def test_editable_collection_handler_put_can_access(self): """Check that editors can access put handler""" whitelisted_usernames = [self.EDITOR_USERNAME, self.VIEWER_USERNAME] self.set_config_property( config_domain.WHITELISTED_COLLECTION_EDITOR_USERNAMES, whitelisted_usernames) rights_manager.create_new_collection_rights( self.COLLECTION_ID, self.owner_id) rights_manager.assign_role_for_collection( self.admin_id, self.COLLECTION_ID, self.editor_id, rights_manager.ROLE_EDITOR) rights_manager.publish_collection(self.owner_id, self.COLLECTION_ID) self.login(self.EDITOR_EMAIL) # Call get handler to return the csrf token. response = self.testapp.get( '%s/%s' % (feconf.COLLECTION_URL_PREFIX, self.COLLECTION_ID)) csrf_token = self.get_csrf_token_from_response(response) json_response = self.put_json( '%s/%s' % (feconf.EDITABLE_COLLECTION_DATA_URL_PREFIX, self.COLLECTION_ID), self.json_dict, csrf_token=csrf_token) self.assertEqual(self.COLLECTION_ID, json_response['collection']['id']) self.assertEqual(2, json_response['collection']['version']) self.logout()
def test_editable_collection_handler_put_cannot_access(self): """Check that non-editors cannot access editable put handler""" whitelisted_usernames = [self.EDITOR_USERNAME, self.VIEWER_USERNAME] self.set_config_property( config_domain.WHITELISTED_COLLECTION_EDITOR_USERNAMES, whitelisted_usernames) # Assign viewer role to collection. rights_manager.create_new_collection_rights( self.COLLECTION_ID, self.owner_id) rights_manager.assign_role_for_collection( self.admin_id, self.COLLECTION_ID, self.viewer_id, rights_manager.ROLE_VIEWER) rights_manager.publish_collection(self.owner_id, self.COLLECTION_ID) self.login(self.VIEWER_EMAIL) # Call get handler to return the csrf token. response = self.testapp.get( '%s/%s' % (feconf.COLLECTION_URL_PREFIX, self.COLLECTION_ID)) csrf_token = self.get_csrf_token_from_response(response) # Ensure viewers do not have access to the PUT Handler. json_response = self.put_json( '%s/%s' % (feconf.EDITABLE_COLLECTION_DATA_URL_PREFIX, self.COLLECTION_ID), self.json_dict, expect_errors=True, csrf_token=csrf_token, expected_status_int=401) self.assertEqual(json_response['code'], 401) self.logout()
def test_collection_rights_handler(self): collection_id = 'collection_id' collection = collection_domain.Collection.create_default_collection( collection_id, 'A title', 'A Category', 'An Objective') collection_services.save_new_collection(self.owner_id, collection) # Check that collection is published correctly. rights_manager.assign_role_for_collection( self.owner_id, collection_id, self.editor_id, rights_manager.ROLE_EDITOR) rights_manager.publish_collection(self.owner_id, collection_id) # Check that collection cannot be unpublished by non admin. with self.assertRaisesRegexp( Exception, 'This collection cannot be unpublished.'): rights_manager.unpublish_collection(self.owner_id, collection_id) collection_rights = rights_manager.get_collection_rights(collection_id) self.assertEqual(collection_rights.status, rights_manager.ACTIVITY_STATUS_PUBLIC) # Check that collection can be unpublished by admin. rights_manager.unpublish_collection(self.admin_id, collection_id) collection_rights = rights_manager.get_collection_rights(collection_id) self.assertEqual(collection_rights.status, rights_manager.ACTIVITY_STATUS_PRIVATE)
def test_adding_new_collection_viewer_role_does_not_result_in_subscription(self): self.save_new_default_collection(COLLECTION_ID, self.owner_id) self.assertEqual(self._get_collection_ids_subscribed_to(self.viewer_id), []) rights_manager.assign_role_for_collection( self.owner_id, COLLECTION_ID, self.viewer_id, rights_manager.ROLE_VIEWER ) self.assertEqual(self._get_collection_ids_subscribed_to(self.viewer_id), [])
def test_adding_new_collection_owner_or_editor_role_results_in_subscription(self): self.save_new_default_collection(COLLECTION_ID, self.owner_id) self.assertEqual(self._get_collection_ids_subscribed_to(self.owner_2_id), []) rights_manager.assign_role_for_collection( self.owner_id, COLLECTION_ID, self.owner_2_id, rights_manager.ROLE_OWNER ) self.assertEqual(self._get_collection_ids_subscribed_to(self.owner_2_id), [COLLECTION_ID]) self.assertEqual(self._get_collection_ids_subscribed_to(self.editor_id), []) rights_manager.assign_role_for_collection( self.owner_id, COLLECTION_ID, self.editor_id, rights_manager.ROLE_EDITOR ) self.assertEqual(self._get_collection_ids_subscribed_to(self.editor_id), [COLLECTION_ID])
