "hash",
script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
end
test "can reuse a Job with a Docker image" do
- post(:create, {
+ post(:create, params: {
job: {
script: "hash",
script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
["=", "4fe459abe02d9b365932b8f5dc419439ab4e2577"],
"docker_image_locator" =>
["in docker", links(:docker_image_collection_hash).name])
- post(:create, {
+ post(:create, params: {
job: {
script: "hash",
script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
["=", "4fe459abe02d9b365932b8f5dc419439ab4e2577"],
"docker_image_locator" =>
["in docker", links(:docker_image_collection_tag2).name])
- post(:create, {
+ post(:create, params: {
job: {
script: "hash",
script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
test "new job with unknown Docker image filter" do
filters_hash = BASE_FILTERS.
merge("docker_image_locator" => ["in docker", "_nonesuchname_"])
- post(:create, {
+ post(:create, params: {
job: {
script: "hash",
script_version: "4fe459abe02d9b365932b8f5dc419439ab4e2577",
["repository", "script"].each do |skip_key|
test "missing #{skip_key} filter raises an error" do
filters = filters_from_hash(BASE_FILTERS.reject { |k| k == skip_key })
- post(:create, {
+ post(:create, params: {
job: {
script: "hash",
script_version: "master",
end
test "find Job with script version range" do
- get :index, filters: [["repository", "=", "active/foo"],
- ["script", "=", "hash"],
- ["script_version", "in git", "tag1"]]
+ get :index, params: {
+ filters: [["repository", "=", "active/foo"],
+ ["script", "=", "hash"],
+ ["script_version", "in git", "tag1"]]
+ }
assert_response :success
assert_not_nil assigns(:objects)
assert_includes(assigns(:objects).map { |job| job.uuid },
end
test "find Job with script version range exclusions" do
- get :index, filters: [["repository", "=", "active/foo"],
- ["script", "=", "hash"],
- ["script_version", "not in git", "tag1"]]
+ get :index, params: {
+ filters: [["repository", "=", "active/foo"],
+ ["script", "=", "hash"],
+ ["script_version", "not in git", "tag1"]]
+ }
assert_response :success
assert_not_nil assigns(:objects)
refute_includes(assigns(:objects).map { |job| job.uuid },
end
test "find Job with Docker image range" do
- get :index, filters: [["docker_image_locator", "in docker",
- "arvados/apitestfixture"]]
+ get :index, params: {
+ filters: [["docker_image_locator", "in docker",
+ "arvados/apitestfixture"]]
+ }
assert_response :success
assert_not_nil assigns(:objects)
assert_includes(assigns(:objects).map { |job| job.uuid },
test "find Job with Docker image using reader tokens" do
authorize_with :inactive
- get(:index, {
+ get(:index, params: {
filters: [["docker_image_locator", "in docker",
"arvados/apitestfixture"]],
reader_tokens: [api_token(:active)],
end
test "'in docker' filter accepts arrays" do
- get :index, filters: [["docker_image_locator", "in docker",
- ["_nonesuchname_", "arvados/apitestfixture"]]]
+ get :index, params: {
+ filters: [["docker_image_locator", "in docker",
+ ["_nonesuchname_", "arvados/apitestfixture"]]]
+ }
assert_response :success
assert_not_nil assigns(:objects)
assert_includes(assigns(:objects).map { |job| job.uuid },
end
test "'not in docker' filter accepts arrays" do
- get :index, filters: [["docker_image_locator", "not in docker",
- ["_nonesuchname_", "arvados/apitestfixture"]]]
+ get :index, params: {
+ filters: [["docker_image_locator", "not in docker",
+ ["_nonesuchname_", "arvados/apitestfixture"]]]
+ }
assert_response :success
assert_not_nil assigns(:objects)
assert_includes(assigns(:objects).map { |job| job.uuid },
end
def create_job_from(params, start_from)
- post(:create, create_job_params(params, start_from))
+ post(:create, params: create_job_params(params, start_from))
assert_response :success
new_job = assigns(:object)
assert_not_nil new_job
end
def check_errors_from(params, start_from=DEFAULT_START_JOB)
- post(:create, create_job_params(params, start_from))
+ post(:create, params: create_job_params(params, start_from))
assert_includes(405..499, @response.code.to_i)
errors = json_response.fetch("errors", [])
assert(errors.any?, "no errors assigned from #{params}")
"docker_image_locator" => ["=", prev_job.docker_image_locator])
filters_hash.delete("script_version")
params = create_job_params(filters: filters_from_hash(filters_hash))
- post(:create, params)
+ post(:create, params: params)
assert_response :success
assert_equal(prev_job.uuid, assigns(:object).uuid)
end
test "submit a job" do
authorize_with :active
- post :create, job: {
- script: "hash",
- script_version: "master",
- repository: "active/foo",
- script_parameters: {}
+ post :create, params: {
+ job: {
+ script: "hash",
+ script_version: "master",
+ repository: "active/foo",
+ script_parameters: {}
+ }
}
assert_response :success
assert_not_nil assigns(:object)
test "normalize output and log uuids when creating job" do
authorize_with :active
- post :create, job: {
- script: "hash",
- script_version: "master",
- script_parameters: {},
