def reset
raise ArvadosModel::PermissionDeniedError unless Rails.env == 'test'
+ # Sanity check: If someone has actually logged in here, this might
+ # not really be a throwaway database. Client test suites should
+ # use @example.com email addresses when creating user records, so
+ # we can tell they're not valuable.
+ user_uuids = User.
+ where('email is null or email not like ?', '%@example.com').
+ collect &:uuid
+ fixture_uuids =
+ YAML::load_file(File.expand_path('../../../test/fixtures/users.yml',
+ __FILE__)).
+ values.collect { |u| u['uuid'] }
+ unexpected_uuids = user_uuids - fixture_uuids
+ if unexpected_uuids.any?
+ logger.error("Running in test environment, but non-fixture users exist: " +
+ "#{unexpected_uuids}")
+ raise ArvadosModel::PermissionDeniedError
+ end
+
require 'active_record/fixtures'
# What kinds of fixtures do we have?
user_profile_notification_address: arvados@example.com
workbench_address: https://localhost:3001/
websocket_address: ws://127.0.0.1:3333/websocket
- enable_remote_database_reset: true
common:
uuid_prefix: <%= Digest::MD5.hexdigest(`hostname`).to_i(16).to_s(36)[0..4] %>
end
end
- if Rails.configuration.enable_remote_database_reset
+ if Rails.env == 'test'
post '/database/reset', to: 'database#reset'
end
# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+system_user:
+ uuid: zzzzz-tpzed-000000000000000
+ owner_uuid: zzzzz-tpzed-000000000000000
+ created_at: 2014-11-27 06:38:21.215463000 Z
+ modified_by_client_uuid: zzzzz-ozdt8-teyxzyd8qllg11h
+ modified_by_user_uuid: zzzzz-tpzed-000000000000000
+ modified_at: 2014-11-27 06:38:21.208036000 Z
+ email: root
+ first_name: root
+ last_name: ''
+ identity_url:
+ is_admin: true
+ prefs: {}
+ updated_at: 2014-11-27 06:38:21.207873000 Z
+ is_active: true
+
admin:
owner_uuid: zzzzz-tpzed-000000000000000
uuid: zzzzz-tpzed-d9tiejq69daie8f
class DatabaseControllerTest < ActionController::TestCase
include CurrentApiClient
- teardown do
- restore_configuration
- # We made configuration changes here that affect routing.
- Rails.application.reload_routes!
- end
-
test "reset fails with non-admin token" do
authorize_with :active
post :reset
assert_response 403
end
- test "reset fails when not in test mode" do
+ test "route not found when not in test mode" do
authorize_with :admin
env_was = Rails.env
+ Rails.application.reload_routes!
begin
- Rails.env = 'development'
- post :reset
- assert_response 403
+ assert_raises ActionController::RoutingError do
+ Rails.env = 'production'
+ Rails.application.reload_routes!
+ post :reset
+ end
ensure
Rails.env = env_was
+ Rails.application.reload_routes!
end
end
- test "reset fails when not configured" do
- Rails.configuration.enable_remote_database_reset = false
- Rails.application.reload_routes!
- authorize_with :admin
- assert_raise ActionController::RoutingError do
- post :reset
+ test "reset fails when a non-test-fixture user exists" do
+ act_as_system_user do
+ User.create!(uuid: 'abcde-tpzed-123451234512345', email: 'bar@example.net')
end
+ authorize_with :admin
+ post :reset
+ assert_response 403
end
test "reset succeeds with admin token" do
Rails.application.reload_routes!
end
- test "reset fails when not configured" do
- Rails.configuration.enable_remote_database_reset = false
- Rails.application.reload_routes!
- post '/database/reset', {}, auth(:admin)
- assert_response 404
+ test "reset fails when Rails.env != 'test'" do
+ rails_env_was = Rails.env
+ begin
+ Rails.env = 'production'
+ Rails.application.reload_routes!
+ post '/database/reset', {}, auth(:admin)
+ assert_response 404
+ ensure
+ Rails.env = rails_env_was
+ end
end
test "reset fails with non-admin token" do