[ARVADOS] created: a96adab2a4758c7a969156621c0ed4fe710b98c2

git at public.curoverse.com git at public.curoverse.com
Tue Jul 15 15:30:46 EDT 2014 

        at  a96adab2a4758c7a969156621c0ed4fe710b98c2 (commit)


commit a96adab2a4758c7a969156621c0ed4fe710b98c2
Author: Tim Pierce <twp at curoverse.com>
Date:   Mon Jul 14 14:01:28 2014 -0400

    3072: add an empty collection in db seeds
    
    Added empty collection (owned by the anonymous group) to test fixtures
    and to db/seeds.rb.
    
    API integration tests: in permissions_test.rb, test that the active user
    can read objects in the anonymous group, even when there are no explicit
    permission links on that group or objects in it.
    
    Workbench integration tests: added a test to confirm that a non-admin
    user can get the empty collection.
    
    Cleanup code: User.can? now takes either a uuid or an object for the target.
    
    Refs #3072.

diff --git a/apps/workbench/test/integration/collections_test.rb b/apps/workbench/test/integration/collections_test.rb
index 8ac8fe4..8657aaa 100644
--- a/apps/workbench/test/integration/collections_test.rb
+++ b/apps/workbench/test/integration/collections_test.rb
@@ -74,4 +74,10 @@ class CollectionsTest < ActionDispatch::IntegrationTest
     assert_equal(['foo'], hrefs.compact.sort,
                  "download page did provide strictly file links")
   end
+
+  test "can view empty collection" do
+    uuid = 'd41d8cd98f00b204e9800998ecf8427e+0'
+    visit page_with_token('active', "/collections/#{uuid}")
+    assert page.has_text?('This collection is empty')
+  end
 end
diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index e79c485..6547585 100644
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -51,9 +51,13 @@ class User < ArvadosModel
   def can?(actions)
     return true if is_admin
     actions.each do |action, target|
-      target_uuid = target
-      if target.respond_to? :uuid
-        target_uuid = target.uuid
+      unless target.nil?
+        if target.respond_to? :uuid
+          target_uuid = target.uuid
+        else
+          target_uuid = target
+          target = ArvadosModel.find_by_uuid(target_uuid)
+        end
       end
       next if target_uuid == self.uuid
       next if (group_permissions[target_uuid] and
diff --git a/services/api/db/migrate/20140714184006_empty_collection.rb b/services/api/db/migrate/20140714184006_empty_collection.rb
new file mode 100644
index 0000000..2afd582
--- /dev/null
+++ b/services/api/db/migrate/20140714184006_empty_collection.rb
@@ -0,0 +1,13 @@
+class EmptyCollection < ActiveRecord::Migration
+  include CurrentApiClient
+
+  def up
+    empty_collection
+  end
+
+  def down
+    act_as_system_user do
+      empty_collection.destroy
+    end
+  end
+end
diff --git a/services/api/db/seeds.rb b/services/api/db/seeds.rb
index abd325c..d397b91 100644
--- a/services/api/db/seeds.rb
+++ b/services/api/db/seeds.rb
@@ -9,3 +9,4 @@ system_user
 system_group
 anonymous_group
 anonymous_user
+empty_collection
diff --git a/services/api/db/structure.sql b/services/api/db/structure.sql
index 850a89e..61433a6 100644
--- a/services/api/db/structure.sql
+++ b/services/api/db/structure.sql
@@ -1971,4 +1971,6 @@ INSERT INTO schema_migrations (version) VALUES ('20140611173003');
 
 INSERT INTO schema_migrations (version) VALUES ('20140627210837');
 
-INSERT INTO schema_migrations (version) VALUES ('20140709172343');
\ No newline at end of file
+INSERT INTO schema_migrations (version) VALUES ('20140709172343');
+
+INSERT INTO schema_migrations (version) VALUES ('20140714184006');
\ No newline at end of file
diff --git a/services/api/lib/current_api_client.rb b/services/api/lib/current_api_client.rb
index 94bd2b5..7100f3a 100644
--- a/services/api/lib/current_api_client.rb
+++ b/services/api/lib/current_api_client.rb
@@ -158,4 +158,19 @@ module CurrentApiClient
     $anonymous_user
   end
 
