[ARVADOS] updated: 5386f6657234f3c24a4783cf63ab85016eda85b8

git at public.curoverse.com git at public.curoverse.com
Thu Jun 18 11:36:01 EDT 2015


Summary of changes:
 .../arvados/v1/virtual_machines_controller.rb      |  6 +--
 services/api/test/fixtures/links.yml               | 43 ++++++++++++++++++++++
 .../functional/arvados/v1/links_controller_test.rb |  2 +-
 .../functional/arvados/v1/users_controller_test.rb |  2 +-
 .../arvados/v1/virtual_machines_controller_test.rb | 43 ++++++++++++++++++++++
 5 files changed, 91 insertions(+), 5 deletions(-)

       via  5386f6657234f3c24a4783cf63ab85016eda85b8 (commit)
       via  657235e9e2b90c837efe809fc014fe6fe0cb9b23 (commit)
       via  daed47277f97a1e972904b1fdcd16f8ce38a4e6a (commit)
      from  970bcc6f77a7b1ff14a7ec124e3004d89b1f173a (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 5386f6657234f3c24a4783cf63ab85016eda85b8
Merge: 970bcc6 657235e
Author: Brett Smith <brett at curoverse.com>
Date:   Thu Jun 18 11:35:40 2015 -0400

    Merge branch '6320-api-logins-include-groups-wip'
    
    Refs #6320.  Closes #6325.


commit 657235e9e2b90c837efe809fc014fe6fe0cb9b23
Author: Brett Smith <brett at curoverse.com>
Date:   Tue Jun 16 09:40:58 2015 -0400

    6320: API virtual machines login method include groups information.
    
    This is necessary for the virtual machine user setup script to see the
    groups information added in #6254.
    
    This required updating a few tests that assumed the active user had no
    access to testvm2.

diff --git a/services/api/app/controllers/arvados/v1/virtual_machines_controller.rb b/services/api/app/controllers/arvados/v1/virtual_machines_controller.rb
index 35e5e42..519178b 100644
--- a/services/api/app/controllers/arvados/v1/virtual_machines_controller.rb
+++ b/services/api/app/controllers/arvados/v1/virtual_machines_controller.rb
@@ -24,11 +24,11 @@ class Arvados::V1::VirtualMachinesController < ApplicationController
       vm.login_permissions.each do |perm|
         user_uuid = perm.tail_uuid
         @users[user_uuid].andand.authorized_keys.andand.each do |ak|
-          username = perm.properties.andand['username']
-          if username
+          unless perm.properties['username'].blank?
             @response << {
-              username: username,
+              username: perm.properties['username'],
               hostname: vm.hostname,
+              groups: (perm.properties["groups"].to_a rescue []),
               public_key: ak.public_key,
               user_uuid: user_uuid,
               virtual_machine_uuid: vm.uuid,
diff --git a/services/api/test/fixtures/links.yml b/services/api/test/fixtures/links.yml
index d840098..434f9c7 100644
--- a/services/api/test/fixtures/links.yml
+++ b/services/api/test/fixtures/links.yml
@@ -818,6 +818,21 @@ admin_can_login_to_testvm2:
   properties: {username: 'adminroot', groups: ['docker', 'admin']}
   updated_at: 2014-08-06 22:11:51.242010312 Z
 
+active_can_login_to_testvm2:
+  uuid: zzzzz-o0j2j-rah2ya1ohx9xaev
+  owner_uuid: zzzzz-tpzed-d9tiejq69daie8f
+  created_at: 2014-08-06 22:11:51.242392533 Z
+  modified_by_client_uuid: zzzzz-ozdt8-brczlopd8u8d0jr
+  modified_by_user_uuid: zzzzz-tpzed-d9tiejq69daie8f
+  modified_at: 2014-08-06 22:11:51.242150425 Z
+  tail_uuid: zzzzz-tpzed-xurymjxw79nv3jz
+  link_class: permission
+  name: can_login
+  head_uuid: zzzzz-2x53u-382brsig8rp3065
+  # No groups.
+  properties: {username: 'active'}
+  updated_at: 2014-08-06 22:11:51.242010312 Z
+
 spectator_login_link_for_testvm2_without_username:
   uuid: zzzzz-o0j2j-aem0eilie1jigh9
   owner_uuid: zzzzz-tpzed-d9tiejq69daie8f
diff --git a/services/api/test/functional/arvados/v1/links_controller_test.rb b/services/api/test/functional/arvados/v1/links_controller_test.rb
index 9bf1b0b..1345701 100644
--- a/services/api/test/functional/arvados/v1/links_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/links_controller_test.rb
@@ -122,7 +122,7 @@ class Arvados::V1::LinksControllerTest < ActionController::TestCase
       link_class: 'test',
       name: 'stuff',
       head_uuid: users(:active).uuid,
-      tail_uuid: virtual_machines(:testvm2).uuid
+      tail_uuid: authorized_keys(:admin).uuid,
     }
     authorize_with :active
     post :create, link: link
diff --git a/services/api/test/functional/arvados/v1/users_controller_test.rb b/services/api/test/functional/arvados/v1/users_controller_test.rb
index bf27d73..e87068c 100644
--- a/services/api/test/functional/arvados/v1/users_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/users_controller_test.rb
@@ -584,7 +584,7 @@ class Arvados::V1::UsersControllerTest < ActionController::TestCase
     assert active_user['is_active'], 'expected is_active for active user'
 
     verify_link_existence active_user['uuid'], active_user['email'],
-          false, true, false, true, true
+          false, true, true, true, true
 
     authorize_with :admin
 
diff --git a/services/api/test/functional/arvados/v1/virtual_machines_controller_test.rb b/services/api/test/functional/arvados/v1/virtual_machines_controller_test.rb
index d52a581..8ca2a94 100644
--- a/services/api/test/functional/arvados/v1/virtual_machines_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/virtual_machines_controller_test.rb
@@ -23,6 +23,20 @@ class Arvados::V1::VirtualMachinesControllerTest < ActionController::TestCase
     assert_equal(perm.properties["username"], admin_login["username"])
   end
 