def test_contribution_msec_does_not_update_until_collection_is_published(self): self.signup(self.ADMIN_EMAIL, self.ADMIN_USERNAME) self.admin_id = self.get_user_id_from_email(self.ADMIN_EMAIL) collection = self.save_new_valid_collection( self.COL_ID, self.admin_id, title=self.COLLECTION_TITLE, category=self.COLLECTION_CATEGORY, objective=self.COLLECTION_OBJECTIVE, exploration_id=self.EXP_ID) # Test that saving a collection does not update first contribution # time. self.assertIsNone(user_services.get_user_settings( self.admin_id).first_contribution_msec) # Test that commit to unpublished collection does not update # contribution time. collection_services.update_collection( self.admin_id, self.COL_ID, [{ 'cmd': 'edit_collection_property', 'property_name': 'title', 'new_value': 'Some new title' }], '') self.assertIsNone(user_services.get_user_settings( self.admin_id).first_contribution_msec) # Test that another user who commits to unpublished collection does not # have updated first contribution time. self.signup(self.EDITOR_EMAIL, self.EDITOR_USERNAME) self.editor_id = self.get_user_id_from_email(self.EDITOR_EMAIL) rights_manager.assign_role_for_collection( self.admin_id, self.COL_ID, self.editor_id, 'editor') collection_services.update_collection( self.editor_id, self.COL_ID, [{ 'cmd': 'edit_collection_property', 'property_name': 'category', 'new_value': 'Some new category' }], '') self.assertIsNone(user_services.get_user_settings( self.editor_id).first_contribution_msec) # Test that after an collection is published, all contributors have # updated first contribution times. collection_services.publish_collection_and_update_user_profiles( self.admin_id, self.COL_ID) self.assertIsNotNone(user_services.get_user_settings( self.admin_id).first_contribution_msec) self.assertIsNotNone(user_services.get_user_settings( self.editor_id).first_contribution_msec)
def test_contribution_msec_does_not_change_if_no_contribution_to_collection(self): self.save_new_valid_collection( self.COL_ID, self.admin_id, title=self.COLLECTION_TITLE, category=self.COLLECTION_CATEGORY, objective=self.COLLECTION_OBJECTIVE, exploration_id=self.EXP_ID) rights_manager.assign_role_for_collection( self.admin_id, self.COL_ID, self.editor_id, 'editor') collection_services.publish_collection_and_update_user_profiles( self.admin_id, self.COL_ID) # Test that contribution time is not given to an editor that has not # contributed. self.assertIsNotNone(user_services.get_user_settings( self.admin_id).first_contribution_msec) self.assertIsNone(user_services.get_user_settings( self.editor_id).first_contribution_msec)
def test_ownership_of_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) rights_manager.assign_role_for_collection( self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) self.assertTrue( rights_manager.Actor(self.user_id_a).is_owner( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).is_owner( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_admin).is_owner( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
def test_editable_collection_handler_put_with_invalid_payload_version( self): whitelisted_usernames = [self.EDITOR_USERNAME, self.VIEWER_USERNAME] self.set_collection_editors(whitelisted_usernames) rights_manager.create_new_collection_rights(self.COLLECTION_ID, self.owner_id) rights_manager.assign_role_for_collection(self.admin, self.COLLECTION_ID, self.editor_id, rights_manager.ROLE_EDITOR) rights_manager.publish_collection(self.owner, self.COLLECTION_ID) self.login(self.EDITOR_EMAIL) # Call get handler to return the csrf token. response = self.get_html_response( '%s/%s' % (feconf.COLLECTION_URL_PREFIX, self.COLLECTION_ID)) csrf_token = self.get_csrf_token_from_response(response) # Raises error as version is None. json_response = self.put_json( '%s/%s' % (feconf.COLLECTION_EDITOR_DATA_URL_PREFIX, self.COLLECTION_ID), {'version': None}, csrf_token=csrf_token, expected_status_int=400) self.assertEqual(json_response['error'], 'Invalid POST request: a version must be specified.') # Raises error as version from payload does not match the collection # version. json_response = self.put_json( '%s/%s' % (feconf.COLLECTION_EDITOR_DATA_URL_PREFIX, self.COLLECTION_ID), {'version': 2}, csrf_token=csrf_token, expected_status_int=400) self.assertEqual( json_response['error'], 'Trying to update version 1 of collection from version 2, ' 'which is too old. Please reload the page and try again.') self.logout()
