[ARVADOS] created: 1.1.1-118-gc4e6d3c
Git user
git at public.curoverse.com
Mon Dec 4 15:00:16 EST 2017
at c4e6d3c9a8a55460c4ee663e66ea1093c6088d4f (commit)
commit c4e6d3c9a8a55460c4ee663e66ea1093c6088d4f
Author: Lucas Di Pentima <ldipentima at veritasgenetics.com>
Date: Mon Dec 4 16:19:37 2017 -0300
12662: Added test proving that User.current won't return the
anonoymous user when using an invalid token and having the
anonymous_user_token config set.
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima at veritasgenetics.com>
diff --git a/apps/workbench/test/unit/user_test.rb b/apps/workbench/test/unit/user_test.rb
index 1b88715..fa9a69d 100644
--- a/apps/workbench/test/unit/user_test.rb
+++ b/apps/workbench/test/unit/user_test.rb
@@ -13,4 +13,18 @@ class UserTest < ActiveSupport::TestCase
assert_nil user.first_name
end
end
+
+ test "User.current doesn't return anonymous user when using invalid token" do
+ # Set up anonymous user token
+ Rails.configuration.anonymous_user_token = api_fixture('api_client_authorizations')['anonymous']['api_token']
+ # First, try with a valid user
+ use_token :active
+ u = User.current
+ assert(find_fixture(User, "active").uuid == u.uuid)
+ # Next, simulate an invalid token
+ Thread.current[:arvados_api_token] = 'thistokenwontwork'
+ assert_raises(ArvadosApiClient::NotLoggedInException) do
+ User.current
+ end
+ end
end
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list