def config_anonymous enable
Rails.configuration.anonymous_user_token =
if enable
- api_fixture('api_client_authorizations')['anonymous']['api_token']
+ api_token('anonymous')
else
false
end
def assert_session_for_auth(client_auth)
api_token =
- api_fixture('api_client_authorizations')[client_auth.to_s]['api_token']
+ self.api_token(client_auth.to_s)
assert_hash_includes(session, {arvados_api_token: api_token},
"session token does not belong to #{client_auth}")
end
test "viewing collection files with a reader token" do
params = collection_params(:foo_file)
- params[:reader_token] = api_fixture("api_client_authorizations",
- "active_all_collections", "api_token")
+ params[:reader_token] = api_token("active_all_collections")
get(:show_file_links, params)
assert_response :redirect
assert_no_session
test "fetching collection file with reader token" do
setup_for_keep_web
params = collection_params(:foo_file, "foo")
- params[:reader_token] = api_fixture("api_client_authorizations",
- "active_all_collections", "api_token")
+ params[:reader_token] = api_token("active_all_collections")
get(:show_file, params)
assert_response :redirect
assert_match /foo/, response.redirect_url
test "getting a file from Keep with a good reader token" do
setup_for_keep_web
params = collection_params(:foo_file, 'foo')
- read_token = api_fixture('api_client_authorizations')['active']['api_token']
+ read_token = api_token('active')
params[:reader_token] = read_token
get(:show_file, params)
assert_response :redirect
config_anonymous anon
params = collection_params(:foo_file, 'foo')
params[:reader_token] =
- api_fixture('api_client_authorizations')['active_noscope']['api_token']
+ api_token('active_noscope')
get(:show_file, params)
if anon
# Some files can be shown without a valid token, but not this one.
setup_for_keep_web
params = collection_params(:foo_file, 'foo')
sess = session_for(:expired)
- read_token = api_fixture('api_client_authorizations')['active']['api_token']
+ read_token = api_token('active')
params[:reader_token] = read_token
get(:show_file, params, sess)
assert_response :redirect
%w(uuid portable_data_hash).each do |id_type|
test "Redirect to keep_web_url via #{id_type}" do
setup_for_keep_web
- tok = api_fixture('api_client_authorizations')['active']['api_token']
+ tok = api_token('active')
id = api_fixture('collections')['w_a_z_file'][id_type]
get :show_file, {uuid: id, file: "w a z"}, session_for(:active)
assert_response :redirect
- assert_equal "https://#{id.sub '+', '-'}.example/_/w%20a%20z?api_token=#{tok}", @response.redirect_url
+ assert_equal "https://#{id.sub '+', '-'}.example/_/w%20a%20z?api_token=#{URI.escape tok, '/'}", @response.redirect_url
end
test "Redirect to keep_web_url via #{id_type} with reader token" do
setup_for_keep_web
- tok = api_fixture('api_client_authorizations')['active']['api_token']
+ tok = api_token('active')
id = api_fixture('collections')['w_a_z_file'][id_type]
get :show_file, {uuid: id, file: "w a z", reader_token: tok}, session_for(:expired)
assert_response :redirect
- assert_equal "https://#{id.sub '+', '-'}.example/t=#{tok}/_/w%20a%20z", @response.redirect_url
+ assert_equal "https://#{id.sub '+', '-'}.example/t=#{URI.escape tok}/_/w%20a%20z", @response.redirect_url
end
test "Redirect to keep_web_url via #{id_type} with no token" do
test "Redirect to keep_web_download_url via #{id_type}" do
setup_for_keep_web('https://collections.example/c=%{uuid_or_pdh}',
'https://download.example/c=%{uuid_or_pdh}')
- tok = api_fixture('api_client_authorizations')['active']['api_token']
+ tok = api_token('active')
id = api_fixture('collections')['w_a_z_file'][id_type]
get :show_file, {uuid: id, file: "w a z"}, session_for(:active)
assert_response :redirect
