20640: Ensure offset=0 for computed permissions API.

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom@curii.com>

diff --git a/services/api/app/controllers/arvados/v1/computed_permissions_controller.rb b/services/api/app/controllers/arvados/v1/computed_permissions_controller.rb
index ca5cc454a18e5305b8f6f7179f5a7222efc71113..fe2875ac443f82ea36fd680a307a1586cc165a88 100644 (file)
--- a/services/api/app/controllers/arvados/v1/computed_permissions_controller.rb
+++ b/services/api/app/controllers/arvados/v1/computed_permissions_controller.rb
@@ -10,6 +10,11 @@ class Arvados::V1::ComputedPermissionsController < ApplicationController
       raise ArgumentError.new("count parameter must be 'none'")
     end
     params[:count] = 'none'
+
+    if !['0', 0, nil].include?(params[:offset])
+      raise ArgumentError.new("non-zero offset parameter #{params[:offset].inspect} is not supported")
+    end
+
     super
   end
 end

diff --git a/services/api/test/integration/computed_permissions_test.rb b/services/api/test/integration/computed_permissions_test.rb
index d58aa601ca678ffdf2e7f62c838f5c5486eb8d53..a07a6f1d6134b981dff54a9f78e46b4182e71fa7 100644 (file)
--- a/services/api/test/integration/computed_permissions_test.rb
+++ b/services/api/test/integration/computed_permissions_test.rb
@@ -36,4 +36,14 @@ class ComputedPermissionsTest < ActionDispatch::IntegrationTest
       headers: auth(:admin)
     assert_response 422
   end
+
+  test "reject offset>0" do
+    get "/arvados/v1/computed_permissions",
+      params: {
+        :format => :json,
+        :offset => 7,
+      },
+      headers: auth(:admin)
+    assert_response 422
+  end
 end