+  test "groups propagated from permission" do
+    get_logins_for(:testvm2)
+    admin_login = find_login(:admin)
+    perm = links(:admin_can_login_to_testvm2)
+    assert_equal(perm.properties["groups"], admin_login["groups"])
+  end
+
+  test "groups is an empty list by default" do
+    get_logins_for(:testvm2)
+    active_login = find_login(:active)
+    perm = links(:active_can_login_to_testvm2)
+    assert_equal([], active_login["groups"])
+  end
+
   test "logins without usernames not listed" do
     get_logins_for(:testvm2)
     assert_response :success

commit daed47277f97a1e972904b1fdcd16f8ce38a4e6a
Author: Brett Smith <brett at curoverse.com>
Date:   Tue Jun 16 09:18:32 2015 -0400

    6320: Add tests for API virtual machines login method.

diff --git a/services/api/test/fixtures/links.yml b/services/api/test/fixtures/links.yml
index 42ecad3..d840098 100644
--- a/services/api/test/fixtures/links.yml
+++ b/services/api/test/fixtures/links.yml
@@ -803,6 +803,34 @@ auto_setup_vm_login_username_can_login_to_test_vm:
   properties: {username: 'auto_setup_vm_login'}
   updated_at: 2014-08-06 22:11:51.242010312 Z
 
+admin_can_login_to_testvm2:
+  uuid: zzzzz-o0j2j-peek9mecohgh3ai
+  owner_uuid: zzzzz-tpzed-d9tiejq69daie8f
+  created_at: 2014-08-06 22:11:51.242392533 Z
+  modified_by_client_uuid: zzzzz-ozdt8-brczlopd8u8d0jr
+  modified_by_user_uuid: zzzzz-tpzed-d9tiejq69daie8f
+  modified_at: 2014-08-06 22:11:51.242150425 Z
+  tail_uuid: zzzzz-tpzed-d9tiejq69daie8f
+  link_class: permission
+  name: can_login
+  head_uuid: zzzzz-2x53u-382brsig8rp3065
+  # username is not obviously related to other user data.
+  properties: {username: 'adminroot', groups: ['docker', 'admin']}
+  updated_at: 2014-08-06 22:11:51.242010312 Z
+
+spectator_login_link_for_testvm2_without_username:
+  uuid: zzzzz-o0j2j-aem0eilie1jigh9
+  owner_uuid: zzzzz-tpzed-d9tiejq69daie8f
+  created_at: 2014-08-06 22:11:51.242392533 Z
+  modified_by_client_uuid: zzzzz-ozdt8-brczlopd8u8d0jr
+  modified_by_user_uuid: zzzzz-tpzed-d9tiejq69daie8f
+  modified_at: 2014-08-06 22:11:51.242150425 Z
+  tail_uuid: zzzzz-tpzed-l1s2piq4t4mps8r
+  link_class: permission
+  name: can_login
+  head_uuid: zzzzz-2x53u-382brsig8rp3065
+  updated_at: 2014-08-06 22:11:51.242010312 Z
+
 user_foo_can_read_sharing_group:
   uuid: zzzzz-o0j2j-gdpvwvpj9kjs5in
   owner_uuid: zzzzz-tpzed-000000000000000
diff --git a/services/api/test/functional/arvados/v1/virtual_machines_controller_test.rb b/services/api/test/functional/arvados/v1/virtual_machines_controller_test.rb
index fd7431d..d52a581 100644
--- a/services/api/test/functional/arvados/v1/virtual_machines_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/virtual_machines_controller_test.rb
@@ -1,4 +1,33 @@
 require 'test_helper'
 
 class Arvados::V1::VirtualMachinesControllerTest < ActionController::TestCase
+  def get_logins_for(vm_sym)
+    authorize_with :admin
+    get(:logins, id: virtual_machines(vm_sym).uuid)
+  end
+
+  def find_login(sshkey_sym)
+    assert_response :success
+    want_key = authorized_keys(sshkey_sym).public_key
+    logins = json_response["items"].select do |login|
+      login["public_key"] == want_key
+    end
+    assert_equal(1, logins.size, "failed to find #{sshkey_sym} login")
+    logins.first
+  end
+
+  test "username propagated from permission" do
+    get_logins_for(:testvm2)
+    admin_login = find_login(:admin)
+    perm = links(:admin_can_login_to_testvm2)
+    assert_equal(perm.properties["username"], admin_login["username"])
+  end
+
+  test "logins without usernames not listed" do
+    get_logins_for(:testvm2)
+    assert_response :success
+    spectator_uuid = users(:spectator).uuid
+    assert_empty(json_response.
+                 select { |login| login["user_uuid"] == spectator_uuid })
+  end
 end

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list