From 92be0d299c3beb4baf8d8ec900ead47a57d7487c Mon Sep 17 00:00:00 2001 From: carolyncole <1599081+carolyncole@users.noreply.github.com> Date: Mon, 16 Dec 2024 12:54:24 -0500 Subject: [PATCH] Getting an extra cas ticket that we could theoretically pass along to mediaflux (#875) * Getting an extra cas ticket that we could theoreticall pass along to mediaflux * Allow UI to load eve if mediaflux is down * Pass along the ticket to mediaflux to login Also updgrade mediaflux to 4.16.082 * debug soo many logins * Removing mediaflux from health monitor It logs in every second and then asks for the version. Research Computing wishes it would login less * Adding the concept of a System Login and an Active Web Login --- app/channels/mediaflux_channel.rb | 6 +- app/controllers/application_controller.rb | 40 ++++++++- .../users/mediaflux_callbacks_controller.rb | 15 ++++ .../users/omniauth_callbacks_controller.rb | 13 +++ app/jobs/activate_project_job.rb | 6 -- app/models/mediaflux/logon_request.rb | 8 +- .../mediaflux/project_approve_request.rb | 4 +- app/models/mediaflux/session_error.rb | 8 ++ app/models/system_user.rb | 12 +++ app/models/user.rb | 29 +++++-- app/views/layouts/application.html.erb | 2 +- config/environments/qa.rb | 2 +- config/initializers/health_monitor.rb | 3 + config/mediaflux.yml | 2 +- config/routes.rb | 2 + docs/aterm_101.md | 2 +- docs/local_development.md | 4 +- docs/mediaflux_manual_installation.md | 2 +- docs/mediaflux_script_access.md | 2 +- lib/tasks/projects.rake | 1 + spec/channels/mediaflux_channel_spec.rb | 2 +- .../mediaflux_info_controller_spec.rb | 6 +- .../omniauth_callbacks_controller_spec.rb | 2 +- spec/controllers/projects_controller_spec.rb | 87 +++++++++++++++++++ spec/controllers/welcome_controller_spec.rb | 4 +- spec/factories/user.rb | 3 + spec/jobs/activate_project_job_spec.rb | 2 +- spec/jobs/file_inventory_cleanup_job_spec.rb | 2 +- spec/jobs/file_inventory_job_spec.rb | 2 +- ...umulator_create_collection_request_spec.rb | 2 +- .../mediaflux/asset_create_request_spec.rb | 7 +- .../mediaflux/asset_destroy_request_spec.rb | 2 +- .../asset_exist_request_headers_spec.rb | 2 +- .../mediaflux/asset_metadata_request_spec.rb | 4 +- .../mediaflux/collection_list_request_spec.rb | 2 +- .../mediaflux/iterator_destroy_request.rb | 2 +- .../models/mediaflux/iterator_request_spec.rb | 2 +- spec/models/mediaflux/logoff_request_spec.rb | 2 +- spec/models/mediaflux/logon_request_spec.rb | 2 +- .../namespace_create_request_spec.rb | 2 +- .../namespace_describe_request_spec.rb | 2 +- .../namespace_destroy_request_spec.rb | 2 +- .../mediaflux/namespace_list_request_spec.rb | 2 +- .../mediaflux/project_approve_request_spec.rb | 2 +- .../mediaflux/project_create_request_spec.rb | 4 +- .../mediaflux/project_update_request_spec.rb | 7 +- spec/models/mediaflux/query_request_spec.rb | 2 +- .../mediaflux/range_query_request_spec.rb | 2 +- .../mediaflux/schema_create_request_spec.rb | 2 +- .../schema_fields_create_request_spec.rb | 2 +- .../mediaflux/service_execute_request_spec.rb | 2 +- .../mediaflux/store_list_request_spec.rb | 2 +- .../test_asset_create_request_spec.rb | 2 +- spec/models/mediaflux/time_spec.rb | 2 +- .../mediaflux/token_create_request_spec.rb | 2 +- spec/models/mediaflux/version_request_spec.rb | 2 +- spec/models/project_accumulator_spec.rb | 2 +- spec/models/project_mediaflux_spec.rb | 2 +- spec/models/project_spec.rb | 12 +-- spec/models/system_user_spec.rb | 22 +++++ spec/models/user_spec.rb | 16 ++++ spec/requests/mediaflux_info_spec.rb | 6 +- spec/requests/projects_spec.rb | 2 +- spec/services/test_project_generator_spec.rb | 2 +- spec/support/connect_to_mediaflux.rb | 5 +- spec/system/mediaflux_info_spec.rb | 2 +- spec/system/mediaflux_session_spec.rb | 27 +++--- spec/system/project_details_spec.rb | 6 +- spec/system/project_roles_spec.rb | 10 +-- spec/system/project_spec.rb | 6 +- spec/system/welcome_spec.rb | 6 +- 71 files changed, 348 insertions(+), 119 deletions(-) create mode 100644 app/controllers/users/mediaflux_callbacks_controller.rb create mode 100644 app/models/mediaflux/session_error.rb create mode 100644 app/models/system_user.rb create mode 100644 spec/models/system_user_spec.rb diff --git a/app/channels/mediaflux_channel.rb b/app/channels/mediaflux_channel.rb index 9ad8f3ab3..2c3414fdf 100644 --- a/app/channels/mediaflux_channel.rb +++ b/app/channels/mediaflux_channel.rb @@ -16,12 +16,8 @@ def update_state private - def superuser - User.find_by(superuser: true) - end - def session_token - superuser.mediaflux_session + SystemUser.mediaflux_session end def version_request diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 509fb76f1..f4129ed88 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -2,7 +2,9 @@ class ApplicationController < ActionController::Base protect_from_forgery with: :exception before_action :authenticate_user! - around_action :mediaflux_session + before_action :mediaflux_session + around_action :mediaflux_session_errors + around_action :mediaflux_login_errors before_action :emulate_user helper_method :breadcrumbs @@ -11,6 +13,11 @@ def new_session_path(_scope) new_user_session_path end + def after_sign_in_path_for(_resource) + mediaflux_passthru_path + # "/users/#{@user.id}" + end + def require_admin_user head :forbidden unless current_user&.eligible_sysadmin? end @@ -26,12 +33,37 @@ def add_breadcrumb(name, path = nil) private def mediaflux_session - # this requires a connection to mediaflux... for ease of development we do not want to require this - # current_user&.mediaflux_from_session(session) + logger.debug "Application Session #{session[:mediaflux_session]} cas: #{session[:active_web_user]}" + unless ["passthru", "cas"].include?(action_name) + current_user&.mediaflux_from_session(session) + end + end + + def mediaflux_session_errors yield - rescue Mediaflux::SessionExpired + rescue ActionView::Template::Error, Mediaflux::SessionExpired => e + raise unless e.is_a?(Mediaflux::SessionExpired) || e.cause.is_a?(Mediaflux::SessionExpired) + if session[:active_web_user] + redirect_to mediaflux_passthru_path(path: request.path) + else + @retry_count ||= 0 + @retry_count += 1 + + current_user.mediaflux_from_session(session) + if @retry_count < 3 # If the session is expired we should not have to retry more than once, but let's have a little wiggle room + retry + else + raise + end + end + end + + def mediaflux_login_errors + yield + rescue Mediaflux::SessionError @retry_count ||= 0 @retry_count += 1 + current_user.clear_mediaflux_session(session) current_user.mediaflux_from_session(session) if @retry_count < 3 # If the session is expired we should not have to retry more than once, but let's have a little wiggle room diff --git a/app/controllers/users/mediaflux_callbacks_controller.rb b/app/controllers/users/mediaflux_callbacks_controller.rb new file mode 100644 index 000000000..e2398b468 --- /dev/null +++ b/app/controllers/users/mediaflux_callbacks_controller.