head_uuid: zzzzz-8i9sb-cjs4pklxxjykyuj
properties: {}
+arvados_repository_readable_by_all_users:
+ uuid: zzzzz-o0j2j-allcanreadarvrp
+ owner_uuid: zzzzz-tpzed-000000000000000
+ created_at: 2014-01-24 20:42:26 -0800
+ modified_by_client_uuid: zzzzz-ozdt8-brczlopd8u8d0jr
+ modified_by_user_uuid: zzzzz-tpzed-000000000000000
+ modified_at: 2014-01-24 20:42:26 -0800
+ updated_at: 2014-01-24 20:42:26 -0800
+ tail_uuid: zzzzz-j7d0g-fffffffffffffff
+ link_class: permission
+ name: can_read
+ head_uuid: zzzzz-s0uqq-arvadosrepo0123
+ properties: {}
+
foo_repository_readable_by_spectator:
uuid: zzzzz-o0j2j-cpy7p41hpk5xxx
owner_uuid: zzzzz-tpzed-000000000000000
end
test "get_all_permissions does not give any access to user without permission" do
+ viewer_uuid = users(:project_viewer).uuid
+ assert_equal(authorized_keys(:project_viewer).authorized_user_uuid,
+ viewer_uuid,
+ "project_viewer must have an authorized_key for this test to work")
authorize_with :admin
get :get_all_permissions
assert_response :success
- assert_equal(authorized_keys(:project_viewer).authorized_user_uuid,
- users(:project_viewer).uuid,
- "project_viewer must have an authorized_key for this test to work")
- json_response['repositories'].each do |repo|
- assert_equal(false,
- repo['user_permissions'].has_key?(users(:project_viewer).uuid),
- "project_viewer user should not have perms for #{repo['uuid']}")
+ readable_repos = json_response["repositories"].select do |repo|
+ repo["user_permissions"].has_key?(viewer_uuid)
end
+ assert_equal(["arvados"], readable_repos.map { |r| r["name"] },
+ "project_viewer should only have permissions on public repos")
end
test "get_all_permissions gives gitolite R to user with read-only access" do