[ARVADOS] updated: ec3197c63b0b690103676ddb9099681c8cc661c4
git at public.curoverse.com
git at public.curoverse.com
Thu Apr 24 11:36:35 EDT 2014
Summary of changes:
apps/workbench/test/functional/api_ticket_test.rb | 74 ++++++++++++++-------
1 files changed, 51 insertions(+), 23 deletions(-)
via ec3197c63b0b690103676ddb9099681c8cc661c4 (commit)
from 4425dbc002ec66aa18a6769d9c1aba46c8d30586 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit ec3197c63b0b690103676ddb9099681c8cc661c4
Author: Brett Smith <brett at curoverse.com>
Date: Thu Apr 24 11:36:36 2014 -0400
workbench: Refactor api_ticket tests.
This arranges to make only controller request per test, to help ensure
that the tests don't accidentally pick up maintained state.
diff --git a/apps/workbench/test/functional/api_ticket_test.rb b/apps/workbench/test/functional/api_ticket_test.rb
index 582de2c..e9b9f22 100644
--- a/apps/workbench/test/functional/api_ticket_test.rb
+++ b/apps/workbench/test/functional/api_ticket_test.rb
@@ -3,32 +3,60 @@
require 'test_helper'
class ApiTicketTest < ActionController::TestCase
- test "api_ticket temporarily overrides api_token" do
+ def setup
# ApiClientAuthorizationsController provides the easiest way to get
# different results across different users.
@controller = ApiClientAuthorizationsController.new
- def get_page_with(*get_args)
- get :index, *get_args
- assert_response(:success, "failed to get index with #{get_args}")
- JSON.parse(@response.body).map { |auth| auth['api_token'] }
+ end
+
+ def sorted_tokens(auth_list)
+ auth_list.map { |auth| auth['api_token'] }.sort
+ end
+
+ def tokens_owned_by(user)
+ res = api_fixture('api_client_authorizations').each_value.select { |auth|
+ (auth['user'] == user.to_s) and (Time.now < auth['expires_at'])
+ }
+ sorted_tokens(res)
+ end
+
+ def token_for(auth_name)
+ api_fixture('api_client_authorizations')[auth_name.to_s]['api_token']
+ end
+
+ def build_params(params)
+ params = params.dup
+ params[:format] ||= :json
+ [:api_token, :api_ticket].each do |key|
+ if auth_name = params.delete(key)
+ params[key] = token_for(auth_name)
+ end
+ end
+ params
+ end
+
+ def get_tokens_with(*get_args)
+ get :index, *get_args
+ assert_response(:success, "failed to get tokens with #{get_args}")
+ sorted_tokens(JSON.parse(@response.body))
+ end
+
+ test "api_ticket works with no state" do
+ assert_equal(tokens_owned_by(:active),
+ get_tokens_with(build_params(api_ticket:
+ :active_trustedclient)),
+ "bad results with stateless ticket")
+ end
+
+ test "api_ticket temporarily overrides session token" do
+ orig_session = session_for :admin_trustedclient
+ assert_equal(tokens_owned_by(:active),
+ get_tokens_with(build_params(api_ticket:
+ :active_trustedclient),
+ orig_session.dup),
+ "bad results when overriding session token")
+ orig_session.each_pair do |key, value|
+ assert_equal(value, session[key], "session #{key} changed")
end
- auths = api_fixture('api_client_authorizations')
- json_param = {format: :json}
- ticket_params =
- json_param.merge(api_ticket: auths['active_trustedclient']['api_token'])
- token_params =
- json_param.merge(api_token: auths['admin_trustedclient']['api_token'])
- # Make sure api_ticket works with no state.
- ticket_results = get_page_with(ticket_params)
- # Set up a session by using api_token.
- token_results = get_page_with(token_params)
- assert_not_equal(ticket_results, token_results,
- "different API tokens reported identical results")
- # Make sure api_ticket overrides the session.
- assert_equal(ticket_results, get_page_with(ticket_params),
- "results using api_ticket are inconsistent")
- # Make sure using api_ticket didn't break the session.
- assert_equal(token_results, get_page_with(json_param),
- "results relying on session token are inconsistent")
end
end
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list