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true +class Users::MediafluxCallbacksController < ApplicationController + def passthru + session[:original_path] = params["path"] + redirect_to session[:cas_login_url], allow_other_host: true + end + + def cas + ticket = params[:ticket] + uri = URI.parse(session[:cas_validation_url]) + token = "#{uri.query}#{ticket}" + current_user.medaiflux_login(token, session) + redirect_to(session["original_path"] || root_path) + end +end diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb index df77b8f5d..5759aa97a 100644 --- a/app/controllers/users/omniauth_callbacks_controller.rb +++ b/app/controllers/users/omniauth_callbacks_controller.rb @@ -4,6 +4,8 @@ def cas access_token = request.env["omniauth.auth"] @user = User.from_cas(access_token) + set_cas_session + if @user.nil? && access_token&.provider == "cas" redirect_to help_path flash.notice = "You can not be signed in at this time." @@ -14,4 +16,15 @@ def cas sign_in_and_redirect @user, event: :authentication # this will throw if @user is not activated end end + + private + + def set_cas_session + strategy = request.env["omniauth.strategy"] + if strategy.present? + service_url = strategy.append_params(mediaflux_extra_url, { url: request.referer }) + session[:cas_login_url] = strategy.login_url(service_url) + session[:cas_validation_url] = strategy.service_validate_url(service_url, "") + end + end end diff --git a/app/jobs/activate_project_job.rb b/app/jobs/activate_project_job.rb index ff3e6cb72..82d1191e5 100644 --- a/app/jobs/activate_project_job.rb +++ b/app/jobs/activate_project_job.rb @@ -26,10 +26,4 @@ def perform(user:, project_id:) } Honeybadger.notify(activation_failure_msg, context: honeybadger_context) end - - private - def mediaflux_session - logon_request = Mediaflux::LogonRequest.new - logon_request.session_token - end end diff --git a/app/models/mediaflux/logon_request.rb b/app/models/mediaflux/logon_request.rb index ec2315e6b..acf0d9262 100644 --- a/app/models/mediaflux/logon_request.rb +++ b/app/models/mediaflux/logon_request.rb @@ -25,11 +25,12 @@ def self.mediaflux_password mediaflux["api_password"] end - def initialize(domain: self.class.mediaflux_domain, user: self.class.mediaflux_user, password: self.class.mediaflux_password, identity_token: nil) + def initialize(domain: self.class.mediaflux_domain, user: self.class.mediaflux_user, password: self.class.mediaflux_password, identity_token: nil, token_type: nil) @domain = domain @user = user @password = password @identity_token = identity_token + @token_type = token_type super() end @@ -67,7 +68,10 @@ def build_http_request_body(name:) xml.user @user xml.password @password else - xml.token @identity_token + xml.token do + xml.parent.set_attribute("type", @token_type) if @token_type + xml.text(@identity_token) + end end end end diff --git a/app/models/mediaflux/project_approve_request.rb b/app/models/mediaflux/project_approve_request.rb index 343ca19fa..4db63b73e 100644 --- a/app/models/mediaflux/project_approve_request.rb +++ b/app/models/mediaflux/project_approve_request.rb @@ -4,8 +4,8 @@ module Mediaflux # # @example # project = Project.first - # project.save_in_mediaflux(session_id: User.first.mediaflux_session) - # approve_req = Mediaflux::ProjectApproveRequest.new(session_token: User.first.mediaflux_session, project:) + # project.save_in_mediaflux(session_id: SystemUser.mediaflux_session) + # approve_req = Mediaflux::ProjectApproveRequest.new(session_token: SystemUser.mediaflux_session, project:) # approve_req.resolve # class ProjectApproveRequest < Request diff --git a/app/models/mediaflux/session_error.rb b/app/models/mediaflux/session_error.rb new file mode 100644 index 000000000..ec8ac7a07 --- /dev/null +++ b/app/models/mediaflux/session_error.rb @@ -0,0 +1,8 @@ +# frozen_string_literal: true +module Mediaflux + # A error to be thrown when the session logon has an error + # This error should not happen, but can happen if there is a bad password or a communication error + # + class SessionError < StandardError + end +end diff --git a/app/models/system_user.rb b/app/models/system_user.rb new file mode 100644 index 000000000..ee23c37dd --- /dev/null +++ b/app/models/system_user.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true +class SystemUser + def self.mediaflux_session + Rails.cache.fetch("mediaflux_session", expires_in: 10.minutes) do + logon_request = Mediaflux::LogonRequest.new + if logon_request.error? + raise Mediaflux::SessionError, "System logon was invalid! #{logon_request.response_error}" + end + logon_request.session_token + end + end +end diff --git a/app/models/user.rb b/app/models/user.rb index e9154ef99..50acab41b 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -10,6 +10,8 @@ class User < ApplicationRecord USER_REGISTRATION_LIST = Rails.root.join("data", "user_registration_list_#{Rails.env}.csv") + attr_accessor :mediaflux_session + def self.from_cas(access_token) user = User.find_by(provider: access_token.provider, uid: access_token.uid) if user.present? && user.given_name.nil? # fix any users that do not have the name information loaded @@ -38,27 +40,38 @@ def self.manager_users end def clear_mediaflux_session(session) + Rails.logger.debug("!!!!!!! Clearing Mediaflux session !!!!!!!!") @mediaflux_session = nil session[:mediaflux_session] = nil end def mediaflux_from_session(session) + logger.debug "Session Get #{session[:mediaflux_session]} cas: #{session[:active_web_user]} user: #{uid}" if session[:mediaflux_session].blank? - session[:mediaflux_session] = mediaflux_session - else - @mediaflux_session = session[:mediaflux_session] + logger.debug("!!!! Creating a new session !!! #{uid}") + session[:mediaflux_session] = SystemUser.mediaflux_session + session[:active_web_user] = false end + @active_web_user = session[:active_web_user] + @mediaflux_session = session[:mediaflux_session] end - def mediaflux_session - @mediaflux_session ||= begin - logon_request = Mediaflux::LogonRequest.new - logon_request.session_token - end + def medaiflux_login(token, session) + logger.debug("mediaflux session created for #{uid}") + logon_request = Mediaflux::LogonRequest.new(identity_token: token, token_type: "cas") + if logon_request.error? + raise "Invalid Logon #{logon_request.response_error}" + end + @mediaflux_session = logon_request.session_token + @active_web_user = true + session[:mediaflux_session] = @mediaflux_session + session[:active_web_user] = @active_web_user + logger.debug "Login Session #{session[:mediaflux_session]} cas: #{session[:active_web_user]} user: #{uid}" end def terminate_mediaflux_session return if @mediaflux_session.nil? # nothing to terminate + logger.debug "!!!! Terminating mediaflux session" Mediaflux::LogoutRequest.new(session_token: @mediaflux_session).response_body @mediaflux_session = nil diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index e3f0f050a..9d9c98c06 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -42,7 +42,7 @@
<% if flash[:notice]%> - + <% end %> <% if flash[:alert]%> diff --git a/config/environments/qa.rb b/config/environments/qa.rb index 5233c4ae7..cd14dc15f 100644 --- a/config/environments/qa.rb +++ b/config/environments/qa.rb @@ -50,7 +50,7 @@ # Include generic and useful information about system operation, but avoid logging too much # information to avoid inadvertent exposure of personally identifiable information (PII). - config.log_level = :info + config.log_level = :debug # Prepend all log lines with the following tags. config.log_tags = [:request_id] diff --git a/config/initializers/health_monitor.rb b/config/initializers/health_monitor.rb index c9cfbc51a..eebd03ada 100644 --- a/config/initializers/health_monitor.rb +++ b/config/initializers/health_monitor.rb @@ -9,6 +9,9 @@ # Mediaflux check config.add_custom_provider(MediafluxStatus) + # allow the UI to load evn if mediaflux is down + config.providers.last.configuration.critical = false + # Make this health check available at /health config.path = :health diff --git a/config/mediaflux.yml b/config/mediaflux.yml index b6e8fee76..0053fc2d7 100644 --- a/config/mediaflux.yml +++ b/config/mediaflux.yml @@ -83,7 +83,7 @@ development: api_transport: <%= ENV["MEDIAFLUX_TRANSPORT"] || 'http' %> api_host: <%= ENV["MEDIAFLUX_HOST"] || '0.0.0.0' %> api_port: <%= ENV["MEDIAFLUX_PORT"] || '8888' %> - + # Alternate