- repository: "active/foo",
- started_at: Time.now,
- finished_at: Time.now,
- running: false,
- success: true,
- output: 'd41d8cd98f00b204e9800998ecf8427e+0+K@xyzzy',
- log: 'd41d8cd98f00b204e9800998ecf8427e+0+K@xyzzy'
+ post :create, params: {
+ job: {
+ script: "hash",
+ script_version: "master",
+ script_parameters: {},
+ repository: "active/foo",
+ started_at: Time.now,
+ finished_at: Time.now,
+ running: false,
+ success: true,
+ output: 'd41d8cd98f00b204e9800998ecf8427e+0+K@xyzzy',
+ log: 'd41d8cd98f00b204e9800998ecf8427e+0+K@xyzzy'
+ }
}
assert_response :success
assert_not_nil assigns(:object)
new_output = 'd41d8cd98f00b204e9800998ecf8427e+0+K@xyzzy'
new_log = 'd41d8cd98f00b204e9800998ecf8427e+0+K@xyzzy'
- put :update, {
+ put :update, params: {
id: foobar_job['uuid'],
job: {
output: new_output,
end
authorize_with :active
- put :update, {
+ put :update, params: {
id: jobs(:running).uuid,
job: {
cancelled_at: 4.day.ago
end
authorize_with :active
- self.send http_method, action, { id: jobs(:cancelled).uuid }.merge(params)
+ self.send http_method, action, params: { id: jobs(:cancelled).uuid }.merge(params)
assert_response expected_response
if expected_response == :success
job = json_response
end
authorize_with :active
- put :update, {
+ put :update, params: {
id: jobs(:running_cancelled).uuid,
job: {
cancelled_at: nil
['abc.py', 'hash.py'].each do |script|
test "update job script attribute to #{script} without failing script_version check" do
authorize_with :admin
- put :update, {
+ put :update, params: {
id: jobs(:uses_nonexistent_script_version).uuid,
job: {
script: script
test "search jobs by uuid with >= query" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['uuid', '>=', 'zzzzz-8i9sb-pshmckwoma9plh7']]
}
assert_response :success
test "search jobs by uuid with <= query" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['uuid', '<=', 'zzzzz-8i9sb-pshmckwoma9plh7']]
}
assert_response :success
test "search jobs by uuid with >= and <= query" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['uuid', '>=', 'zzzzz-8i9sb-pshmckwoma9plh7'],
['uuid', '<=', 'zzzzz-8i9sb-pshmckwoma9plh7']]
}
test "search jobs by uuid with < query" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['uuid', '<', 'zzzzz-8i9sb-pshmckwoma9plh7']]
}
assert_response :success
test "search jobs by uuid with like query" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['uuid', 'like', '%hmckwoma9pl%']]
}
assert_response :success
test "search jobs by uuid with 'in' query" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['uuid', 'in', ['zzzzz-8i9sb-4cf0nhn6xte809j',
'zzzzz-8i9sb-pshmckwoma9plh7']]]
}
exclude_uuids = [jobs(:running).uuid,
jobs(:running_cancelled).uuid]
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['uuid', 'not in', exclude_uuids]]
}
assert_response :success
['output', nil]].each do |attr, operand|
test "search jobs with #{attr} #{operator} #{operand.inspect} query" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [[attr, operator, operand]]
}
assert_response :success
test "search jobs by started_at with < query" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['started_at', '<', Time.now.to_s]]
}
assert_response :success
test "search jobs by started_at with > query" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['started_at', '>', Time.now.to_s]]
}
assert_response :success
test "search jobs by started_at with >= query on metric date" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['started_at', '>=', '2014-01-01']]
}
assert_response :success
test "search jobs by started_at with >= query on metric date and time" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['started_at', '>=', '2014-01-01 01:23:45']]
}
assert_response :success
test "search jobs with 'any' operator" do
authorize_with :active
- get :index, {
+ get :index, params: {
where: { any: ['contains', 'pshmckw'] }
}
assert_response :success
test "search jobs by nonexistent column with < query" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['is_borked', '<', 'fizzbuzz']]
}
assert_response 422
test "finish a job" do
authorize_with :active
- put :update, {
+ put :update, params: {
id: jobs(:nearly_finished_job).uuid,
job: {
output: '551392cc37a317abf865b95f66f4ef94+101',
test "get job queue as with a = filter" do
authorize_with :admin
- get :queue, { filters: [['script','=','foo']] }
+ get :queue, params: { filters: [['script','=','foo']] }
assert_response :success
assert_equal ['foo'], assigns(:objects).collect(&:script).uniq
assert_equal 0, assigns(:objects)[0].queue_position
test "get job queue as with a != filter" do
authorize_with :admin
- get :queue, { filters: [['script','!=','foo']] }
+ get :queue, params: { filters: [['script','!=','foo']] }
assert_response :success
assert_equal 0, assigns(:objects).count
end
test "job includes assigned nodes" do
authorize_with :active
- get :show, {id: jobs(:nearly_finished_job).uuid}
+ get :show, params: {id: jobs(:nearly_finished_job).uuid}
assert_response :success