def test_contribution_msec_does_not_update_until_collection_is_published( self): self.save_new_valid_collection( self.COL_ID, self.admin_id, title=self.COLLECTION_TITLE, category=self.COLLECTION_CATEGORY, objective=self.COLLECTION_OBJECTIVE, exploration_id=self.EXP_ID) # Test that saving a collection does not update first contribution # time. self.assertIsNone(user_services.get_user_settings( self.admin_id).first_contribution_msec) # Test that commit to unpublished collection does not update # contribution time. collection_services.update_collection( self.admin_id, self.COL_ID, [{ 'cmd': 'edit_collection_property', 'property_name': 'title', 'new_value': 'Some new title' }], '') self.assertIsNone(user_services.get_user_settings( self.admin_id).first_contribution_msec) # Test that another user who commits to unpublished collection does not # have updated first contribution time. rights_manager.assign_role_for_collection( self.admin_id, self.COL_ID, self.editor_id, 'editor') collection_services.update_collection( self.editor_id, self.COL_ID, [{ 'cmd': 'edit_collection_property', 'property_name': 'category', 'new_value': 'Some new category' }], '') self.assertIsNone(user_services.get_user_settings( self.editor_id).first_contribution_msec) # Test that after an collection is published, all contributors have # updated first contribution times. collection_services.publish_collection_and_update_user_profiles( self.admin_id, self.COL_ID) self.assertIsNotNone(user_services.get_user_settings( self.admin_id).first_contribution_msec) self.assertIsNotNone(user_services.get_user_settings( self.editor_id).first_contribution_msec)
def test_collection_subscription(self): with self.swap( subscription_services, 'subscribe_to_thread', self._null_fn ), self.swap( subscription_services, 'subscribe_to_exploration', self._null_fn ), self.swap( subscription_services, 'subscribe_to_collection', self._null_fn): # User A creates and saves a new valid collection. self.save_new_valid_collection( self.COLLECTION_ID_1, self.user_a_id, exploration_id=self.EXP_ID_FOR_COLLECTION_1) # User A adds user B as an editor to the collection. rights_manager.assign_role_for_collection( self.user_a_id, self.COLLECTION_ID_1, self.user_b_id, rights_manager.ROLE_EDITOR) # User A adds user C as a viewer of the collection. rights_manager.assign_role_for_collection( self.user_a_id, self.COLLECTION_ID_1, self.user_c_id, rights_manager.ROLE_VIEWER) self._run_one_off_job() # Users A and B are subscribed to the collection. User C is not. user_a_subscriptions_model = user_models.UserSubscriptionsModel.get( self.user_a_id) user_b_subscriptions_model = user_models.UserSubscriptionsModel.get( self.user_b_id) user_c_subscriptions_model = user_models.UserSubscriptionsModel.get( self.user_c_id, strict=False) self.assertEqual( user_a_subscriptions_model.collection_ids, [self.COLLECTION_ID_1]) # User A is also subscribed to the exploration within the collection # because they created both. self.assertEqual( sorted(user_a_subscriptions_model.activity_ids), [ self.EXP_ID_1, self.EXP_ID_FOR_COLLECTION_1]) self.assertEqual( user_b_subscriptions_model.collection_ids, [self.COLLECTION_ID_1]) self.assertEqual(user_a_subscriptions_model.feedback_thread_ids, []) self.assertEqual(user_b_subscriptions_model.feedback_thread_ids, []) self.assertEqual(user_c_subscriptions_model, None)