to development is an alternate location in docker api_alternate_hidden_root: '/td-alternate-001' api_alternate_root_ns: '/td-alternate-001/tigerdataNS' diff --git a/config/routes.rb b/config/routes.rb index c2e3069bc..3bc706859 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -43,4 +43,6 @@ end mount ActionCable.server => "/cable" + get "mediaflux_extra", to: "users/mediaflux_callbacks#cas", as: :mediaflux_extra + get "mediaflux_passthru", to: "users/mediaflux_callbacks#passthru", as: :mediaflux_passthru end diff --git a/docs/aterm_101.md b/docs/aterm_101.md index 68941031a..627fc3450 100644 --- a/docs/aterm_101.md +++ b/docs/aterm_101.md @@ -410,7 +410,7 @@ For example: **Note 2** Our version of mediaflux in docker does not have this command. The xtoshell command does exist on td-meta1 ``` - session_id = User.first.mediaflux_session + session_id = SystemUser.mediaflux_session project = Project.first project_name = project.project_directory project_namespace = "#{project_name}NS" diff --git a/docs/local_development.md b/docs/local_development.md index a7538d21c..bd5dbca00 100644 --- a/docs/local_development.md +++ b/docs/local_development.md @@ -127,7 +127,7 @@ You can also utilize the TestAssetGenerator in the rails console to add assets t rails c user = User.first project = Project.last - project.save_in_mediaflux(session_id: user.mediaflux_session) + project.save_in_mediaflux(session_id: SystemUser.mediaflux_session) gen = TestAssetGenerator.new(project_id: project.id,user:, levels: 2, directory_per_level: 2,file_count_per_directory: 20) gen.generate ``` @@ -137,7 +137,7 @@ You can also utilize `Mediaflux::TestAssetCreateRequest` to generate some assets ``` rails c parent_id = 1234 # collection id from mediaflux - gen = Mediaflux::TestAssetCreateRequest.new(session_token: User.first.mediaflux_session, parent_id:, count: 5, pattern: "test_asset_" ) + gen = Mediaflux::TestAssetCreateRequest.new(session_token: SystemUser.mediaflux_session, parent_id:, count: 5, pattern: "test_asset_" ) gen.resolve ``` diff --git a/docs/mediaflux_manual_installation.md b/docs/mediaflux_manual_installation.md index 428e7938b..cd37f2d60 100644 --- a/docs/mediaflux_manual_installation.md +++ b/docs/mediaflux_manual_installation.md @@ -33,7 +33,7 @@ Per notes from Robert Knight, Mediaflux production is running Java 1.8.0.412.b08 ### 4. get the installer ```unix $ sudo dnf install wget -$ wget https://www.arcitecta.com/software/mf/4.16.071/mflux-dev_4.16.071_jvm_1.8.jar +$ wget https://www.arcitecta.com/software/mf/4.16.082/mflux-dev_4.16.082_jvm_1.8.jar $ sudo java -jar mflux-dev_jvm_1.8.jar nogui -> accept -> /opt/mediaflux diff --git a/docs/mediaflux_script_access.md b/docs/mediaflux_script_access.md index 1015a4049..e5b11acd0 100644 --- a/docs/mediaflux_script_access.md +++ b/docs/mediaflux_script_access.md @@ -107,7 +107,7 @@ Because the user has has access to `server.log` we can even look at the log on t $ cat /usr/local/mediaflux/volatile/logs/filelist.1.log # output will include something along the lines of -# [281 76649: Network Connection: http [port=8888]],version=4.16.071,filelist,30-Sep-2024 +# [281 76649: Network Connection: http [port=8888]],version=4.16.082,filelist,30-Sep-2024 # 20:34:44.081:INFO:[user, id=157] system:scripter_user: File list for /path/to/collection ``` diff --git a/lib/tasks/projects.rake b/lib/tasks/projects.rake index b0c0e232f..d5cb83b71 100644 --- a/lib/tasks/projects.rake +++ b/lib/tasks/projects.rake @@ -30,6 +30,7 @@ namespace :projects do raise "User id must be specified" if uid.blank? user = User.find_by(uid:) raise "User #{uid} not found" if user.nil? + user.mediaflux_from_session({}) # make sure we have the system login project_prefix = args[:prefix] raise "Project prefix must be specified" if project_prefix.nil? number = rand(10_000) diff --git a/spec/channels/mediaflux_channel_spec.rb b/spec/channels/mediaflux_channel_spec.rb index 6dcd5f664..a1851743a 100644 --- a/spec/channels/mediaflux_channel_spec.rb +++ b/spec/channels/mediaflux_channel_spec.rb @@ -12,7 +12,7 @@ identifier ] end - let(:superuser) { FactoryBot.create(:superuser) } + let(:superuser) { FactoryBot.create(:superuser, mediaflux_session: SystemUser.mediaflux_session) } before do superuser diff --git a/spec/controllers/mediaflux_info_controller_spec.rb b/spec/controllers/mediaflux_info_controller_spec.rb index d922e4f4e..2f738d24f 100644 --- a/spec/controllers/mediaflux_info_controller_spec.rb +++ b/spec/controllers/mediaflux_info_controller_spec.rb @@ -2,9 +2,9 @@ require "rails_helper" RSpec.describe MediafluxInfoController, connect_to_mediaflux: true do - let(:user) { FactoryBot.create :user } + let(:user) { FactoryBot.create :user, mediaflux_session: SystemUser.mediaflux_session } let(:docker_response) { "{\"vendor\":\"Arcitecta Pty. Ltd.\",\"version\":\"4.16.071\"}" } - let(:ansible_response) { "{\"vendor\":\"Arcitecta Pty. Ltd.\",\"version\":\"4.16.047\"}" } + let(:ansible_response) { "{\"vendor\":\"Arcitecta Pty. Ltd.\",\"version\":\"4.16.082\"}" } before do sign_in user @@ -24,7 +24,7 @@ Rails.configuration.mediaflux["api_password"] = "badpass" - expect { get :index }.to raise_error(Mediaflux::SessionExpired) + expect { get :index }.to raise_error(Mediaflux::SessionError) Rails.configuration.mediaflux["api_password"] = original_pass end diff --git a/spec/controllers/omniauth_callbacks_controller_spec.rb b/spec/controllers/omniauth_callbacks_controller_spec.rb index c70ab3170..72080d160 100644 --- a/spec/controllers/omniauth_callbacks_controller_spec.rb +++ b/spec/controllers/omniauth_callbacks_controller_spec.rb @@ -9,7 +9,7 @@ it "redirects to home page with notice" do allow(User).to receive(:from_cas) { project_sponsor } get :cas - expect(response).to redirect_to(root_path) + expect(response).to redirect_to(mediaflux_passthru_path) end end diff --git a/spec/controllers/projects_controller_spec.rb b/spec/controllers/projects_controller_spec.rb index 6f8746312..4957cead2 100644 --- a/spec/controllers/projects_controller_spec.rb +++ b/spec/controllers/projects_controller_spec.rb @@ -101,6 +101,93 @@ end end + describe "#content" do + it "renders an error when requesting json" do + get :show, params: { id: project.id, format: :json } + expect(response.content_type).to eq("application/json; charset=utf-8") + expect(response.body).to eq("{\"error\":\"You need to sign in or sign up before continuing.\"}") + end + + context "a signed in user" do + let(:user) { FactoryBot.create :user } + before do + sign_in user + end + + it "does not contact mediaflux" do + allow(Mediaflux::QueryRequest).to receive(:new).and_call_original + + get :show, params: { id: project.id } + + expect(Mediaflux::QueryRequest).not_to have_received(:new) + expect(response.body).to eq("") + end + + context "the project is saved to mediaflux", connect_to_mediaflux: true do + let(:user) { FactoryBot.create :user, mediaflux_session: SystemUser.mediaflux_session } + let(:project) { FactoryBot.create :project_with_doi } + before do + project.save_in_mediaflux(user: user) + end + it "runs a query" do + allow(Mediaflux::QueryRequest).to receive(:new).and_call_original + + get :show, params: { id: project.id } + + expect(Mediaflux::QueryRequest).to have_received(:new) + end + context "the session expires for an active web user" do + let(:original_session) { SystemUser.mediaflux_session } + + before do + allow_any_instance_of(ActionController::TestSession).to receive(:[]).and_call_original + allow_any_instance_of(ActionController::TestSession).to receive(:[]).with(:mediaflux_session).and_return(original_session) + allow_any_instance_of(ActionController::TestSession).to