assert_equal([nodes(:busy).uuid], json_response["node_uuids"])
end
test "job lock success" do
authorize_with :active
- post :lock, {id: jobs(:queued).uuid}
+ post :lock, params: {id: jobs(:queued).uuid}
assert_response :success
job = Job.where(uuid: jobs(:queued).uuid).first
assert_equal "Running", job.state
test "job lock conflict" do
authorize_with :active
- post :lock, {id: jobs(:running).uuid}
+ post :lock, params: {id: jobs(:running).uuid}
assert_response 422 # invalid state transition
end
authorize_with :active
url = "http://localhost:1/fake/fake.git"
fetch_remote_from_local_repo url, :foo
- post :create, job: {
- script: "hash",
- script_version: "abc123",
- repository: url,
- script_parameters: {}
+ post :create, params: {
+ job: {
+ script: "hash",
+ script_version: "abc123",
+ repository: url,
+ script_parameters: {}
+ }
}
assert_response 422
end
authorize_with :active
url = "http://localhost:1/fake/fake.git"
fetch_remote_from_local_repo url, :foo
- post :create, job: {
- script: "hash",
- script_version: "master",
- repository: url,
- script_parameters: {}
+ post :create, params: {
+ job: {
+ script: "hash",
+ script_version: "master",
+ repository: url,
+ script_parameters: {}
+ }
}
assert_response :success
assert_equal('077ba2ad3ea24a929091a9e6ce545c93199b8e57',
test 'tag local commit in internal repository' do
authorize_with :active
- post :create, job: {
- script: "hash",
- script_version: "master",
- repository: "active/foo",
- script_parameters: {}
+ post :create, params: {
+ job: {
+ script: "hash",
+ script_version: "master",
+ repository: "active/foo",
+ script_parameters: {}
+ }
}
assert_response :success
assert_equal('077ba2ad3ea24a929091a9e6ce545c93199b8e57',
test 'get job with components' do
authorize_with :active
- get :show, {id: jobs(:running_job_with_components).uuid}
+ get :show, params: {id: jobs(:running_job_with_components).uuid}
assert_response :success
assert_not_nil json_response["components"]
assert_equal ["component1", "component2"], json_response["components"].keys
].each do |user, expected|
test "add components to job locked by active user as #{user} user and expect #{expected}" do
authorize_with user
- put :update, {
+ put :update, params: {
id: jobs(:running).uuid,
job: {
components: {"component1" => "value1", "component2" => "value2"}
test 'get_delete components_get again for job with components' do
authorize_with :active
- get :show, {id: jobs(:running_job_with_components).uuid}
+ get :show, params: {id: jobs(:running_job_with_components).uuid}
assert_response :success
assert_not_nil json_response["components"]
assert_equal ["component1", "component2"], json_response["components"].keys
# delete second component
@test_counter = 0 # Reset executed action counter
@controller = Arvados::V1::JobsController.new
- put :update, {
+ put :update, params: {
id: jobs(:running_job_with_components).uuid,
job: {
components: {"component1" => "zzzzz-8i9sb-jobuuid00000001"}
@test_counter = 0 # Reset executed action counter
@controller = Arvados::V1::JobsController.new
- get :show, {id: jobs(:running_job_with_components).uuid}
+ get :show, params: {id: jobs(:running_job_with_components).uuid}
assert_response :success
assert_not_nil json_response["components"]
assert_equal ["component1"], json_response["components"].keys
# delete all components
@test_counter = 0 # Reset executed action counter
@controller = Arvados::V1::JobsController.new
- put :update, {
+ put :update, params: {
id: jobs(:running_job_with_components).uuid,
job: {
components: {}
@test_counter = 0 # Reset executed action counter
@controller = Arvados::V1::JobsController.new
- get :show, {id: jobs(:running_job_with_components).uuid}
+ get :show, params: {id: jobs(:running_job_with_components).uuid}
assert_response :success
assert_not_nil json_response["components"]
assert_equal [], json_response["components"].keys
Rails.configuration.disable_api_methods = ["jobs.create",
"pipeline_instances.create"]
authorize_with :active
- post :create, job: {
- script: "hash",
- script_version: "master",
- repository: "active/foo",
- script_parameters: {}
+ post :create, params: {
+ job: {
+ script: "hash",
+ script_version: "master",
+ repository: "active/foo",
+ script_parameters: {}
+ }
}
assert_response 404
end
test "add keep disk with admin token" do
authorize_with :admin
- post :ping, default_ping_opts.
+ post :ping, params: default_ping_opts.
merge(filesystem_uuid: 'eb1e77a1-db84-4193-b6e6-ca2894f67d5f')
assert_response :success
assert_not_nil assigns(:object)
].each do |opts|
test "add keep disk with[out] filesystem_uuid #{opts}" do
authorize_with :admin
- post :ping, default_ping_opts.merge(opts)
+ post :ping, params: default_ping_opts.merge(opts)
assert_response :success
assert_not_nil JSON.parse(@response.body)['uuid']
end
end
test "refuse to add keep disk without admin token" do
- post :ping, default_ping_opts
+ post :ping, params: default_ping_opts
assert_response 404
end
test "ping keep disk" do
- post :ping, default_ping_opts.
+ post :ping, params: default_ping_opts.