def test_ownership_of_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) rights_manager.assign_role_for_collection(self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) self.assertTrue( rights_manager.Actor(self.user_id_a).is_owner( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).is_owner( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_admin).is_owner( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
def test_ownership_of_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) rights_manager.assign_role_for_collection( self.user_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) self.assertListEqual( ['A'], rights_manager.get_collection_owner_names( self.COLLECTION_ID)) collection_rights = rights_manager.get_collection_rights( self.COLLECTION_ID) self.assertTrue(collection_rights.is_owner(self.user_id_a)) self.assertFalse(collection_rights.is_owner(self.user_id_b)) self.assertFalse(collection_rights.is_owner(self.user_id_admin))
def test_contribution_msec_does_not_change_if_no_contribution_to_collection( self): self.save_new_valid_collection( self.COL_ID, self.admin_id, title=self.COLLECTION_TITLE, category=self.COLLECTION_CATEGORY, objective=self.COLLECTION_OBJECTIVE, exploration_id=self.EXP_ID) rights_manager.assign_role_for_collection( self.admin_id, self.COL_ID, self.editor_id, 'editor') collection_services.publish_collection_and_update_user_profiles( self.admin_id, self.COL_ID) # Test that contribution time is not given to an editor that has not # contributed. self.assertIsNotNone(user_services.get_user_settings( self.admin_id).first_contribution_msec) self.assertIsNone(user_services.get_user_settings( self.editor_id).first_contribution_msec)
def test_pre_delete_user_with_activities_multiple_owners(self): user_services.update_user_role( self.user_1_id, feconf.ROLE_ID_COLLECTION_EDITOR) user_1_actions = user_services.UserActionsInfo(self.user_1_id) self.save_new_valid_exploration('exp_id', self.user_1_id) rights_manager.assign_role_for_exploration( user_1_actions, 'exp_id', self.user_2_id, rights_manager.ROLE_OWNER) self.save_new_valid_collection( 'col_id', self.user_1_id, exploration_id='exp_id') rights_manager.assign_role_for_collection( user_1_actions, 'col_id', self.user_2_id, rights_manager.ROLE_OWNER) wipeout_service.pre_delete_user(self.user_1_id) pending_deletion_model = ( user_models.PendingDeletionRequestModel.get_by_id(self.user_1_id)) self.assertEqual( pending_deletion_model.exploration_ids, []) self.assertEqual(pending_deletion_model.collection_ids, [])
def test_inviting_playtester_to_collection(self): self.save_new_valid_collection( self.COLLECTION_ID, self.user_id_a, exploration_id=self.EXP_ID_FOR_COLLECTION) collection_rights = rights_manager.get_collection_rights( self.COLLECTION_ID) exp_for_collection_rights = rights_manager.get_exploration_rights( self.EXP_ID_FOR_COLLECTION) # Verify initial viewer permissions for the collection. self.assertFalse(rights_manager.check_can_access_activity( self.user_b, collection_rights)) self.assertFalse(rights_manager.check_can_edit_activity( self.user_b, collection_rights)) # Verify initial viewer permissions for the exploration within the # collection. self.assertFalse(rights_manager.check_can_access_activity( self.user_b, exp_for_collection_rights)) self.assertFalse(rights_manager.check_can_edit_activity( self.user_b, exp_for_collection_rights)) # User A adds user B to the collection as a viewer. rights_manager.assign_role_for_collection( self.user_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_VIEWER) collection_rights = rights_manager.get_collection_rights( self.COLLECTION_ID) exp_for_collection_rights = rights_manager.get_exploration_rights( self.EXP_ID_FOR_COLLECTION) # Ensure User B is now a viewer of the collection. self.assertTrue(rights_manager.check_can_access_activity( self.user_b, collection_rights)) self.assertFalse(rights_manager.check_can_edit_activity( self.user_b, collection_rights)) # Ensure User B cannot view the exploration just because he/she has # access to the collection containing it. self.assertFalse(rights_manager.check_can_access_activity( self.user_b, exp_for_collection_rights)) self.assertFalse(rights_manager.check_can_edit_activity( self.user_b, exp_for_collection_rights))