receive(:[]).with(:active_web_user).and_return(true) + end + it "gets a new session if the session expires" do + Mediaflux::LogoutRequest.new(session_token: original_session).resolve + + get :show, params: { id: project.id } + + expect(response).to redirect_to "http://test.host/mediaflux_passthru?path=%2Fprojects%2F#{project.id}" + end + end + + context "the session expires for the system user" do + let(:original_session) { SystemUser.mediaflux_session } + + before do + allow_any_instance_of(ActionController::TestSession).to receive(:[]).and_call_original + allow_any_instance_of(ActionController::TestSession).to receive(:[]).with(:mediaflux_session).and_return(original_session) + allow_any_instance_of(ActionController::TestSession).to receive(:[]).with(:active_web_user).and_return(false) + end + it "gets a new session if the session expires" do + Mediaflux::LogoutRequest.new(session_token: original_session).resolve + + expect { get :show, params: { id: project.id } }.to raise_error(Mediaflux::SessionExpired) + end + end + + context "the system user password is bad" do + before do + @original_pass = Rails.configuration.mediaflux["api_password"] + end + + after do + Rails.configuration.mediaflux["api_password"] = @original_pass + end + + it "gets a new session if the session expires" do + Rails.configuration.mediaflux["api_password"] = "badpass" + expect do + get :show, params: { id: project.id } + end.to raise_error(Mediaflux::SessionError) + end + end + end + end + end + context "when the project show views are rendered for an existing project" do # Views are stubbed by default for rspec-rails # https://rspec.info/features/6-0/rspec-rails/controller-specs/isolation-from-views/ diff --git a/spec/controllers/welcome_controller_spec.rb b/spec/controllers/welcome_controller_spec.rb index 7ca8c7b49..d13bb97ba 100644 --- a/spec/controllers/welcome_controller_spec.rb +++ b/spec/controllers/welcome_controller_spec.rb @@ -9,7 +9,7 @@ end context "when a user is logged in", connect_to_mediaflux: true do - let(:user) { FactoryBot.create :user } + let(:user) { FactoryBot.create :user, mediaflux_session: SystemUser.mediaflux_session } before do sign_in user end @@ -84,7 +84,7 @@ end context "when a user is logged in", connect_to_mediaflux: true do - let(:user) { FactoryBot.create :user } + let(:user) { FactoryBot.create :user, mediaflux_session: SystemUser.mediaflux_session } before do sign_in user end diff --git a/spec/factories/user.rb b/spec/factories/user.rb index 1f2045d78..07ebb53e7 100644 --- a/spec/factories/user.rb +++ b/spec/factories/user.rb @@ -14,6 +14,9 @@ superuser { false } trainer { false } + trait :with_mediaflux_session do + mediaflux_session { SystemUser.mediaflux_session } + end ## # A user who is allowed to sponsor a project factory :project_sponsor do diff --git a/spec/jobs/activate_project_job_spec.rb b/spec/jobs/activate_project_job_spec.rb index c7ec87e30..b44c3b496 100644 --- a/spec/jobs/activate_project_job_spec.rb +++ b/spec/jobs/activate_project_job_spec.rb @@ -2,7 +2,7 @@ require "rails_helper" RSpec.describe ActivateProjectJob, connect_to_mediaflux: true, type: :job do - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:project_in_mediaflux) { FactoryBot.create(:project_with_doi, status: Project::APPROVED_STATUS) } before do diff --git a/spec/jobs/file_inventory_cleanup_job_spec.rb b/spec/jobs/file_inventory_cleanup_job_spec.rb index 0cc1d63e8..746404f97 100644 --- a/spec/jobs/file_inventory_cleanup_job_spec.rb +++ b/spec/jobs/file_inventory_cleanup_job_spec.rb @@ -2,7 +2,7 @@ require "rails_helper" RSpec.describe FileInventoryCleanupJob, connect_to_mediaflux: true, type: :job do - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:project_in_mediaflux) { FactoryBot.create(:project_with_doi) } let(:eight_days_ago) { Time.current.in_time_zone("America/New_York") - 8.days } diff --git a/spec/jobs/file_inventory_job_spec.rb b/spec/jobs/file_inventory_job_spec.rb index 14dfb3bc0..e3fcc1885 100644 --- a/spec/jobs/file_inventory_job_spec.rb +++ b/spec/jobs/file_inventory_job_spec.rb @@ -4,7 +4,7 @@ RSpec.describe FileInventoryJob, connect_to_mediaflux: true do include ActiveJob::TestHelper - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:project_in_mediaflux) { FactoryBot.create(:project_with_doi) } before do diff --git a/spec/models/mediaflux/accumulator_create_collection_request_spec.rb b/spec/models/mediaflux/accumulator_create_collection_request_spec.rb index b608bbaa6..373c97840 100644 --- a/spec/models/mediaflux/accumulator_create_collection_request_spec.rb +++ b/spec/models/mediaflux/accumulator_create_collection_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::AccumulatorCreateCollectionRequest, connect_to_mediaflux: true, type: :model do let(:mediaflux_url) { Mediaflux::Request.uri.to_s } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:approved_project) { FactoryBot.create(:approved_project) } let(:mediaflux_response) { "\n" } diff --git a/spec/models/mediaflux/asset_create_request_spec.rb b/spec/models/mediaflux/asset_create_request_spec.rb index 66e539be8..76801155b 100644 --- a/spec/models/mediaflux/asset_create_request_spec.rb +++ b/spec/models/mediaflux/asset_create_request_spec.rb @@ -6,7 +6,7 @@ let(:session_token) { Mediaflux::LogonRequest.new.session_token } let(:root_ns) { Rails.configuration.mediaflux["api_root_collection_namespace"] } # /td-test-001 let(:parent_collection) { Rails.configuration.mediaflux["api_root_collection_name"] } # tigerdata - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:approved_project) { FactoryBot.create(:approved_project) } let(:approved_project2) { FactoryBot.create(:approved_project) } @@ -18,12 +18,11 @@ describe "#id" do it "creates a collection on the server" do Mediaflux::RootCollectionAsset.new(session_token: session_token, root_ns: root_ns, parent_collection: parent_collection).create - session_id = User.new.mediaflux_session - create_request = described_class.new(session_token: session_id, name: "testasset", namespace: Rails.configuration.mediaflux[:api_root_ns]) + create_request = described_class.new(session_token: session_token, name: "testasset", namespace: Rails.configuration.mediaflux[:api_root_ns]) expect(create_request.response_error).to be_blank expect(create_request.id).not_to be_blank - req = Mediaflux::AssetMetadataRequest.new(session_token: session_id, id: create_request.id) + req = Mediaflux::AssetMetadataRequest.new(session_token: session_token, id: create_request.id) metadata = req.metadata expect(metadata[:name]).to eq("testasset") end diff --git a/spec/models/mediaflux/asset_destroy_request_spec.rb b/spec/models/mediaflux/asset_destroy_request_spec.rb index c4fe838c5..b912eb53b 100644 --- a/spec/models/mediaflux/asset_destroy_request_spec.rb +++ b/spec/models/mediaflux/asset_destroy_request_spec.rb @@ -2,7 +2,7 @@ require "rails_helper" RSpec.describe Mediaflux::AssetDestroyRequest, connect_to_mediaflux: true, type: :model do - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:approved_project) { FactoryBot.create(:approved_project) } let(:mediaflux_response) { "\n" } diff --git a/spec/models/mediaflux/asset_exist_request_headers_spec.rb b/spec/models/mediaflux/asset_exist_request_headers_spec.rb index 0d3dd8f0b..3d72ca50e 100644 --- a/spec/models/mediaflux/asset_exist_request_headers_spec.rb +++ b/spec/models/mediaflux/asset_exist_request_headers_spec.rb @@ -2,7 +2,7 @@ require "rails_helper" RSpec.describe Mediaflux::AssetExistRequest, type: :model, connect_to_mediaflux: true do - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:namespace_root) { Rails.configuration.mediaflux["api_root_collection_namespace"] } context "when we give a user to the class" do diff --git a/spec/models/mediaflux/asset_metadata_request_spec.rb b/spec/models/mediaflux/asset_metadata_request_spec.rb index fada1f606..e0c4f2de7 100644 --- a/spec/models/mediaflux/asset_metadata_request_spec.rb +++ b/spec/models/mediaflux/asset_metadata_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::AssetMetadataRequest, connect_to_mediaflux: true, type: :model do let(:mediaflux_url) { "http://0.0.0.0:8888/__mflux_svc__" } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:approved_project) { FactoryBot.create(:approved_project) } let(:mediaflux_response) { "\n" } @@ -51,7 +51,7 @@ end context "actual mediaflux connection" do - let(:current_user) { FactoryBot.create(:user, uid: "hc1234") } + let(:current_user) { FactoryBot.create(:user, uid: "hc1234", mediaflux_session: SystemUser.mediaflux_session) } let(:valid_project) { FactoryBot.create(:project_with_dynamic_directory, project_id: "10.34770/tbd") } let(:session_token) { current_user.mediaflux_session } diff --git a/spec/models/mediaflux/collection_list_request_spec.rb b/spec/models/mediaflux/collection_list_request_spec.rb index bb7b998de..8495053ae 100644 --- a/spec/models/mediaflux/collection_list_request_spec.rb +++ b/spec/models/mediaflux/collection_list_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::CollectionListRequest, connect_to_mediaflux: true, type: :model do subject(:request) { described_class.new(session_token: user.mediaflux_session) } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } describe "#resolve" do it "retrieves the listing of collections within the default namespace" do diff --git a/spec/models/mediaflux/iterator_destroy_request.rb b/spec/models/mediaflux/iterator_destroy_request.rb index a53bcc952..42e0ecb8c 100644 --- a/spec/models/mediaflux/iterator_destroy_request.rb +++ b/spec/models/mediaflux/iterator_destroy_request.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::IteratorDestroyRequest, connect_to_mediaflux: true, type: :model do let(:mediaflux_url) { "http://0.0.0.0:8888/__mflux_svc__" } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:approved_project) { FactoryBot.create(:approved_project) } describe "#result" do diff --git a/spec/models/mediaflux/iterator_request_spec.rb b/spec/models/mediaflux/iterator_request_spec.rb index 4be76a433..b5d4de192 100644 --- a/spec/models/mediaflux/iterator_request_spec.rb +++ b/spec/models/mediaflux/iterator_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::IteratorRequest, connect_to_mediaflux: true, type: :model do let(:mediaflux_url) { Mediaflux::Request.uri.to_s } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:approved_project) { FactoryBot.create(:approved_project) } describe "#result" do diff --git a/spec/models/mediaflux/logoff_request_spec.rb b/spec/models/mediaflux/logoff_request_spec.rb index fe35dcca6..9f45fe0cb 100644 --- a/spec/models/mediaflux/logoff_request_spec.rb +++ b/spec/models/mediaflux/logoff_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::LogoutRequest, connect_to_mediaflux: true, type: :model do subject(:request) { described_class.new(session_token: session_token) } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:session_token) { user.mediaflux_session } let(:mediaflux_url) { Mediaflux::Request.uri.to_s } diff --git a/spec/models/mediaflux/logon_request_spec.rb b/spec/models/mediaflux/logon_request_spec.rb index 3901b1399..de6964b94 100644 --- a/spec/models/mediaflux/logon_request_spec.rb +++ b/spec/models/mediaflux/logon_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::LogonRequest, connect_to_mediaflux: true, type: :model do subject(:request) { described_class.new } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:session_token) { user.mediaflux_session } let(:mediaflux_url) { Mediaflux::Request.uri.to_s } diff --git a/spec/models/mediaflux/namespace_create_request_spec.rb b/spec/models/mediaflux/namespace_create_request_spec.rb index e61a2d4e4..3847d0d97 100644 --- a/spec/models/mediaflux/namespace_create_request_spec.rb +++ b/spec/models/mediaflux/namespace_create_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::NamespaceCreateRequest, connect_to_mediaflux: true, type: :model do # let(:mediaflux_url) { "http://0.0.0.0:8888/__mflux_svc__" } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:mediaflux_response) { "\n" } describe "#resolve" do diff --git a/spec/models/mediaflux/namespace_describe_request_spec.rb b/spec/models/mediaflux/namespace_describe_request_spec.rb index 73d19f3c9..d44037c26 100644 --- a/spec/models/mediaflux/namespace_describe_request_spec.rb +++ b/spec/models/mediaflux/namespace_describe_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::NamespaceDescribeRequest, connect_to_mediaflux: true, type: :model do let(:mediaflux_url) { "http://0.0.0.0:8888/__mflux_svc__" } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:mediaflux_response) { "\n" } describe "#metadata" do diff --git a/spec/models/mediaflux/namespace_destroy_request_spec.rb b/spec/models/mediaflux/namespace_destroy_request_spec.rb index b5f39865d..1ee1fd695 100644 --- a/spec/models/mediaflux/namespace_destroy_request_spec.rb +++ b/spec/models/mediaflux/namespace_destroy_request_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Mediaflux::NamespaceDestroyRequest, type: :model, connect_to_mediaflux: true do let(:valid_project) { FactoryBot.create(:project_with_dynamic_directory, project_id: "10.34770/tbd") } let(:namespace) { "#{valid_project.project_directory_short}NS".strip.gsub(/[^A-Za-z\d]/, "-") } - let(:sponsor_user) { FactoryBot.create(:project_sponsor) } + let(:sponsor_user) { FactoryBot.create(:project_sponsor, mediaflux_session: SystemUser.mediaflux_session) } let(:session_id) { sponsor_user.mediaflux_session } context "when a namespace exists" do it "deletes a namespace and everything inside of it" do diff --git a/spec/models/mediaflux/namespace_list_request_spec.rb b/spec/models/mediaflux/namespace_list_request_spec.rb index c781a84ef..203abb003 100644 --- a/spec/models/mediaflux/namespace_list_request_spec.rb +++ b/spec/models/mediaflux/namespace_list_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::NamespaceListRequest, connect_to_mediaflux: true, type: :model do let(:mediaflux_url) { "http://0.0.0.0:8888/__mflux_svc__" } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:mediaflux_response) { "\n" } describe "#metadata" do diff --git a/spec/models/mediaflux/project_approve_request_spec.rb b/spec/models/mediaflux/project_approve_request_spec.rb index da7f3efd4..e61347717 100644 --- a/spec/models/mediaflux/project_approve_request_spec.rb +++ b/spec/models/mediaflux/project_approve_request_spec.rb @@ -2,7 +2,7 @@ require "rails_helper" RSpec.describe Mediaflux::ProjectApproveRequest, type: :model, connect_to_mediaflux: true do - let(:approver) { FactoryBot.create :sysadmin } + let(:approver) { FactoryBot.create :sysadmin, mediaflux_session: SystemUser.mediaflux_session } let(:session_id) { approver.mediaflux_session } let(:approved_project) do project = FactoryBot.create :approved_project diff --git a/spec/models/mediaflux/project_create_request_spec.rb b/spec/models/mediaflux/project_create_request_spec.rb index 60a0dcbe7..f9d84b1cf 100644 --- a/spec/models/mediaflux/project_create_request_spec.rb +++ b/spec/models/mediaflux/project_create_request_spec.rb @@ -10,8 +10,8 @@ describe "#id" do it "sends the metadata to the server" do - data_user_ro = FactoryBot.create :user - data_user_rw = FactoryBot.create :user + data_user_ro = FactoryBot.create :user, mediaflux_session: SystemUser.mediaflux_session + data_user_rw = FactoryBot.create :user, mediaflux_session: SystemUser.mediaflux_session session_id = data_user_ro.mediaflux_session created_on = Time.current.in_time_zone("America/New_York").iso8601 diff --git a/spec/models/mediaflux/project_update_request_spec.rb b/spec/models/mediaflux/project_update_request_spec.rb index e663cbf1a..2213761cf 100644 --- a/spec/models/mediaflux/project_update_request_spec.rb +++ b/spec/models/mediaflux/project_update_request_spec.rb @@ -3,7 +3,8 @@ RSpec.describe Mediaflux::ProjectUpdateRequest, connect_to_mediaflux: true, type: :model do let(:mediaflux_url) { "http://0.0.0.0:8888/__mflux_svc__" } - let(:user) { FactoryBot.create(:user) } + let(:session_token) { SystemUser.mediaflux_session } + let(:user) { FactoryBot.create(:user, mediaflux_session: session_token) } let(:approved_project) { FactoryBot.create(:approved_project) } let(:mediaflux_response) { "\n" } @@ -14,7 +15,7 @@ end it "passes the metadata values in the request" do - update_request = described_class.new(session_token: user.mediaflux_session, project: approved_project) + update_request = described_class.new(session_token: session_token, project: approved_project) update_request.resolve expect(update_request.error?).to be false expect(update_request.response_body).to include(mediaflux_response) @@ -24,7 +25,7 @@ it "sends the metadata to the server", connect_to_mediaflux: true do data_user_ro = FactoryBot.create :user data_user_rw = FactoryBot.create :user - session_id = data_user_ro.mediaflux_session + session_id = session_token updated_on = Time.current.in_time_zone("America/New_York").iso8601.to_s created_on = Time.current.in_time_zone("America/New_York").advance(days: -1).iso8601.to_s project = FactoryBot.create :project, data_user_read_only: [data_user_ro.uid], data_user_read_write: [data_user_rw.uid], created_on: created_on, diff --git a/spec/models/mediaflux/query_request_spec.rb b/spec/models/mediaflux/query_request_spec.rb index c0258ffe3..fc6248017 100644 --- a/spec/models/mediaflux/query_request_spec.rb +++ b/spec/models/mediaflux/query_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::QueryRequest, connect_to_mediaflux: true, type: :model do let(:mediaflux_url) { Mediaflux::Request.uri.to_s } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:approved_project) { FactoryBot.create(:approved_project) } describe "#result" do diff --git a/spec/models/mediaflux/range_query_request_spec.rb b/spec/models/mediaflux/range_query_request_spec.rb index 0f9a045c4..b5d3b80a5 100644 --- a/spec/models/mediaflux/range_query_request_spec.rb +++ b/spec/models/mediaflux/range_query_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::RangeQueryRequest, connect_to_mediaflux: true, type: :model do let(:mediaflux_url) { "http://0.0.0.0:8888/__mflux_svc__" } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:approved_project) { FactoryBot.create(:approved_project) } let(:mediaflux_response) { "\n" } diff --git a/spec/models/mediaflux/schema_create_request_spec.rb b/spec/models/mediaflux/schema_create_request_spec.rb index dda567a33..496868b58 100644 --- a/spec/models/mediaflux/schema_create_request_spec.rb +++ b/spec/models/mediaflux/schema_create_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::SchemaCreateRequest, connect_to_mediaflux: true, type: :model do let(:mediaflux_url) { "http://0.0.0.0:8888/__mflux_svc__" } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:approved_project) { FactoryBot.create(:approved_project) } let(:mediaflux_response) { "\n" } diff --git a/spec/models/mediaflux/schema_fields_create_request_spec.rb b/spec/models/mediaflux/schema_fields_create_request_spec.rb index 417e46d25..840728ed6 100644 --- a/spec/models/mediaflux/schema_fields_create_request_spec.rb +++ b/spec/models/mediaflux/schema_fields_create_request_spec.rb @@ -2,7 +2,7 @@ require "rails_helper" RSpec.describe Mediaflux::SchemaFieldsCreateRequest, type: :model, connect_to_mediaflux: true do - let(:user) { FactoryBot.create :user } + let(:user) { FactoryBot.create :user, mediaflux_session: SystemUser.mediaflux_session } let(:required_indexed_field) { { name: "code", type: "string", index: true, "min-occurs" => 1, "max-occurs" => 1, label: "desc" } } let(:required_not_indexed_field) { { name: "title", type: "string", index: false, "min-occurs" => 1, "max-occurs" => 1, label: "desc" } } let(:optional_field) do diff --git a/spec/models/mediaflux/service_execute_request_spec.rb b/spec/models/mediaflux/service_execute_request_spec.rb index 468365d45..0efdd64f9 100644 --- a/spec/models/mediaflux/service_execute_request_spec.rb +++ b/spec/models/mediaflux/service_execute_request_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Mediaflux::ServiceExecuteRequest, connect_to_mediaflux: true, type: :model do subject(:request) { described_class.new(session_token: user.mediaflux_session, service_name: "asset.namespace.list") } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:approved_project) { FactoryBot.create(:approved_project) } let(:session_token) { "test-session-token" } let(:identity_token) { "test-identity-token" } diff --git a/spec/models/mediaflux/store_list_request_spec.rb b/spec/models/mediaflux/store_list_request_spec.rb index f0cf9c148..91546dc4f 100644 --- a/spec/models/mediaflux/store_list_request_spec.rb +++ b/spec/models/mediaflux/store_list_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::StoreListRequest, connect_to_mediaflux: true, type: :model do let(:mediaflux_url) { Mediaflux::Request.uri.to_s } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:approved_project) { FactoryBot.create(:approved_project) } let(:mediaflux_response) { "\n" } # Docker and Ansible responses are the same, but may be different in the future diff --git a/spec/models/mediaflux/test_asset_create_request_spec.rb b/spec/models/mediaflux/test_asset_create_request_spec.rb index 1278fb89c..37fb69ec8 100644 --- a/spec/models/mediaflux/test_asset_create_request_spec.rb +++ b/spec/models/mediaflux/test_asset_create_request_spec.rb @@ -2,7 +2,7 @@ require "rails_helper" RSpec.describe Mediaflux::TestAssetCreateRequest, connect_to_mediaflux: true, type: :model do - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:approved_project) { FactoryBot.create(:approved_project) } let(:mediaflux_response) { "\n" } # let(:mediaflux_url) { "http://0.0.0.0:8888/__mflux_svc__" } diff --git a/spec/models/mediaflux/time_spec.rb b/spec/models/mediaflux/time_spec.rb index 30789a930..368f8e315 100644 --- a/spec/models/mediaflux/time_spec.rb +++ b/spec/models/mediaflux/time_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Mediaflux::Time do let(:project) { FactoryBot.build :project_with_doi } - let(:current_user) { FactoryBot.create(:user, uid: "jh1234") } + let(:current_user) { FactoryBot.create(:user, uid: "jh1234", mediaflux_session: SystemUser.mediaflux_session) } let(:docker_response) { "Etc/UTC" } let(:ansible_response) { "America/Chicago" } subject(:instance) { described_class.new } diff --git a/spec/models/mediaflux/token_create_request_spec.rb b/spec/models/mediaflux/token_create_request_spec.rb index 8b52fb02f..1357421c0 100644 --- a/spec/models/mediaflux/token_create_request_spec.rb +++ b/spec/models/mediaflux/token_create_request_spec.rb @@ -3,7 +3,7 @@ RSpec.describe Mediaflux::TokenCreateRequest, connect_to_mediaflux: true, type: :model do subject(:request) { described_class.new(session_token: session_token, domain: Mediaflux::LogonRequest.mediaflux_domain, user: Mediaflux::LogonRequest.mediaflux_user) } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:session_token) { user.mediaflux_session } let(:mediaflux_url) { Mediaflux::Request.uri.to_s } diff --git a/spec/models/mediaflux/version_request_spec.rb b/spec/models/mediaflux/version_request_spec.rb index 70666c522..437c97b72 100644 --- a/spec/models/mediaflux/version_request_spec.rb +++ b/spec/models/mediaflux/version_request_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Mediaflux::VersionRequest, connect_to_mediaflux: true, type: :model do subject(:request) { described_class.new(session_token: session_token) } let(:session_token) { user.mediaflux_session } - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:expected_mflux_version) { "4.16" } describe "#resolve" do diff --git a/spec/models/project_accumulator_spec.rb b/spec/models/project_accumulator_spec.rb index 81ca928e0..54c53b16a 100644 --- a/spec/models/project_accumulator_spec.rb +++ b/spec/models/project_accumulator_spec.rb @@ -2,7 +2,7 @@ require "rails_helper" RSpec.describe ProjectAccumulator, connect_to_mediaflux: true do - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:session_id) { user.mediaflux_session } let(:project_in_mediaflux) { FactoryBot.create(:project_with_doi, status: Project::APPROVED_STATUS) } diff --git a/spec/models/project_mediaflux_spec.rb b/spec/models/project_mediaflux_spec.rb index 55460416a..ca33c16b7 100644 --- a/spec/models/project_mediaflux_spec.rb +++ b/spec/models/project_mediaflux_spec.rb @@ -4,7 +4,7 @@ RSpec.describe ProjectMediaflux, type: :model do let(:collection_metadata) { { id: "abc", name: "test", path: "/td-demo-001/rc/test-ns/test", description: "description", namespace: "/td-demo-001/rc/test-ns" } } let(:project) { FactoryBot.build :project_with_doi } - let(:current_user) { FactoryBot.create(:user, uid: "jh1234") } + let(:current_user) { FactoryBot.create(:user, uid: "jh1234", mediaflux_session: SystemUser.mediaflux_session) } describe "#create!", connect_to_mediaflux: true do context "Using test data" do diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb index a052be789..c44de9fda 100644 --- a/spec/models/project_spec.rb +++ b/spec/models/project_spec.rb @@ -2,7 +2,7 @@ require "rails_helper" RSpec.describe Project, type: :model, connect_to_mediaflux: true do - let(:user) { FactoryBot.create(:user, uid: "abc123") } + let(:user) { FactoryBot.create(:user, uid: "abc123", mediaflux_session: SystemUser.mediaflux_session) } describe "#sponsored_projects" do let(:sponsor) { FactoryBot.create(:user, uid: "hc1234") } @@ -166,7 +166,7 @@ end describe "#file_list" do - let(:manager) { FactoryBot.create(:user, uid: "hc1234") } + let(:manager) { FactoryBot.create(:user, uid: "hc1234", mediaflux_session: SystemUser.mediaflux_session) } let(:project) do project = FactoryBot.create(:approved_project, title: "project 111", data_manager: manager.uid) project.mediaflux_id = nil @@ -209,7 +209,7 @@ end describe "#save_in_mediaflux" do - let(:user) { FactoryBot.create(:user) } + let(:user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:project) { FactoryBot.create(:project_with_doi) } it "calls ProjectMediaflux to create the project and save the id" do expect(project.mediaflux_id).to be nil @@ -282,7 +282,7 @@ describe "#create!" do let(:datacite_stub) { instance_double(PULDatacite, draft_doi: "aaabbb123") } - let(:current_user) { FactoryBot.create(:user) } + let(:current_user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:project) { FactoryBot.create(:project) } before do @@ -331,7 +331,7 @@ describe "#approve!" do let(:datacite_stub) { instance_double(PULDatacite, draft_doi: "aaabbb123") } - let(:current_user) { FactoryBot.create(:user) } + let(:current_user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:project) { FactoryBot.create(:project) } before do @@ -370,7 +370,7 @@ describe "#activate!" do let(:project) { FactoryBot.create(:project_with_dynamic_directory, project_id: "10.34770/tbd")} - let(:current_user) { FactoryBot.create(:user) } + let(:current_user) { FactoryBot.create(:user, mediaflux_session: SystemUser.mediaflux_session) } let(:project_metadata) {project.metadata_model} after do Mediaflux::AssetDestroyRequest.new(session_token: current_user.mediaflux_session, collection: project.mediaflux_id, members: true).resolve diff --git a/spec/models/system_user_spec.rb b/spec/models/system_user_spec.rb new file mode 100644 index 000000000..74e7eda46 --- /dev/null +++ b/spec/models/system_user_spec.rb @@ -0,0 +1,22 @@ +# frozen_string_literal: true +require "rails_helper" + +RSpec.describe SystemUser, type: :model do + let(:mediaflux_logon) { instance_double Mediaflux::LogonRequest, error?: false, session_token: "111222333" } + let(:memory_store) { ActiveSupport::Cache.lookup_store(:memory_store) } + + before do + allow(Mediaflux::LogonRequest).to receive(:new).and_return(mediaflux_logon) + allow(Rails).to receive(:cache).and_return(memory_store) + Rails.cache.clear + end + + describe "#mediaflux_session" do + it "calls out to Mediaflux to login" do + expect(SystemUser.mediaflux_session).to eq("111222333") + # calling a second time to text the cache + expect(SystemUser.mediaflux_session).to eq("111222333") + expect(mediaflux_logon).to have_received(:session_token).once + end + end +end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index d84be2448..c903cb7b3 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -214,4 +214,20 @@ expect(user).to be_eligible_sysadmin end end + + describe "#mediaflux_from_session" do + let(:user) { described_class.new } + before do + allow(SystemUser).to receive(:mediaflux_session).and_return("111system") + end + it "loads the mediaflux session from the system user" do + expect(user.mediaflux_from_session({})).to eq("111system") + expect(user.mediaflux_session).to eq("111system") + end + + it "loads the mediaflux session from the session when present" do + expect(user.mediaflux_from_session({ mediaflux_session: "222session" })).to eq("222session") + expect(user.mediaflux_session).to eq("222session") + end + end end diff --git a/spec/requests/mediaflux_info_spec.rb b/spec/requests/mediaflux_info_spec.rb index 619f2e2e7..12cfd0b7a 100644 --- a/spec/requests/mediaflux_info_spec.rb +++ b/spec/requests/mediaflux_info_spec.rb @@ -21,10 +21,10 @@ end context "logged in user" do - let(:user) { FactoryBot.create(:user, uid: "pul123") } + let(:user) { FactoryBot.create(:user, uid: "pul123", mediaflux_session: SystemUser.mediaflux_session) } let(:mediaflux_url) { Mediaflux::Request.uri.to_s } - let(:docker_response) { "4.16.071" } - let(:ansible_response) { "4.16.047" } + let(:docker_response) { "4.16.082" } + let(:ansible_response) { "4.16.071" } before do sign_in user diff --git a/spec/requests/projects_spec.rb b/spec/requests/projects_spec.rb index d6672a58e..bf30c369c 100644 --- a/spec/requests/projects_spec.rb +++ b/spec/requests/projects_spec.rb @@ -32,7 +32,7 @@ end context "when the client is authenticated" do - let(:user) { FactoryBot.create(:user, uid: "pul123") } + let(:user) { FactoryBot.create(:user, uid: "pul123", mediaflux_session: SystemUser.mediaflux_session) } let(:title) { "a title" } let(:project_directory) { "/test-project" } diff --git a/spec/services/test_project_generator_spec.rb b/spec/services/test_project_generator_spec.rb index 8ec8eed3e..9d2df91f8 100644 --- a/spec/services/test_project_generator_spec.rb +++ b/spec/services/test_project_generator_spec.rb @@ -3,7 +3,7 @@ RSpec.describe TestProjectGenerator, connect_to_mediaflux: true do let(:subject) { described_class.new(user:, number: 1, project_prefix: 'test-project') } - let(:user) { FactoryBot.create :user } + let(:user) { FactoryBot.create :user, mediaflux_session: SystemUser.mediaflux_session} describe "#generate" do it "creates a project