merge(id: keep_disks(:nonfull).uuid,
ping_secret: keep_disks(:nonfull).ping_secret,
filesystem_uuid: keep_disks(:nonfull).filesystem_uuid)
test "search keep_services with 'any' operator" do
authorize_with :active
- get :index, {
+ get :index, params: {
where: { any: ['contains', 'o2t1q5w'] }
}
assert_response :success
found = assigns(:objects).collect(&:uuid)
assert_equal true, !!found.index('zzzzz-penuu-5w2o2t1q5wy7fhn')
end
-
-
end
test "search by service_port with < query" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['service_port', '<', 25107]]
}
assert_response :success
test "search by service_port with >= query" do
authorize_with :active
- get :index, {
+ get :index, params: {
filters: [['service_port', '>=', 25107]]
}
assert_response :success
}
authorize_with :admin
if formatted_link == 'link_json'
- post :create, link: link.to_json
+ post :create, params: {link: link.to_json}
else
- post :create, link: link
+ post :create, params: {link: link}
end
assert_response :success
assert_not_nil assigns(:object)
{nil: nil, bogus: 2.days.ago}.each do |bogustype, bogusvalue|
test "cannot set #{bogustype} #{attr} in create" do
authorize_with :active
- post :create, {
+ post :create, params: {
link: {
properties: {},
link_class: 'test',
test "cannot set #{bogustype} #{attr} in update" do
really_created_at = links(:test_timestamps).created_at
authorize_with :active
- put :update, {
+ put :update, params: {
id: links(:test_timestamps).uuid,
link: {
:properties => {test: 'test'},
head_uuid: 'zzzzz-tpzed-xyzxyzxerrrorxx'
}
authorize_with :admin
- post :create, link: link
+ post :create, params: {link: link}
assert_response 422
end
tail_uuid: 'zzzzz-tpzed-xyzxyzxerrrorxx'
}
authorize_with :admin
- post :create, link: link
+ post :create, params: {link: link}
assert_response 422
end
tail_uuid: users(:spectator).uuid,
}
authorize_with :admin
- post :create, link: link
+ post :create, params: {link: link}
assert_response :success
l = JSON.parse(@response.body)
assert 'arvados#user', l['head_kind']
tail_kind: "arvados#user",
}
authorize_with :admin
- post :create, link: link
+ post :create, params: {link: link}
assert_response :success
l = JSON.parse(@response.body)
assert 'arvados#user', l['head_kind']
tail_uuid: authorized_keys(:admin).uuid,
}
authorize_with :active
- post :create, link: link
+ post :create, params: {link: link}
assert_response 422
end
test "filter links with 'is_a' operator" do
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['tail_uuid', 'is_a', 'arvados#user'] ]
}
assert_response :success
test "filter links with 'is_a' operator includes remote objects" do
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [
['tail_uuid', 'is_a', 'arvados#user'],
['link_class', '=', 'permission'],
test "filter links with 'is_a' operator with more than one" do
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['tail_uuid', 'is_a', ['arvados#user', 'arvados#group'] ] ],
}
assert_response :success
test "filter links with 'is_a' operator with bogus type" do
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['tail_uuid', 'is_a', ['arvados#bogus'] ] ],
}
assert_response :success
test "filter links with 'is_a' operator with collection" do
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['head_uuid', 'is_a', ['arvados#collection'] ] ],
}
assert_response :success
test "test can still use where tail_kind" do
authorize_with :admin
- get :index, {
+ get :index, params: {
where: { tail_kind: 'arvados#user' }
}
assert_response :success
test "test can still use where head_kind" do
authorize_with :admin
- get :index, {
+ get :index, params: {
where: { head_kind: 'arvados#user' }
}
assert_response :success
test "test can still use filter tail_kind" do
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['tail_kind', '=', 'arvados#user'] ]
}
assert_response :success
test "test can still use filter head_kind" do
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['head_kind', '=', 'arvados#user'] ]
}
assert_response :success
tail_kind: "arvados#user",
}
authorize_with :admin
- post :create, link: link
+ post :create, params: {link: link}
assert_response 422
end
tail_kind: "arvados#user",
}
authorize_with :admin
- post :create, link: link
+ post :create, params: {link: link}
assert_response 422
end
properties: {username: "repo_and_user_name"}
}
authorize_with :admin
- post :create, link: link
+ post :create, params: {link: link}
assert_response 422
end
properties: {username: "repo_and_user_name"}
}
authorize_with :admin
- post :create, link: link
+ post :create, params: {link: link}
assert_response :success
end
test "project owner can show a project permission" do
uuid = links(:project_viewer_can_read_project).uuid
authorize_with :active
- get :show, id: uuid
+ get :show, params: {id: uuid}
assert_response :success
assert_equal(uuid, assigns(:object).andand.uuid)
end
test "admin can show a project permission" do
uuid = links(:project_viewer_can_read_project).uuid
authorize_with :admin
- get :show, id: uuid
+ get :show, params: {id: uuid}
assert_response :success
assert_equal(uuid, assigns(:object).andand.uuid)
end
test "project viewer can't show others' project permissions" do
authorize_with :project_viewer
- get :show, id: links(:admin_can_write_aproject).uuid
+ get :show, params: {id: links(:admin_can_write_aproject).uuid}
assert_response 404
end
test "requesting a nonexistent link returns 404" do
authorize_with :active
- get :show, id: 'zzzzz-zzzzz-zzzzzzzzzzzzzzz'
