def self.check_system_root_token token
if token == Rails.configuration.SystemRootToken
return ApiClientAuthorization.new(user: User.find_by_uuid(system_user_uuid),
+ uuid: uuid_prefix+"-gj3su-000000000000000",
api_token: token,
api_client: ApiClient.new(is_trusted: true, url_prefix: ""))
else
api_client_authorizations(:active).api_token)
end
+ test "get current token using SystemRootToken" do
+ Rails.configuration.SystemRootToken = "xyzzy-systemroottoken"
+ authorize_with_token Rails.configuration.SystemRootToken
+ get :current
+ assert_response :success
+ assert_equal(Rails.configuration.SystemRootToken, json_response['api_token'])
+ assert_not_empty(json_response['uuid'])
+ end
+
test "get current token, no auth" do
get :current
assert_response 401
--- /dev/null
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
+require 'test_helper'
+
+class ContainerDispatchTest < ActionDispatch::IntegrationTest
+ test "lock container with SystemRootToken" do
+ Rails.configuration.SystemRootToken = "xyzzy-SystemRootToken"
+ authheaders = {'HTTP_AUTHORIZATION' => "Bearer "+Rails.configuration.SystemRootToken}
+ get("/arvados/v1/api_client_authorizations/current",
+ headers: authheaders)
+ assert_response 200
+ #assert_not_empty json_response['uuid']
+
+ system_auth_uuid = json_response['uuid']
+ post("/arvados/v1/containers/#{containers(:queued).uuid}/lock",
+ headers: authheaders)
+ assert_response 200
+ assert_equal system_auth_uuid, Container.find_by_uuid(containers(:queued).uuid).locked_by_uuid
+
+ get("/arvados/v1/containers",
+ params: {filters: SafeJSON.dump([['locked_by_uuid', '=', system_auth_uuid]])},
+ headers: authheaders)
+ assert_response 200
+ assert_equal containers(:queued).uuid, json_response['items'][0]['uuid']
+ assert_equal system_auth_uuid, json_response['items'][0]['locked_by_uuid']
+
+ post("/arvados/v1/containers/#{containers(:queued).uuid}/unlock",
+ headers: authheaders)
+ assert_response 200
+ end
+end