def test_adding_new_collection_owner_or_editor_role_results_in_subscription(self): self.save_new_default_collection(COLLECTION_ID, self.owner_id) self.assertEqual( self._get_collection_ids_subscribed_to(self.owner_2_id), []) rights_manager.assign_role_for_collection( self.owner_id, COLLECTION_ID, self.owner_2_id, rights_manager.ROLE_OWNER) self.assertEqual( self._get_collection_ids_subscribed_to(self.owner_2_id), [COLLECTION_ID]) self.assertEqual( self._get_collection_ids_subscribed_to(self.editor_id), []) rights_manager.assign_role_for_collection( self.owner_id, COLLECTION_ID, self.editor_id, rights_manager.ROLE_EDITOR) self.assertEqual( self._get_collection_ids_subscribed_to(self.editor_id), [COLLECTION_ID])
def test_adding_new_collection_owner_or_editor_role_results_in_subscription( self) -> None: self.save_new_default_collection( COLLECTION_ID, self.owner_id) # type: ignore[no-untyped-call] self.assertEqual( self._get_collection_ids_subscribed_to(self.owner_2_id), []) rights_manager.assign_role_for_collection( # type: ignore[no-untyped-call] self.owner, COLLECTION_ID, self.owner_2_id, rights_domain.ROLE_OWNER) self.assertEqual( self._get_collection_ids_subscribed_to(self.owner_2_id), [COLLECTION_ID]) self.assertEqual( self._get_collection_ids_subscribed_to(self.editor_id), []) rights_manager.assign_role_for_collection( # type: ignore[no-untyped-call] self.owner, COLLECTION_ID, self.editor_id, rights_domain.ROLE_EDITOR) self.assertEqual( self._get_collection_ids_subscribed_to(self.editor_id), [COLLECTION_ID])
def test_editable_collection_handler_put_can_access(self): """Check that editors can access put handler.""" whitelisted_usernames = [self.EDITOR_USERNAME, self.VIEWER_USERNAME] self.set_collection_editors(whitelisted_usernames) rights_manager.create_new_collection_rights( self.COLLECTION_ID, self.owner_id) rights_manager.assign_role_for_collection( self.admin, self.COLLECTION_ID, self.editor_id, rights_manager.ROLE_EDITOR) rights_manager.publish_collection(self.owner, self.COLLECTION_ID) self.login(self.EDITOR_EMAIL) # Call get handler to return the csrf token. response = self.get_html_response( '%s/%s' % ( feconf.COLLECTION_URL_PREFIX, self.COLLECTION_ID)) csrf_token = self.get_csrf_token_from_response(response) json_response = self.put_json( '%s/%s' % ( feconf.COLLECTION_EDITOR_DATA_URL_PREFIX, self.COLLECTION_ID), self.json_dict, csrf_token=csrf_token) self.assertEqual(self.COLLECTION_ID, json_response['collection']['id']) self.assertEqual(2, json_response['collection']['version']) # Check that title is changed. response = self.get_html_response( '%s/%s' % ( feconf.COLLECTION_EDITOR_URL_PREFIX, self.COLLECTION_ID)) response.mustcontain(self.json_dict['change_list'][0]['new_value']) self.logout()
def test_setting_rights_of_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) rights_manager.assign_role_for_collection( self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_VIEWER) with self.assertRaisesRegexp(Exception, 'Could not assign new role.'): rights_manager.assign_role_for_collection( self.user_id_b, self.COLLECTION_ID, self.user_id_c, rights_manager.ROLE_VIEWER) rights_manager.assign_role_for_collection( self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) with self.assertRaisesRegexp(Exception, 'Could not assign new role.'): rights_manager.assign_role_for_collection( self.user_id_b, self.COLLECTION_ID, self.user_id_c, rights_manager.ROLE_VIEWER) rights_manager.assign_role_for_collection( self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_OWNER) rights_manager.assign_role_for_collection( self.user_id_b, self.COLLECTION_ID, self.user_id_c, rights_manager.ROLE_OWNER) rights_manager.assign_role_for_collection( self.user_id_b, self.COLLECTION_ID, self.user_id_d, rights_manager.ROLE_EDITOR) rights_manager.assign_role_for_collection( self.user_id_b, self.COLLECTION_ID, self.user_id_e, rights_manager.ROLE_VIEWER)