- assert_equal "https://download.example/c=#{id.sub '+', '-'}/_/w%20a%20z?api_token=#{tok}", @response.redirect_url
+ assert_equal "https://download.example/c=#{id.sub '+', '-'}/_/w%20a%20z?api_token=#{URI.escape tok, '/'}", @response.redirect_url
end
test "Redirect to keep_web_url via #{id_type} when trust_all_content enabled" do
Rails.configuration.trust_all_content = true
setup_for_keep_web('https://collections.example/c=%{uuid_or_pdh}',
'https://download.example/c=%{uuid_or_pdh}')
- tok = api_fixture('api_client_authorizations')['active']['api_token']
+ tok = api_token('active')
id = api_fixture('collections')['w_a_z_file'][id_type]
get :show_file, {uuid: id, file: "w a z"}, session_for(:active)
assert_response :redirect
- assert_equal "https://collections.example/c=#{id.sub '+', '-'}/_/w%20a%20z?api_token=#{tok}", @response.redirect_url
+ assert_equal "https://collections.example/c=#{id.sub '+', '-'}/_/w%20a%20z?api_token=#{URI.escape tok, '/'}", @response.redirect_url
end
end
config_anonymous anon
setup_for_keep_web('https://collections.example/c=%{uuid_or_pdh}',
'https://download.example/c=%{uuid_or_pdh}')
- tok = api_fixture('api_client_authorizations')['active']['api_token']
+ tok = api_token('active')
id = api_fixture('collections')['public_text_file']['uuid']
get :show_file, {
uuid: id,
assert_response :redirect
expect_url = "https://download.example/c=#{id.sub '+', '-'}/_/Hello%20world.txt"
if not anon
- expect_url += "?api_token=#{tok}"
+ expect_url += "?api_token=#{URI.escape tok, '/'}"
end
assert_equal expect_url, @response.redirect_url
end
test "Redirect preview to keep_web_download_url when preview is disabled and trust_all_content is #{trust_all_content}" do
Rails.configuration.trust_all_content = trust_all_content
setup_for_keep_web false, 'https://download.example/c=%{uuid_or_pdh}'
- tok = api_fixture('api_client_authorizations')['active']['api_token']
+ tok = api_token('active')
id = api_fixture('collections')['w_a_z_file']['uuid']
get :show_file, {uuid: id, file: "w a z"}, session_for(:active)
assert_response :redirect
- assert_equal "https://download.example/c=#{id.sub '+', '-'}/_/w%20a%20z?api_token=#{tok}", @response.redirect_url
+ assert_equal "https://download.example/c=#{id.sub '+', '-'}/_/w%20a%20z?api_token=#{URI.escape tok, '/'}", @response.redirect_url
end
end
user_was = Thread.current[:user]
token_was = Thread.current[:arvados_api_token]
auth = api_fixture('api_client_authorizations')[token_name.to_s]
- Thread.current[:arvados_api_token] = auth['api_token']
+ Thread.current[:arvados_api_token] = "v2/#{auth['uuid']}/#{auth['api_token']}"
if block_given?
begin
yield
keys.inject(@@api_fixtures[name]) { |hash, key| hash[key] }.deep_dup
end
end
+
def api_fixture(name, *keys)
self.class.api_fixture(name, *keys)
end
+ def api_token(name)
+ auth = api_fixture('api_client_authorizations')[name]
+ "v2/#{auth['uuid']}/#{auth['api_token']}"
+ end
+
def find_fixture(object_class, name)
object_class.find(api_fixture(object_class.to_s.pluralize.underscore,
name, "uuid"))
class ActiveSupport::TestCase
include ApiFixtureLoader
def session_for api_client_auth_name
+ auth = api_fixture('api_client_authorizations')[api_client_auth_name.to_s]
{
- arvados_api_token: api_fixture('api_client_authorizations')[api_client_auth_name.to_s]['api_token']
+ arvados_api_token: "v2/#{auth['uuid']}/#{auth['api_token']}"
}
end
def json_response
return unless Rails.env == 'test'
auth = api_fixture('api_client_authorizations')['admin_trustedclient']
- Thread.current[:arvados_api_token] = auth['api_token']
+ Thread.current[:arvados_api_token] = "v2/#{auth['uuid']}/#{auth['api_token']}"
ArvadosApiClient.new.api(nil, '../../database/reset', {})
Thread.current[:arvados_api_token] = nil
end