+ get :show, params: {id: 'zzzzz-zzzzz-zzzzzzzzzzzzzzz'}
assert_response 404
end
# It is possible to retrieve the full set of permissions for a
# single object via /arvados/v1/permissions.
authorize_with :active
- get :index, filters: [['link_class', '=', 'permission'],
- ['head_uuid', '=', groups(:aproject).uuid]]
+ get :index, params: {
+ filters: [['link_class', '=', 'permission'],
+ ['head_uuid', '=', groups(:aproject).uuid]]
+ }
assert_response :success
assert_not_nil assigns(:objects)
assert_includes(assigns(:objects).map(&:uuid),
test "admin can index project permissions" do
authorize_with :admin
- get :index, filters: [['link_class', '=', 'permission'],
- ['head_uuid', '=', groups(:aproject).uuid]]
+ get :index, params: {
+ filters: [['link_class', '=', 'permission'],
+ ['head_uuid', '=', groups(:aproject).uuid]]
+ }
assert_response :success
assert_not_nil assigns(:objects)
assert_includes(assigns(:objects).map(&:uuid),
test "project viewer can't index others' project permissions" do
authorize_with :project_viewer
- get :index, filters: [['link_class', '=', 'permission'],
- ['head_uuid', '=', groups(:aproject).uuid],
- ['tail_uuid', '!=', users(:project_viewer).uuid]]
+ get :index, params: {
+ filters: [['link_class', '=', 'permission'],
+ ['head_uuid', '=', groups(:aproject).uuid],
+ ['tail_uuid', '!=', users(:project_viewer).uuid]]
+ }
assert_response :success
assert_not_nil assigns(:objects)
assert_empty assigns(:objects)
refute users(:user_bar_in_sharing_group).can?(read: collections(:collection_owned_by_foo).uuid)
- post :create, {
+ post :create, params: {
link: {
tail_uuid: users(:user_bar_in_sharing_group).uuid,
link_class: 'permission',
test "non-admins can create their own logs" do
authorize_with :active
- post :create, log: {summary: 'test log'}
+ post :create, params: {log: {summary: 'test log'}}
assert_response :success
resp = assigns(:object)
assert_not_nil resp.uuid
test "non-admins can read their own logs" do
authorize_with :active
my_log = logs(:log_owned_by_active)
- get :show, {id: my_log[:uuid]}
+ get :show, params: {id: my_log[:uuid]}
assert_response(:success, "failed to get log")
resp = assigns(:object)
assert_equal(my_log[:summary], resp.summary, "got wrong log")
test "test can still use where object_kind" do
authorize_with :admin
- get :index, {
+ get :index, params: {
where: { object_kind: 'arvados#user' }
}
assert_response :success
test "test can still use filter object_kind" do
authorize_with :admin
- get :index, {
+ get :index, params: {
filters: [ ['object_kind', '=', 'arvados#user'] ]
}
assert_response :success
end
test "node should ping with ping_secret and no token" do
- post :ping, {
+ post :ping, params: {
id: 'zzzzz-7ekkf-2z3mc76g2q73aio',
instance_id: 'i-0000000',
local_ipv4: '172.17.2.174',
end
test "node should fail ping with invalid ping_secret" do
- post :ping, {
+ post :ping, params: {
id: 'zzzzz-7ekkf-2z3mc76g2q73aio',
instance_id: 'i-0000000',
local_ipv4: '172.17.2.174',
test "create node" do
authorize_with :admin
- post :create, {node: {}}
+ post :create, params: {node: {}}
assert_response :success
assert_not_nil json_response['uuid']
assert_not_nil json_response['info'].is_a? Hash
test "create node and assign slot" do
authorize_with :admin
- post :create, {node: {}, assign_slot: true}
+ post :create, params: {node: {}, assign_slot: true}
assert_response :success
assert_not_nil json_response['uuid']
assert_not_nil json_response['info'].is_a? Hash
test "update node and assign slot" do
authorize_with :admin
node = nodes(:new_with_no_hostname)
- post :update, {id: node.uuid, node: {}, assign_slot: true}
+ post :update, params: {id: node.uuid, node: {}, assign_slot: true}
assert_response :success
assert_operator 0, :<, json_response['slot_number']
n = json_response['slot_number']
test "update node and assign slot, don't clobber hostname" do
authorize_with :admin
node = nodes(:new_with_custom_hostname)
- post :update, {id: node.uuid, node: {}, assign_slot: true}
+ post :update, params: {id: node.uuid, node: {}, assign_slot: true}
assert_response :success
assert_operator 0, :<, json_response['slot_number']
n = json_response['slot_number']
test "ping adds node stats to info" do
authorize_with :admin
node = nodes(:idle)
- post :ping, {
+ post :ping, params: {
id: node.uuid,
ping_secret: node.info['ping_secret'],
total_cpu_cores: 32,
test "active user can see their assigned job" do
authorize_with :active
- get :show, {id: nodes(:busy).uuid}
+ get :show, params: {id: nodes(:busy).uuid}
assert_response :success
assert_equal(jobs(:nearly_finished_job).uuid, json_response["job_uuid"])
end
test "user without job read permission can't see job" do
authorize_with :spectator
- get :show, {id: nodes(:busy).uuid}
+ get :show, params: {id: nodes(:busy).uuid}
assert_response :success
assert_nil(json_response["job"], "spectator can see node's assigned job")
end
[:admin, :spectator].each do |user|
test "select param does not break node list for #{user}" do
authorize_with user
- get :index, {select: ['domain']}
+ get :index, params: {select: ['domain']}
assert_response :success
assert_operator 0, :<, json_response['items_available']
end
changed_node = nodes(:idle)
assigned_job = jobs(:queued)
authorize_with :admin
- post :update, {
+ post :update, params: {
id: changed_node.uuid,
node: {job_uuid: assigned_job.uuid},
}
