[ARVADOS] updated: adc708ae28fa9e1a5ca43f3639dd8bdc6059f03b

git at public.curoverse.com git at public.curoverse.com
Thu Nov 27 18:50:31 EST 2014 

Summary of changes:
 sdk/cli/Gemfile.lock                               |  4 +--
 .../api/app/controllers/database_controller.rb     | 18 +++++++++++++
 services/api/config/application.default.yml        |  1 -
 services/api/config/routes.rb                      |  2 +-
 services/api/test/fixtures/users.yml               | 16 ++++++++++++
 .../test/functional/database_controller_test.rb    | 30 ++++++++++------------
 .../api/test/integration/database_reset_test.rb    | 15 +++++++----
 7 files changed, 61 insertions(+), 25 deletions(-)

       via  adc708ae28fa9e1a5ca43f3639dd8bdc6059f03b (commit)
       via  9d281577e42c6f8411cc3ee9954134b771499624 (commit)
      from  f3460b2f2e8088e861d1852e4f26784b3c96ded8 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit adc708ae28fa9e1a5ca43f3639dd8bdc6059f03b
Author: Tom Clegg <tom at curoverse.com>
Date:   Thu Nov 27 01:26:16 2014 -0500

    4533: Sync Gemfile.lock to Gemfile.

diff --git a/sdk/cli/Gemfile.lock b/sdk/cli/Gemfile.lock
index fa7e1b2..9471814 100644
--- a/sdk/cli/Gemfile.lock
+++ b/sdk/cli/Gemfile.lock
@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    arvados-cli (0.1.20141125003255)
+    arvados-cli (0.1.20141127074001)
       activesupport (~> 3.2, >= 3.2.13)
       andand (~> 1.3, >= 1.3.3)
       arvados (~> 0.1, >= 0.1.0)
@@ -20,7 +20,7 @@ GEM
       multi_json (~> 1.0)
     addressable (2.3.6)
     andand (1.3.3)
-    arvados (0.1.20141114230720)
+    arvados (0.1.20141118083211)
       activesupport (>= 3.2.13)
       andand (~> 1.3, >= 1.3.3)
       google-api-client (~> 0.6.3, >= 0.6.3)

commit 9d281577e42c6f8411cc3ee9954134b771499624
Author: Tom Clegg <tom at curoverse.com>
Date:   Thu Nov 27 01:18:01 2014 -0500

    4533: Replace enable_remote_reset config knob with check for existence of non-fixture users.

diff --git a/services/api/app/controllers/database_controller.rb b/services/api/app/controllers/database_controller.rb
index 91d98e5..a2e15ed 100644
--- a/services/api/app/controllers/database_controller.rb
+++ b/services/api/app/controllers/database_controller.rb
@@ -5,6 +5,24 @@ class DatabaseController < ApplicationController
   def reset
     raise ArvadosModel::PermissionDeniedError unless Rails.env == 'test'
 
+    # Sanity check: If someone has actually logged in here, this might
+    # not really be a throwaway database. Client test suites should
+    # use @example.com email addresses when creating user records, so
+    # we can tell they're not valuable.
+    user_uuids = User.
+      where('email is null or email not like ?', '%@example.com').
+      collect &:uuid
+    fixture_uuids =
+      YAML::load_file(File.expand_path('../../../test/fixtures/users.yml',
+                                       __FILE__)).
+      values.collect { |u| u['uuid'] }
+    unexpected_uuids = user_uuids - fixture_uuids
+    if unexpected_uuids.any?
+      logger.error("Running in test environment, but non-fixture users exist: " +
+                   "#{unexpected_uuids}")
+      raise ArvadosModel::PermissionDeniedError
+    end
+
     require 'active_record/fixtures'
 
     # What kinds of fixtures do we have?
diff --git a/services/api/config/application.default.yml b/services/api/config/application.default.yml
index a357439..8b3eb21 100644
--- a/services/api/config/application.default.yml
+++ b/services/api/config/application.default.yml
@@ -46,7 +46,6 @@ test:
   user_profile_notification_address: arvados at example.com
   workbench_address: https://localhost:3001/
   websocket_address: ws://127.0.0.1:3333/websocket
-  enable_remote_database_reset: true
 
 common:
   uuid_prefix: <%= Digest::MD5.hexdigest(`hostname`).to_i(16).to_s(36)[0..4] %>
diff --git a/services/api/config/routes.rb b/services/api/config/routes.rb
index 3537504..c353938 100644
--- a/services/api/config/routes.rb
+++ b/services/api/config/routes.rb
@@ -63,7 +63,7 @@ Server::Application.routes.draw do
     end
   end
 