in mediaflux" do diff --git a/spec/support/connect_to_mediaflux.rb b/spec/support/connect_to_mediaflux.rb index 6a4a68879..7c8dcb87a 100644 --- a/spec/support/connect_to_mediaflux.rb +++ b/spec/support/connect_to_mediaflux.rb @@ -4,12 +4,15 @@ def reset_mediaflux_root # Clean out the namespace before running tests to avoid collisions - user = User.new + user = SystemUser destroy_root_namespace(user) # then create it and the project root collection and namespace so it exists for any tests create_test_root_namespace(user) ProjectMediaflux.create_root_tree(session_id: user.mediaflux_session) + + # Clear the login cache + Rails.cache.clear end def destroy_root_namespace(user) diff --git a/spec/system/mediaflux_info_spec.rb b/spec/system/mediaflux_info_spec.rb index 4672ce0b2..231d432a0 100644 --- a/spec/system/mediaflux_info_spec.rb +++ b/spec/system/mediaflux_info_spec.rb @@ -3,7 +3,7 @@ require "rails_helper" describe "mediaflux_info", type: :system, js: true, connect_to_mediaflux: true do - let(:current_user) { FactoryBot.create(:user, uid: "pul123") } + let(:current_user) { FactoryBot.create(:user, uid: "pul123", mediaflux_session: SystemUser.mediaflux_session) } let(:mflux_port) { Rails.configuration.mediaflux["api_port"] } it "shows the mediaflux version" do diff --git a/spec/system/mediaflux_session_spec.rb b/spec/system/mediaflux_session_spec.rb index 78c3daef7..95402cc15 100644 --- a/spec/system/mediaflux_session_spec.rb +++ b/spec/system/mediaflux_session_spec.rb @@ -8,20 +8,25 @@ let(:sponsor_user) { FactoryBot.create(:project_sponsor, uid: "pul123") } let(:project) { FactoryBot.create(:project, mediaflux_id: "abc123") } - before do - sign_in sponsor_user - end + context "user is signed in" do + let(:original_session) { SystemUser.mediaflux_session } + let(:new_session) { SystemUser.mediaflux_session } + let(:mediaflux_logon) { instance_double Mediaflux::LogonRequest, error?: false, session_token: new_session } - it "reconnects to mediaflux after the session ends", connect_to_mediaflux: true do - original_session = sponsor_user.mediaflux_session + before do + sign_in sponsor_user + allow_any_instance_of(ActionDispatch::Request::Session).to receive(:[]).and_call_original + allow_any_instance_of(ActionDispatch::Request::Session).to receive(:[]).with(:mediaflux_session).and_return(original_session) + allow_any_instance_of(ActionDispatch::Request::Session).to receive(:[]).with(:active_web_user).and_return(true) + end - # logout the session so we get an error and need to reset the session - Mediaflux::LogoutRequest.new(session_token: original_session).resolve + it "connects to mediaflux once", connect_to_mediaflux: true do + visit root_path - expect { visit project_path(project) }.not_to raise_error - expect(page).to have_content("Total Files: 0") + expect { visit project_path(project) }.not_to raise_error + expect(page).to have_content("Total Files: 0") - # a new session got automatically connected for the user in the application controller - expect(sponsor_user.mediaflux_session).not_to eq(original_session) + expect(sponsor_user.mediaflux_session).to eq(original_session) + end end end diff --git a/spec/system/project_details_spec.rb b/spec/system/project_details_spec.rb index 0184158df..905546085 100644 --- a/spec/system/project_details_spec.rb +++ b/spec/system/project_details_spec.rb @@ -3,9 +3,9 @@ require "rails_helper" RSpec.describe "Project Details Page", type: :system, connect_to_mediaflux: true, js: true do - let(:sponsor_user) { FactoryBot.create(:project_sponsor, uid: "pul123") } - let(:sysadmin_user) { FactoryBot.create(:sysadmin, uid: "puladmin") } - let(:data_manager) { FactoryBot.create(:user, uid: "pul987") } + let(:sponsor_user) { FactoryBot.create(:project_sponsor, uid: "pul123", mediaflux_session: SystemUser.mediaflux_session) } + let(:sysadmin_user) { FactoryBot.create(:sysadmin, uid: "puladmin", mediaflux_session: SystemUser.mediaflux_session) } + let(:data_manager) { FactoryBot.create(:user, uid: "pul987", mediaflux_session: SystemUser.mediaflux_session) } let(:read_only) { FactoryBot.create :user } let(:read_write) { FactoryBot.create :user } let(:pending_text) do diff --git a/spec/system/project_roles_spec.rb b/spec/system/project_roles_spec.rb index a748eda9d..d0d2c17be 100644 --- a/spec/system/project_roles_spec.rb +++ b/spec/system/project_roles_spec.rb @@ -3,10 +3,10 @@ require "rails_helper" RSpec.describe "Project Edit Page Roles Validation", type: :system, connect_to_mediaflux: true, js: true do - let(:sponsor_user) { FactoryBot.create(:project_sponsor, uid: "pul123") } - let(:data_manager) { FactoryBot.create(:data_manager, uid: "pul987") } - let(:system_admin) { FactoryBot.create(:sysadmin, uid: "pul777") } - let(:superuser) { FactoryBot.create(:superuser, uid: "pul999") } + let(:sponsor_user) { FactoryBot.create(:project_sponsor, uid: "pul123", mediaflux_session: SystemUser.mediaflux_session) } + let(:data_manager) { FactoryBot.create(:data_manager, uid: "pul987", mediaflux_session: SystemUser.mediaflux_session) } + let(:system_admin) { FactoryBot.create(:sysadmin, uid: "pul777", mediaflux_session: SystemUser.mediaflux_session) } + let(:superuser) { FactoryBot.create(:superuser, uid: "pul999", mediaflux_session: SystemUser.mediaflux_session) } let(:read_only) { FactoryBot.create :user } let(:read_write) { FactoryBot.create :user } before do @@ -81,7 +81,7 @@ end context "Data Sponsors and superusers are the only ones who can request a new project" do - let(:superuser) { FactoryBot.create(:superuser) } + let(:superuser) { FactoryBot.create(:superuser, mediaflux_session: SystemUser.mediaflux_session) } it "allows Data Sponsors to request a new project" do sign_in sponsor_user visit "/" diff --git a/spec/system/project_spec.rb b/spec/system/project_spec.rb index b8e9fa6ce..a0faf80e4 100644 --- a/spec/system/project_spec.rb +++ b/spec/system/project_spec.rb @@ -3,9 +3,9 @@ require "rails_helper" RSpec.describe "Project Page", connect_to_mediaflux: true, type: :system do - let(:sponsor_user) { FactoryBot.create(:project_sponsor, uid: "pul123") } - let(:sysadmin_user) { FactoryBot.create(:sysadmin, uid: "puladmin") } - let!(:data_manager) { FactoryBot.create(:data_manager, uid: "pul987") } + let(:sponsor_user) { FactoryBot.create(:project_sponsor, uid: "pul123", mediaflux_session: SystemUser.mediaflux_session) } + let(:sysadmin_user) { FactoryBot.create(:sysadmin, uid: "puladmin", mediaflux_session: SystemUser.mediaflux_session) } + let!(:data_manager) { FactoryBot.create(:data_manager, uid: "pul987", mediaflux_session: SystemUser.mediaflux_session) } let(:read_only) { FactoryBot.create :user } let(:read_write) { FactoryBot.create :user } let(:pending_text) do diff --git a/spec/system/welcome_spec.rb b/spec/system/welcome_spec.rb index 525c7890e..3f12042f0 100644 --- a/spec/system/welcome_spec.rb +++ b/spec/system/welcome_spec.rb @@ -19,12 +19,12 @@ end context "authenticated user" do - let(:current_user) { FactoryBot.create(:user, uid: "pul123") } + let(:current_user) { FactoryBot.create(:user, uid: "pul123", mediaflux_session: SystemUser.mediaflux_session) } let(:other_user) { FactoryBot.create(:user, uid: "zz123") } let(:no_projects_user) { FactoryBot.create(:user, uid: "qw999") } let(:no_projects_sponsor) { FactoryBot.create(:project_sponsor, uid: "gg717") } - let(:docker_response) { "Mediaflux: 4.16.071" } - let(:ansible_response) { "Mediaflux: 4.16.047" } + let(:docker_response) { "Mediaflux: 4.16.082" } + let(:ansible_response) { "Mediaflux: 4.16.071" } before do FactoryBot.create(:project, data_sponsor: current_user.uid, data_manager: other_user.uid, title: "project 111")