test "non-admin can't associate a job with a node" do
authorize_with :active
- post :update, {
+ post :update, params: {
id: nodes(:idle).uuid,
node: {job_uuid: jobs(:queued).uuid},
}
test "admin can unassign a job from a node" do
changed_node = nodes(:busy)
authorize_with :admin
- post :update, {
+ post :update, params: {
id: changed_node.uuid,
node: {job_uuid: nil},
}
test "non-admin can't unassign a job from a node" do
authorize_with :project_viewer
- post :update, {
+ post :update, params: {
id: nodes(:busy).uuid,
node: {job_uuid: nil},
}
test "job readable after updating other attributes" do
authorize_with :admin
- post :update, {
+ post :update, params: {
id: nodes(:busy).uuid,
node: {last_ping_at: 1.second.ago},
}
test "node should fail ping with invalid hostname config format" do
Rails.configuration.assign_node_hostname = 'compute%<slot_number>04' # should end with "04d"
- post :ping, {
+ post :ping, params: {
id: nodes(:new_with_no_hostname).uuid,
ping_secret: nodes(:new_with_no_hostname).info['ping_secret'],
}
end
test "first ping should set ip addr using local_ipv4 when provided" do
- post :ping, {
+ post :ping, params: {
id: 'zzzzz-7ekkf-nodenoipaddryet',
instance_id: 'i-0000000',
local_ipv4: '172.17.2.172',
end
test "first ping should set ip addr using remote_ip when local_ipv4 is not provided" do
- post :ping, {
+ post :ping, params: {
id: 'zzzzz-7ekkf-nodenoipaddryet',
instance_id: 'i-0000000',
ping_secret: 'abcdyefg4lb5q4gzqqtrnq30oyj08r8dtdimmanbqw49z1anz2'
end
test "future pings should not change previous ip address" do
- post :ping, {
+ post :ping, params: {
id: 'zzzzz-7ekkf-2z3mc76g2q73aio',
instance_id: 'i-0000000',
local_ipv4: '172.17.2.175',
test 'create pipeline with components copied from template' do
authorize_with :active
- post :create, {
+ post :create, params: {
pipeline_instance: {
pipeline_template_uuid: pipeline_templates(:two_part).uuid
}
test 'create pipeline with no template' do
authorize_with :active
- post :create, {
+ post :create, params: {
pipeline_instance: {
components: {}
}
authorize_with :active
pi_uuid = pipeline_instances(:job_child_pipeline_with_components_at_level_2).uuid
- post :cancel, {id: pi_uuid, cascade: cascade}
+ post :cancel, params: {id: pi_uuid, cascade: cascade}
assert_response :success
pi = PipelineInstance.where(uuid: pi_uuid).first
test 'no fallback orders when order is unambiguous' do
@controller = Arvados::V1::LogsController.new
authorize_with :active
- get :index, {
+ get :index, params: {
order: ['id asc'],
controller: 'logs',
}
test 'fallback orders when order is ambiguous' do
@controller = Arvados::V1::LogsController.new
authorize_with :active
- get :index, {
+ get :index, params: {
order: ['event_type asc'],
controller: 'logs',
}
test 'skip fallback orders already given by client' do
@controller = Arvados::V1::LogsController.new
authorize_with :active
- get :index, {
+ get :index, params: {
order: ['modified_at asc'],
controller: 'logs',
}
test 'eliminate superfluous orders' do
@controller = Arvados::V1::LogsController.new
authorize_with :active
- get :index, {
+ get :index, params: {
order: ['logs.modified_at asc',
'modified_at desc',
'event_type desc',
test 'eliminate orders after the first unique column' do
@controller = Arvados::V1::LogsController.new
authorize_with :active
- get :index, {
+ get :index, params: {
order: ['event_type asc',
'id asc',
'uuid asc',
test 'do not count items_available if count=none' do
@controller = Arvados::V1::LinksController.new
authorize_with :active
- get :index, {
+ get :index, params: {
count: 'none',
}
assert_response(:success)
test "count items_available if params=#{params.inspect}" do
@controller = Arvados::V1::LinksController.new
authorize_with :active
- get :index, params
+ get :index, params: params
assert_response(:success)
assert_operator(json_response['items_available'], :>, 0)
end
test 'error if count=bogus' do
@controller = Arvados::V1::LinksController.new
authorize_with :active
- get :index, {
+ get :index, params: {
count: 'bogus',
}
assert_response(422)
test "select push_url in index" do
authorize_with :active
- get(:index, {select: ["uuid", "push_url"]})
+ get(:index, params: {select: ["uuid", "push_url"]})
assert_response :success
assert_includes(json_response["items"].map { |r| r["push_url"] },
"git@git.zzzzz.arvadosapi.com:active/foo.git")
test "select clone_urls in index" do
authorize_with :active
- get(:index, {select: ["uuid", "clone_urls"]})
+ get(:index, params: {select: ["uuid", "clone_urls"]})
assert_response :success
assert_includes(json_response["items"].map { |r| r["clone_urls"] }.flatten,
"git@git.zzzzz.arvadosapi.com:active/foo.git")
test "activate a user after signing UA" do
authorize_with :inactive_but_signed_user_agreement
- post :activate, id: users(:inactive_but_signed_user_agreement).uuid
+ post :activate, params: {id: users(:inactive_but_signed_user_agreement).uuid}
assert_response :success
assert_not_nil assigns(:object)
me = JSON.parse(@response.body)
authorize_with :inactive
assert_equal false, users(:inactive).is_active
- post :activate, id: users(:inactive).uuid
+ post :activate, params: {id: users(:inactive).uuid}
assert_response 403
resp = json_response
test "activate an already-active user" do
authorize_with :active
- post :activate, id: users(:active).uuid
+ post :activate, params: {id: users(:active).uuid}
assert_response :success