def test_inviting_playtester_to_collection(self): self.save_new_valid_collection( self.COLLECTION_ID, self.user_id_a, exploration_id=self.EXP_ID_FOR_COLLECTION) # Verify initial viewer permissions for the collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) # Verify initial viewer permissions for the exploration within the # collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) # User A adds user B to the collection as a viewer. rights_manager.assign_role_for_collection( self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_VIEWER) # Ensure User B is now a viewer of the collection. self.assertTrue( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) # Ensure User B cannot view the exploration just because he/she has # access to the collection containing it. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION))
def test_inviting_collaborator_to_collection(self): self.save_new_valid_collection( self.COLLECTION_ID, self.user_id_a, exploration_id=self.EXP_ID_FOR_COLLECTION) # Verify initial editor permissions for the collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) # Verify initial editor permissions for the exploration within the # collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) # User A adds user B to the collection as an editor. rights_manager.assign_role_for_collection( self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) # Ensure User B is now an editor of the collection. self.assertTrue( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) # Ensure User B is not an editor of the exploration within the # collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION))
def test_inviting_collaborator_to_collection(self): self.save_new_valid_collection( self.COLLECTION_ID, self.user_id_a, exploration_id=self.EXP_ID_FOR_COLLECTION) # Verify initial editor permissions for the collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) # Verify initial editor permissions for the exploration within the # collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) # User A adds user B to the collection as an editor. rights_manager.assign_role_for_collection( self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) # Ensure User B is now an editor of the collection. self.assertTrue( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) # Ensure User B is not an editor of the exploration within the # collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION))
def test_inviting_playtester_to_collection(self): self.save_new_valid_collection( self.COLLECTION_ID, self.user_id_a, exploration_id=self.EXP_ID_FOR_COLLECTION) # Verify initial viewer permissions for the collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) # Verify initial viewer permissions for the exploration within the # collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) # User A adds user B to the collection as a viewer. rights_manager.assign_role_for_collection( self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_VIEWER) # Ensure User B is now a viewer of the collection. self.assertTrue( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) # Ensure User B cannot view the exploration just because he/she has # access to the collection containing it. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION))
def test_setting_rights_of_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) rights_manager.assign_role_for_collection( self.user_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_VIEWER) with self.assertRaisesRegexp(Exception, 'Could not assign new role.'): rights_manager.assign_role_for_collection( self.user_b, self.COLLECTION_ID, self.user_id_c, rights_manager.ROLE_VIEWER) rights_manager.assign_role_for_collection( self.user_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) with self.assertRaisesRegexp(Exception, 'Could not assign new role.'): rights_manager.assign_role_for_collection( self.user_b, self.COLLECTION_ID, self.user_id_c, rights_manager.ROLE_VIEWER) rights_manager.assign_role_for_collection( self.user_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_OWNER) rights_manager.assign_role_for_collection( self.user_b, self.COLLECTION_ID, self.user_id_c, rights_manager.ROLE_OWNER) rights_manager.assign_role_for_collection( self.user_b, self.COLLECTION_ID, self.user_id_d, rights_manager.ROLE_EDITOR) rights_manager.assign_role_for_collection( self.user_b, self.COLLECTION_ID, self.user_id_e, rights_manager.ROLE_VIEWER)