def test_is_current_user_admin_delegates_to_gae_users_service(self):
        actions.login(self.email, is_admin=True)
        users_result = users.is_current_user_admin()
        gae_users_result = users.is_current_user_admin()

        self.assertTrue(users_result)
        self.assertTrue(gae_users_result)
Beispiel #2
0
    def test_is_current_user_admin_delegates_to_gae_users_service(self):
        actions.login(self.email, is_admin=True)
        users_result = users.is_current_user_admin()
        gae_users_result = users.is_current_user_admin()

        self.assertTrue(users_result)
        self.assertTrue(gae_users_result)
Beispiel #3
0
def ui_access_wrapper(self, *args, **kwargs):
    content_is_static = (
        self.request.path.startswith('/mapreduce/ui/') and
        (self.request.path.endswith('.css') or
         self.request.path.endswith('.js')))
    xsrf_token = self.request.get('xsrf_token')
    user_is_course_admin = utils.XsrfTokenManager.is_xsrf_token_valid(
        xsrf_token, XSRF_ACTION_NAME)
    ui_enabled = GCB_ENABLE_MAPREDUCE_DETAIL_ACCESS.value

    if ui_enabled and (content_is_static or
                       user_is_course_admin or
                       users.is_current_user_admin()):
        namespace = self.request.get('namespace')
        with Namespace(namespace):
            self.real_dispatch(*args, **kwargs)

        # Some places in the pipeline UI are good about passing the
        # URL's search string along to RPC calls back to Ajax RPCs,
        # which automatically picks up our extra namespace and xsrf
        # tokens.  However, some do not, and so we patch it
        # here, rather than trying to keep up-to-date with the library.
        params = {}
        if namespace:
            params['namespace'] = namespace
        if xsrf_token:
            params['xsrf_token'] = xsrf_token
        extra_url_params = urllib.urlencode(params)
        if self.request.path == '/mapreduce/ui/pipeline/status.js':
            self.response.body = self.response.body.replace(
                'rpc/tree?',
                'rpc/tree\' + window.location.search + \'&')

        elif self.request.path == '/mapreduce/ui/pipeline/rpc/tree':
            self.response.body = self.response.body.replace(
                '/mapreduce/worker/detail?',
                '/mapreduce/ui/detail?' + extra_url_params + '&')

        elif self.request.path == '/mapreduce/ui/detail':
            self.response.body = self.response.body.replace(
                'src="status.js"',
                'src="status.js?%s"' % extra_url_params)

        elif self.request.path == '/mapreduce/ui/status.js':
            replacement = (
                '\'namespace\': \'%s\', '
                '\'xsrf_token\': \'%s\', '
                '\'mapreduce_id\':' % (
                    namespace if namespace else '',
                    xsrf_token if xsrf_token else ''))
            self.response.charset = 'utf8'
            self.response.text = self.response.body.replace(
                '\'mapreduce_id\':', replacement)
    else:
        self.response.out.write('Forbidden')
        self.response.set_status(403)
Beispiel #4
0
    def test_is_current_user_admin_returns_true_if_user_in_list(self):
        actions.login(self.email)
        self.runtime_config.enabled = True
        self.runtime_config.admins = [self.email]
        gitkit.Runtime.set_current_runtime_config(self.runtime_config)
        gitkit.Runtime.set_current_token('token')
        service = self._get_gitkit_service(self.gitkit_user)
        self.swap(gitkit, '_make_gitkit_service',
                  lambda *args, **kwargs: service)

        self.assertTrue(users.is_current_user_admin())
    def test_is_current_user_admin_returns_true_if_user_in_list(self):
        actions.login(self.email)
        self.runtime_config.enabled = True
        self.runtime_config.admins = [self.email]
        gitkit.Runtime.set_current_runtime_config(self.runtime_config)
        gitkit.Runtime.set_current_token('token')
        service = self._get_gitkit_service(self.gitkit_user)
        self.swap(
            gitkit, '_make_gitkit_service', lambda *args, **kwargs: service)

        self.assertTrue(users.is_current_user_admin())
Beispiel #6
0
    def __init__(self, request, response):  # pylint: disable=super-init-not-called
        self.initialize(request, response)
        # Check to see if the current user is admin
        self.is_admin = users.is_current_user_admin()

        # Store the original namespace, before setting the course specific one.
        self.old_namespace = namespace_manager.get_namespace()

        # Set the active namespace to the course domain namespace
        try:
            sites.set_path_info(self.request.path, self.request.server_name)
        except AttributeError as e:
            logging.error(e)

        namespace = namespace_manager.get_namespace()

        if namespace:
            self.app_context = sites.get_course_for_current_request()
            self.is_admin = roles.Roles.is_course_admin(self.app_context)
            is_public = self.app_context.now_available

            if self.is_admin is False and is_public is False:
                # if course is private, and user has not logged in, redirect to login
                # else if user is logged in and not admin, 404
                if not users.get_current_user():
                    self.redirect(users.create_login_url(self.request.path))
                else:
                    self.abort(404)

            # Set the current user with their preferences
            self.student = StudentSvc.get_current_student()
            if self.student:
                self.student.prefs = StudentSvc.get_current_user_preferences()

        if self.current_user:
            self._xsrf_token = xsrf.GenerateToken(_GetXsrfKey(),
                                                  self.current_user.email())
            self.response.set_cookie('XSRF-TOKEN', self._xsrf_token, httponly=False)
        else:
            self._xsrf_token = None
        self._RawWrite = self.response.out.write

        # Get a session store for this request.
        self.session_store = sessions.get_store(request=self.request)

        # Set the active locale
        self.locale_key = LocaleSvc.get_locale_key('en_GB')
 def is_direct_super_admin(cls):
     """Checks if current user is a super admin, without delegation."""
     return users.get_current_user() and users.is_current_user_admin()
Beispiel #8
0
 def is_direct_super_admin(cls):
     """Checks if current user is a super admin, without delegation."""
     return users.get_current_user() and users.is_current_user_admin()
Beispiel #9
0
    def test_is_current_user_admin_falls_back_to_gae_if_not_enabled(self):
        actions.login('*****@*****.**', is_admin=True)
        self.runtime_config.enabled = False
        gitkit.Runtime.set_current_runtime_config(self.runtime_config)

        self.assertTrue(users.is_current_user_admin())
Beispiel #10
0
    def test_is_current_user_admin_falls_back_to_gae_if_no_runtime_config(
            self):
        actions.login('*****@*****.**', is_admin=True)

        self.assertTrue(users.is_current_user_admin())
    def test_is_current_user_admin_falls_back_to_gae_if_not_enabled(self):
        actions.login('*****@*****.**', is_admin=True)
        self.runtime_config.enabled = False
        gitkit.Runtime.set_current_runtime_config(self.runtime_config)

        self.assertTrue(users.is_current_user_admin())
    def test_is_current_user_admin_falls_back_to_gae_if_no_runtime_config(self):
        actions.login('*****@*****.**', is_admin=True)

        self.assertTrue(users.is_current_user_admin())