me = JSON.parse(@response.body)
assert_equal true, me['is_active']
test "create new user with user as input" do
authorize_with :admin
- post :create, user: {
- first_name: "test_first_name",
- last_name: "test_last_name",
- email: "foo@example.com"
+ post :create, params: {
+ user: {
+ first_name: "test_first_name",
+ last_name: "test_last_name",
+ email: "foo@example.com"
+ }
}
assert_response :success
created = JSON.parse(@response.body)
authorize_with :admin
repo_name = 'usertestrepo'
- post :setup, {
+ post :setup, params: {
repo_name: repo_name,
openid_prefix: 'https://www.google.com/accounts/o8/id',
user: {
test "setup user with bogus uuid and expect error" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
uuid: 'bogus_uuid',
repo_name: 'usertestrepo',
vm_uuid: @vm_uuid
test "setup user with bogus uuid in user and expect error" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
user: {uuid: 'bogus_uuid'},
repo_name: 'usertestrepo',
vm_uuid: @vm_uuid,
test "setup user with no uuid and user, expect error" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
repo_name: 'usertestrepo',
vm_uuid: @vm_uuid,
openid_prefix: 'https://www.google.com/accounts/o8/id'
test "setup user with no uuid and email, expect error" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
user: {},
repo_name: 'usertestrepo',
vm_uuid: @vm_uuid,
authorize_with :admin
inactive_user = users(:inactive)
- post :setup, {
+ post :setup, params: {
uuid: users(:inactive).uuid,
repo_name: 'usertestrepo',
vm_uuid: @vm_uuid
authorize_with :admin
inactive_user = users(:inactive)
- post :setup, {
+ post :setup, params: {
uuid: inactive_user['uuid'],
user: {email: 'junk_email'}
}
test "setup user with valid email and repo as input" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
repo_name: 'usertestrepo',
user: {email: 'foo@example.com'},
openid_prefix: 'https://www.google.com/accounts/o8/id'
test "setup user with fake vm and expect error" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
repo_name: 'usertestrepo',
vm_uuid: 'no_such_vm',
user: {email: 'foo@example.com'},
test "setup user with valid email, repo and real vm as input" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
repo_name: 'usertestrepo',
openid_prefix: 'https://www.google.com/accounts/o8/id',
vm_uuid: @vm_uuid,
test "setup user with valid email, no vm and no repo as input" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
user: {email: 'foo@example.com'},
openid_prefix: 'https://www.google.com/accounts/o8/id'
}
test "setup user with email, first name, repo name and vm uuid" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
openid_prefix: 'https://www.google.com/accounts/o8/id',
repo_name: 'usertestrepo',
vm_uuid: @vm_uuid,
authorize_with :admin
inactive_user = users(:inactive)
- post :setup, {
+ post :setup, params: {
openid_prefix: 'https://www.google.com/accounts/o8/id',
repo_name: 'usertestrepo',
user: {
test "setup user with openid prefix" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
repo_name: 'usertestrepo',
openid_prefix: 'http://www.example.com/account',
user: {
test "invoke setup with no openid prefix, expect error" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
repo_name: 'usertestrepo',
user: {
first_name: "in_create_test_first_name",
test "setup user with user, vm and repo and verify links" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
user: {
first_name: "in_create_test_first_name",
last_name: "test_last_name",
test "create user as non admin user and expect error" do
authorize_with :active
- post :create, {
+ post :create, params: {
user: {email: 'foo@example.com'}
}
test "setup user as non admin user and expect error" do
authorize_with :active
- post :setup, {
+ post :setup, params: {
openid_prefix: 'https://www.google.com/accounts/o8/id',
user: {email: 'foo@example.com'}
}
active_user = users(:active)
# invoke setup with a repository
- post :setup, {
+ post :setup, params: {
repo_name: 'usertestrepo',
uuid: active_user['uuid']
}
repo_link_count = repo_link_query.count
# invoke setup with a repository
- post :setup, {
+ post :setup, params: {
vm_uuid: @vm_uuid,
uuid: active_user['uuid'],
email: 'junk_email'
authorize_with :admin
# now unsetup this user
- post :unsetup, id: active_user['uuid']
+ post :unsetup, params: {id: active_user['uuid']}
assert_response :success
response_user = JSON.parse(@response.body)
test "setup user with send notification param false and verify no email" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
openid_prefix: 'http://www.example.com/account',
send_notification_email: 'false',
user: {
test "setup user with send notification param true and verify email" do
authorize_with :admin
- post :setup, {
+ post :setup, params: {
openid_prefix: 'http://www.example.com/account',
send_notification_email: 'true',
user: {
active_user = users(:active)
# invoke setup with a repository
- put :update, {
+ put :update, params: {
id: active_user['uuid'],
user: {
is_active: true,
users = create_list :active_user, 2, join_groups: [g]
token = create :token, user: users[0]
authorize_with_token token
- get :show, id: users[1].uuid
+ get :show, params: {id: users[1].uuid}
check_non_admin_show
end
token = create :token, user: users[0]
authorize_with_token token
- get(:index, limit: limit)
+ get(:index, params: {limit: limit})
check_non_admin_index
