headers: auth(:active)
assert_response 404
+ get "/arvados/v1/links",
+ params: {
+ :filters => [["link_class", "=", "permission"], ["head_uuid", "=", groups(:public).uuid]].to_json
+ },
+ headers: auth(:active)
+ assert_response :success
+ assert_equal [], json_response['items']
+
# add some permissions, including can_manage
# permission for user :active
post "/arvados/v1/links",
assert_response :success
can_write_uuid = json_response['uuid']
+ # Still should not be able read these permission links
+ get "/arvados/v1/permissions/#{groups(:public).uuid}",
+ params: nil,
+ headers: auth(:active)
+ assert_response 404
+
+ get "/arvados/v1/links",
+ params: {
+ :filters => [["link_class", "=", "permission"], ["head_uuid", "=", groups(:public).uuid]].to_json
+ },
+ headers: auth(:active)
+ assert_response :success
+ assert_equal [], json_response['items']
+
+ # Now add a can_manage link
post "/arvados/v1/links",
params: {
:format => :json,
assert_includes perm_uuids, can_read_uuid, "can_read_uuid not found"
assert_includes perm_uuids, can_write_uuid, "can_write_uuid not found"
assert_includes perm_uuids, can_manage_uuid, "can_manage_uuid not found"
+
+ # Now user :active should be able to retrieve permissions
+ # on group :public.
+ get "/arvados/v1/links",
+ params: {
+ :filters => [["link_class", "=", "permission"], ["head_uuid", "=", groups(:public).uuid]].to_json
+ },
+ headers: auth(:active)
+ assert_response :success
+
+ perm_uuids = json_response['items'].map { |item| item['uuid'] }
+ assert_includes perm_uuids, can_read_uuid, "can_read_uuid not found"
+ assert_includes perm_uuids, can_write_uuid, "can_write_uuid not found"
+ assert_includes perm_uuids, can_manage_uuid, "can_manage_uuid not found"
+
+ # Now delete the can_manage link
+ delete "/arvados/v1/links/#{can_manage_uuid}",
+ params: nil,
+ headers: auth(:active)
+ assert_response :success
+
+ # Should not be able read these permission links again
+ get "/arvados/v1/permissions/#{groups(:public).uuid}",
+ params: nil,
+ headers: auth(:active)
+ assert_response 404
+
+ get "/arvados/v1/links",
+ params: {
+ :filters => [["link_class", "=", "permission"], ["head_uuid", "=", groups(:public).uuid]].to_json
+ },
+ headers: auth(:active)
+ assert_response :success
+ assert_equal [], json_response['items']
end
test "get_permissions returns 404 for nonexistent uuid" do