Skip to content

Commit

Permalink
Test cases and fix for config option new_user_dataset_access_role_def…
Browse files Browse the repository at this point in the history
…ault_private.
  • Loading branch information
jmchilton committed Dec 7, 2020
1 parent b0be015 commit 106516e
Show file tree
Hide file tree
Showing 5 changed files with 54 additions and 8 deletions.
1 change: 1 addition & 0 deletions lib/galaxy/webapps/galaxy/api/histories.py
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,7 @@ def create(self, trans, payload, **kwd):
else:
new_history = self.manager.create(user=trans.user, name=hist_name)

trans.app.security_agent.history_set_default_permissions(new_history)
trans.sa_session.add(new_history)
trans.sa_session.flush()

Expand Down
13 changes: 9 additions & 4 deletions lib/galaxy_test/api/test_history_contents.py
Original file line number Diff line number Diff line change
Expand Up @@ -128,13 +128,18 @@ def _verify_dataset_permissions(self, api_endpoint):

def _assert_other_user_cannot_access(self, history_content_id):
with self._different_user():
contents_response = self._get(f"histories/{self.history_id}/contents/{history_content_id}").json()
assert "name" not in contents_response
contents_response = self.dataset_populator.get_history_dataset_details_raw(
history_id=self.history_id, dataset_id=history_content_id
)
assert contents_response.status_code == 403

def _assert_other_user_can_access(self, history_content_id):
with self._different_user():
contents_response = self._get(f"histories/{self.history_id}/contents/{history_content_id}").json()
assert "name" in contents_response
contents_response = self.dataset_populator.get_history_dataset_details_raw(
history_id=self.history_id, dataset_id=history_content_id
)
contents_response.raise_for_status()
assert "name" in contents_response.json()

def test_index_hda_all_details(self):
hda1 = self._new_dataset(self.history_id)
Expand Down
4 changes: 2 additions & 2 deletions lib/galaxy_test/base/api.py
Original file line number Diff line number Diff line change
Expand Up @@ -62,8 +62,8 @@ def _setup_user_get_key(self, email, password=None, is_admin=True):
def _different_user(self, email=OTHER_USER):
""" Use in test cases to switch get/post operations to act as new user,
with self._different_user( "[email protected]" ):
self._get( "histories" ) # Gets [email protected] histories.
with self._different_user("[email protected]"):
self._get("histories") # Gets [email protected] histories.
"""
original_api_key = self.user_api_key
original_interactor_key = self.galaxy_interactor.api_key
Expand Down
8 changes: 6 additions & 2 deletions lib/galaxy_test/base/populators.py
Original file line number Diff line number Diff line change
Expand Up @@ -443,10 +443,14 @@ def get_history_dataset_content(self, history_id, wait=True, filename=None, type

def get_history_dataset_details(self, history_id, **kwds):
dataset_id = self.__history_content_id(history_id, **kwds)
details_response = self._get_contents_request(history_id, "/datasets/%s" % dataset_id)
assert details_response.status_code == 200
details_response = self.get_history_dataset_details_raw(history_id, dataset_id)
details_response.raise_for_status()
return details_response.json()

def get_history_dataset_details_raw(self, history_id, dataset_id):
details_response = self._get_contents_request(history_id, f"/datasets/{dataset_id}")
return details_response

def get_history_dataset_extra_files(self, history_id, **kwds):
dataset_id = self.__history_content_id(history_id, **kwds)
details_response = self._get_contents_request(history_id, "/%s/extra_files" % dataset_id)
Expand Down
36 changes: 36 additions & 0 deletions test/integration/test_default_permissions.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
from galaxy_test.base.populators import (
DatasetPopulator
)
from galaxy_test.driver import integration_util


class DefaultPermissionsIntegrationTestCase(integration_util.IntegrationTestCase):
expected_access_status_code = 200

def setUp(self):
super().setUp()
self.dataset_populator = DatasetPopulator(self.galaxy_interactor)
self.history_id = self.dataset_populator.new_history()

@classmethod
def handle_galaxy_config_kwds(cls, config):
if hasattr(cls, "new_user_dataset_access_role_default_private"):
config["new_user_dataset_access_role_default_private"] = cls.new_user_dataset_access_role_default_private

def test_setting(self):
hda = self.dataset_populator.new_dataset(self.history_id, wait=True)
with self._different_user():
details_response = self.dataset_populator.get_history_dataset_details_raw(
history_id=self.history_id, dataset_id=hda["id"]
)
assert details_response.status_code == self.expected_access_status_code, details_response.content


class PrivateDefaultPermissionsIntegrationTestCase(DefaultPermissionsIntegrationTestCase):
new_user_dataset_access_role_default_private = True
expected_access_status_code = 403


class PublicDefaultPermissionsIntegrationTestCase(DefaultPermissionsIntegrationTestCase):
new_user_dataset_access_role_default_private = False
expected_access_status_code = 200

0 comments on commit 106516e

Please sign in to comment.