-  if Rails.configuration.enable_remote_database_reset
+  if Rails.env == 'test'
     post '/database/reset', to: 'database#reset'
   end
 
diff --git a/services/api/test/fixtures/users.yml b/services/api/test/fixtures/users.yml
index ebf455a..c859f39 100644
--- a/services/api/test/fixtures/users.yml
+++ b/services/api/test/fixtures/users.yml
@@ -1,5 +1,21 @@
 # Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
 
+system_user:
+  uuid: zzzzz-tpzed-000000000000000
+  owner_uuid: zzzzz-tpzed-000000000000000
+  created_at: 2014-11-27 06:38:21.215463000 Z
+  modified_by_client_uuid: zzzzz-ozdt8-teyxzyd8qllg11h
+  modified_by_user_uuid: zzzzz-tpzed-000000000000000
+  modified_at: 2014-11-27 06:38:21.208036000 Z
+  email: root
+  first_name: root
+  last_name: ''
+  identity_url:
+  is_admin: true
+  prefs: {}
+  updated_at: 2014-11-27 06:38:21.207873000 Z
+  is_active: true
+
 admin:
   owner_uuid: zzzzz-tpzed-000000000000000
   uuid: zzzzz-tpzed-d9tiejq69daie8f
diff --git a/services/api/test/functional/database_controller_test.rb b/services/api/test/functional/database_controller_test.rb
index 4aab950..56662ee 100644
--- a/services/api/test/functional/database_controller_test.rb
+++ b/services/api/test/functional/database_controller_test.rb
@@ -3,37 +3,35 @@ require 'test_helper'
 class DatabaseControllerTest < ActionController::TestCase
   include CurrentApiClient
 
-  teardown do
-    restore_configuration
-    # We made configuration changes here that affect routing.
-    Rails.application.reload_routes!
-  end
-
   test "reset fails with non-admin token" do
     authorize_with :active
     post :reset
     assert_response 403
   end
 
-  test "reset fails when not in test mode" do
+  test "route not found when not in test mode" do
     authorize_with :admin
     env_was = Rails.env
+    Rails.application.reload_routes!
     begin
-      Rails.env = 'development'
-      post :reset
-      assert_response 403
+      assert_raises ActionController::RoutingError do
+        Rails.env = 'production'
+        Rails.application.reload_routes!
+        post :reset
+      end
     ensure
       Rails.env = env_was
+      Rails.application.reload_routes!
     end
   end
 
-  test "reset fails when not configured" do
-    Rails.configuration.enable_remote_database_reset = false
-    Rails.application.reload_routes!
-    authorize_with :admin
-    assert_raise ActionController::RoutingError do
-      post :reset
+  test "reset fails when a non-test-fixture user exists" do
+    act_as_system_user do
+      User.create!(uuid: 'abcde-tpzed-123451234512345', email: 'bar at example.net')
     end
+    authorize_with :admin
+    post :reset
+    assert_response 403
   end
 
   test "reset succeeds with admin token" do
diff --git a/services/api/test/integration/database_reset_test.rb b/services/api/test/integration/database_reset_test.rb
index 84f8a19..8c77c2d 100644
--- a/services/api/test/integration/database_reset_test.rb
+++ b/services/api/test/integration/database_reset_test.rb
@@ -7,11 +7,16 @@ class DatabaseResetTest < ActionDispatch::IntegrationTest
     Rails.application.reload_routes!
   end
 
-  test "reset fails when not configured" do
-    Rails.configuration.enable_remote_database_reset = false
-    Rails.application.reload_routes!
-    post '/database/reset', {}, auth(:admin)
-    assert_response 404
+  test "reset fails when Rails.env != 'test'" do
+    rails_env_was = Rails.env
+    begin
+      Rails.env = 'production'
+      Rails.application.reload_routes!
+      post '/database/reset', {}, auth(:admin)
+      assert_response 404
+    ensure
+      Rails.env = rails_env_was
+    end
   end
 
   test "reset fails with non-admin token" do

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list