assert_equal(limit, json_response["items"].size,
"non-admin index limit was ineffective")
test "admin can filter on user.is_active" do
authorize_with :admin
- get(:index, filters: [["is_active", "=", "true"]])
+ get(:index, params: {filters: [["is_active", "=", "true"]]})
assert_response :success
check_readable_users_index [:active, :spectator], [:inactive]
end
test "admin can search where user.is_active" do
authorize_with :admin
- get(:index, where: {is_active: true})
+ get(:index, params: {where: {is_active: true}})
assert_response :success
check_readable_users_index [:active, :spectator], [:inactive]
end
test "update active_no_prefs user profile and expect notification email" do
authorize_with :admin
- put :update, {
+ put :update, params: {
id: users(:active_no_prefs).uuid,
user: {
prefs: {:profile => {'organization' => 'example.com'}}
user = {}
user[:prefs] = users(:active_no_prefs_profile_no_getting_started_shown).prefs
user[:prefs][:profile] = {:profile => {'organization' => 'example.com'}}
- put :update, {
+ put :update, params: {
id: users(:active_no_prefs_profile_no_getting_started_shown).uuid,
user: user
}
test "update active user profile and expect no notification email" do
authorize_with :admin
- put :update, {
+ put :update, params: {
id: users(:active).uuid,
user: {
prefs: {:profile => {'organization' => 'anotherexample.com'}}
test "update_uuid as #{auth_user}" do
authorize_with auth_user
orig_uuid = users(:active).uuid
- post :update_uuid, {
+ post :update_uuid, params: {
id: orig_uuid,
new_uuid: 'zbbbb-tpzed-abcde12345abcde',
}
test "refuse to merge with redirect_to_user_uuid=false (not yet supported)" do
authorize_with :project_viewer_trustedclient
- post :merge, {
+ post :merge, params: {
new_user_token: api_client_authorizations(:active_trustedclient).api_token,
new_owner_uuid: users(:active).uuid,
redirect_to_new_user: false,
test "refuse to merge user into self" do
authorize_with(:active_trustedclient)
- post(:merge, {
+ post(:merge, params: {
new_user_token: api_client_authorizations(:active_trustedclient).api_token,
new_owner_uuid: users(:active).uuid,
redirect_to_new_user: true,
[:active_trustedclient, :project_viewer]].each do |src, dst|
test "refuse to merge with untrusted token (#{src} -> #{dst})" do
authorize_with(src)
- post(:merge, {
+ post(:merge, params: {
new_user_token: api_client_authorizations(dst).api_token,
new_owner_uuid: api_client_authorizations(dst).user.uuid,
redirect_to_new_user: true,
[:project_viewer_trustedclient, :expired_trustedclient]].each do |src, dst|
test "refuse to merge with expired token (#{src} -> #{dst})" do
authorize_with(src)
- post(:merge, {
+ post(:merge, params: {
new_user_token: api_client_authorizations(dst).api_token,
new_owner_uuid: api_client_authorizations(dst).user.uuid,
redirect_to_new_user: true,
api_client_authorizations(auth).update_attributes(scopes: ["GET /", "POST /", "PUT /"])
end
authorize_with(:active_trustedclient)
- post(:merge, {
+ post(:merge, params: {
new_user_token: api_client_authorizations(:project_viewer_trustedclient).api_token,
new_owner_uuid: users(:project_viewer).uuid,
redirect_to_new_user: true,
test "refuse to merge if new_owner_uuid is not writable" do
authorize_with(:project_viewer_trustedclient)
- post(:merge, {
+ post(:merge, params: {
new_user_token: api_client_authorizations(:active_trustedclient).api_token,
new_owner_uuid: groups(:anonymously_accessible_project).uuid,
redirect_to_new_user: true,
test "refuse to merge if new_owner_uuid is empty" do
authorize_with(:project_viewer_trustedclient)
- post(:merge, {
+ post(:merge, params: {
new_user_token: api_client_authorizations(:active_trustedclient).api_token,
new_owner_uuid: "",
redirect_to_new_user: true,
test "refuse to merge if new_owner_uuid is not provided" do
authorize_with(:project_viewer_trustedclient)
- post(:merge, {
+ post(:merge, params: {
new_user_token: api_client_authorizations(:active_trustedclient).api_token,
redirect_to_new_user: true,
})
test "refuse to update redirect_to_user_uuid directly" do
authorize_with(:active_trustedclient)
- patch(:update, {
+ patch(:update, params: {
id: users(:active).uuid,
user: {
redirect_to_user_uuid: users(:active).uuid,
test "merge 'project_viewer' account into 'active' account" do
authorize_with(:project_viewer_trustedclient)
- post(:merge, {
+ post(:merge, params: {
new_user_token: api_client_authorizations(:active_trustedclient).api_token,
new_owner_uuid: users(:active).uuid,
redirect_to_new_user: true,
def check_inactive_user_findable(params={})
inactive_user = users(:inactive)
- get(:index, params.merge(filters: [["email", "=", inactive_user.email]]))
+ get(:index, params: params.merge(filters: [["email", "=", inactive_user.email]]))
assert_response :success
user_list = json_response["items"]
assert_equal(1, user_list.andand.count)
class Arvados::V1::VirtualMachinesControllerTest < ActionController::TestCase
def get_logins_for(vm_sym)
authorize_with :admin
- get(:logins, id: virtual_machines(vm_sym).uuid)
+ get(:logins, params: {id: virtual_machines(vm_sym).uuid})
end
def find_login(sshkey_sym)
properties: {'username' => 'bobblogin'})
end
authorize_with :admin
- get :logins, id: vm.uuid
+ get :logins, params: {id: vm.uuid}
assert_response :success
assert_equal 1, json_response['items'].length
assert_nil json_response['items'][0]['public_key']
projects / arvados.git / commitdiff