+  def empty_collection_uuid
+    'd41d8cd98f00b204e9800998ecf8427e+0'
+  end
+
+  def empty_collection
+    if not $empty_collection
+      act_as_system_user do
+        $empty_collection = Collection.
+          where(uuid: empty_collection_uuid).
+          first_or_create!(owner_uuid: anonymous_group_uuid,
+                           manifest_text: '')
+      end
+    end
+    $empty_collection
+  end
 end
diff --git a/services/api/test/fixtures/collections.yml b/services/api/test/fixtures/collections.yml
index bce7df1..73ec920 100644
--- a/services/api/test/fixtures/collections.yml
+++ b/services/api/test/fixtures/collections.yml
@@ -69,3 +69,26 @@ docker_image:
   modified_at: 2014-06-11T17:22:54Z
   updated_at: 2014-06-11T17:22:54Z
   manifest_text: ". d21353cfe035e3e384563ee55eadbb2f+67108864 5c77a43e329b9838cbec18ff42790e57+55605760 0:122714624:d8309758b8fe2c81034ffc8a10c36460b77db7bc5e7b448c4e5b684f9d95a678.tar\n"
+
+anonymous:
+  # Collection owned by the anonymous group
+  # (should be readable by all users)
+  uuid: 39e4ec5e67d7c6c8dcb549d7593180af+32
+  owner_uuid: zzzzz-j7d0g-anonymouspublic
+  created_at: 2014-06-11T17:22:54Z
+  modified_by_client_uuid: zzzzz-ozdt8-brczlopd8u8d0jr
+  modified_by_user_uuid: zzzzz-tpzed-d9tiejq69daie8f
+  modified_at: 2014-06-11T17:22:54Z
+  updated_at: 2014-06-11T17:22:54Z
+  manifest_text: ". anonymous-collection-file.txt\n"
+
+empty:
+  # Empty collection owned by anonymous_group is added with rake db:seed.
+  uuid: d41d8cd98f00b204e9800998ecf8427e+0
+  owner_uuid: zzzzz-j7d0g-anonymouspublic
+  created_at: 2014-06-11T17:22:54Z
+  modified_by_client_uuid: zzzzz-ozdt8-brczlopd8u8d0jr
+  modified_by_user_uuid: zzzzz-tpzed-d9tiejq69daie8f
+  modified_at: 2014-06-11T17:22:54Z
+  updated_at: 2014-06-11T17:22:54Z
+  manifest_text: ""
diff --git a/services/api/test/integration/permissions_test.rb b/services/api/test/integration/permissions_test.rb
index 274e8f1..26a0f02 100644
--- a/services/api/test/integration/permissions_test.rb
+++ b/services/api/test/integration/permissions_test.rb
@@ -1,6 +1,7 @@
 require 'test_helper'
 
 class PermissionsTest < ActionDispatch::IntegrationTest
+  include CurrentApiClient  # for empty_collection
   fixtures :users, :groups, :api_client_authorizations, :collections
 
   test "adding and removing direct can_read links" do
@@ -360,4 +361,34 @@ class PermissionsTest < ActionDispatch::IntegrationTest
     get "/arvados/v1/permissions/#{groups(:public).uuid}", nil, auth(:active)
     assert_response 403
   end
+
+  test "active user can read an object in the anonymous group" do
+    # make sure there is no link explicitly granting permission to
+    # the anonymous collection or its owner
+    get("/arvados/v1/permissions/#{collections(:anonymous).owner_uuid}",
+        { :format => :json },
+        auth(:admin))
+    assert_response :success
+    assert_empty json_response['items']
+
+    get("/arvados/v1/permissions/#{collections(:anonymous).uuid}",
+        { :format => :json },
+        auth(:admin))
+    assert_response :success
+    assert_empty json_response['items']
+
+    # the active user should still be able to read the anonymous collection.
+    get("/arvados/v1/collections/#{collections(:anonymous).uuid}",
+        { :format => :json },
+        auth(:active))
+    assert_response :success
+    assert_equal json_response['manifest_text'], collections(:anonymous).manifest_text
+
+    # the active user should be able to read the empty collection
+    get("/arvados/v1/collections/#{empty_collection_uuid}",
+        { :format => :json },
+        auth(:active))
+    assert_response :success
+    assert_empty json_response['manifest_text'], "empty collection manifest_text is not empty"
+  end
 end

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list