From: Tom Clegg <tom@curoverse.com>
Date: Sun, 4 May 2014 01:22:17 +0000 (-0400)
Subject: Fix crashing "grant access to my own object" permission check.
X-Git-Tag: 1.1.0~2596^2~19
X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/988726079e8e2f8ce4b49115c10a8a1d22040972

Fix crashing "grant access to my own object" permission check.
---

diff --git a/services/api/app/models/link.rb b/services/api/app/models/link.rb
index 26e7183be3..787088d53e 100644
--- a/services/api/app/models/link.rb
+++ b/services/api/app/models/link.rb
@@ -51,7 +51,7 @@ class Link < ArvadosModel
 
     # All users can grant permissions on objects they own
     head_obj = self.class.
-      kind_class(self.head_uuid).
+      resource_class_for_uuid(self.head_uuid).
       where('uuid=?',head_uuid).
       first
     if head_obj
diff --git a/services/api/test/test_helper.rb b/services/api/test/test_helper.rb
index 1bd1b51263..e1738c3aa1 100644
--- a/services/api/test/test_helper.rb
+++ b/services/api/test/test_helper.rb
@@ -17,10 +17,6 @@ module ArvadosTestSupport
 end
 
 class ActiveSupport::TestCase
-  # Setup all fixtures in test/fixtures/*.(yml|csv) for all tests in alphabetical order.
-  #
-  # Note: You'll currently still have to declare fixtures explicitly in integration tests
-  # -- they do not yet inherit this setting
   fixtures :all
 
   include ArvadosTestSupport
@@ -33,6 +29,13 @@ class ActiveSupport::TestCase
     Thread.current[:user] = nil
   end
 
+  def set_user_from_auth(auth_name)
+    client_auth = api_client_authorizations(auth_name)
+    Thread.current[:api_client_authorization] = client_auth
+    Thread.current[:api_client] = client_auth.api_client
+    Thread.current[:user] = client_auth.user
+  end
+
   def expect_json
     self.request.headers["Accept"] = "text/json"
   end
diff --git a/services/api/test/unit/log_test.rb b/services/api/test/unit/log_test.rb
index be8498d4ba..4fc273be73 100644
--- a/services/api/test/unit/log_test.rb
+++ b/services/api/test/unit/log_test.rb
@@ -65,13 +65,6 @@ class LogTest < ActiveSupport::TestCase
     end
   end
 
-  def set_user_from_auth(auth_name)
-    client_auth = api_client_authorizations(auth_name)
-    Thread.current[:api_client_authorization] = client_auth
-    Thread.current[:api_client] = client_auth.api_client
-    Thread.current[:user] = client_auth.user
-  end
-
   test "creating a user makes a log" do
     set_user_from_auth :admin_trustedclient
     u = User.new(first_name: "Log", last_name: "Test")
diff --git a/services/api/test/unit/permission_test.rb b/services/api/test/unit/permission_test.rb
new file mode 100644
index 0000000000..c8e00bb756
--- /dev/null
+++ b/services/api/test/unit/permission_test.rb
@@ -0,0 +1,17 @@
+require 'test_helper'
+
+class PermissionTest < ActiveSupport::TestCase
+  test "Grant permissions on an object I own" do
+    set_user_from_auth :active_trustedclient
+
+    ob = Specimen.create
+    assert ob.save
+
+    # Ensure I have permission to manage this group even when its owner changes
+    perm_link = Link.create(tail_uuid: users(:active).uuid,
+                            head_uuid: ob.uuid,
+                            link_class: 'permission',
+                            name: 'can_manage')
+    assert perm_link.save, "should give myself permission on my own object"
+  end
+end