def put(self, collection_id): """Unpublishes the given collection.""" collection = collection_services.get_collection_by_id(collection_id) version = self.payload.get('version') _require_valid_version(version, collection.version) rights_manager.unpublish_collection(self.user, collection_id) search_services.delete_collections_from_search_index([collection_id]) collection_rights = rights_manager.get_collection_rights(collection_id, strict=False) self.values.update({ 'can_edit': True, 'can_unpublish': rights_manager.check_can_unpublish_activity( self.user, collection_rights), 'collection_id': collection.id, 'is_private': rights_manager.is_collection_private(collection_id), 'owner_names': rights_manager.get_collection_owner_names(collection_id) }) self.render_json(self.values)
def get(self, collection_id): """Gets the editing rights for the given collection. Args: collection_id: str. ID for the collection. """ (collection, collection_rights) = ( collection_services.get_collection_and_collection_rights_by_id( collection_id)) self.values.update({ 'can_edit': True, 'can_unpublish': rights_manager.check_can_unpublish_activity( self.user, collection_rights), 'collection_id': collection.id, 'is_private': rights_manager.is_collection_private(collection_id), 'owner_names': rights_manager.get_collection_owner_names(collection_id) }) self.render_json(self.values)
def put(self, collection_id): """Publishes the given collection.""" collection = collection_services.get_collection_by_id(collection_id) version = self.payload.get('version') _require_valid_version(version, collection.version) collection.validate(strict=True) collection_services.validate_exps_in_collection_are_public(collection) collection_services.publish_collection_and_update_user_profiles( self.user, collection_id) collection_services.index_collections_given_ids([collection_id]) collection_rights = rights_manager.get_collection_rights(collection_id, strict=False) self.values.update({ 'can_edit': True, 'can_unpublish': rights_manager.check_can_unpublish_activity( self.user, collection_rights), 'collection_id': collection.id, 'is_private': rights_manager.is_collection_private(collection_id), 'owner_names': rights_manager.get_collection_owner_names(collection_id) }) self.render_json(self.values)
def test_inviting_collaborator_to_collection(self): self.save_new_valid_collection( self.COLLECTION_ID, self.user_id_a, exploration_id=self.EXP_ID_FOR_COLLECTION) collection_rights = rights_manager.get_collection_rights( self.COLLECTION_ID) # Verify initial editor permissions for the collection. self.assertTrue( rights_manager.check_can_access_activity(self.user_a, collection_rights)) self.assertTrue( rights_manager.check_can_edit_activity(self.user_a, collection_rights)) # Verify initial editor permissions for the exploration within the # collection. self.assertFalse( rights_manager.check_can_access_activity(self.user_b, collection_rights)) self.assertFalse( rights_manager.check_can_edit_activity(self.user_b, collection_rights)) # User A adds user B to the collection as an editor. rights_manager.assign_role_for_collection(self.user_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) # Ensure User A is the only user in the owner names list. self.assertListEqual(['A'], rights_manager.get_collection_owner_names( self.COLLECTION_ID)) collection_rights = rights_manager.get_collection_rights( self.COLLECTION_ID) # Ensure User B is now an editor of the collection. self.assertTrue( rights_manager.check_can_access_activity(self.user_b, collection_rights)) self.assertTrue( rights_manager.check_can_edit_activity(self.user_b, collection_rights)) self.assertFalse( rights_manager.check_can_delete_activity(self.user_b, collection_rights)) exp_for_collection_rights = rights_manager.get_exploration_rights( self.EXP_ID_FOR_COLLECTION) # Ensure User B is not an editor of the exploration within the # collection. self.assertFalse( rights_manager.check_can_access_activity( self.user_b, exp_for_collection_rights)) self.assertFalse( rights_manager.check_can_edit_activity(self.user_b, exp_for_collection_rights))
def test_newly_created_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) self.assertListEqual(['A'], rights_manager.get_collection_owner_names( self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_a).can_play( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_a).can_view( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_a).can_edit( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_a).can_delete( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_play( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_view( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_edit( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_admin).can_delete( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_moderator).can_play( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_moderator).can_view( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_moderator).can_edit( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_moderator).can_delete( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
def test_newly_created_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) self.assertListEqual(['A'], rights_manager.get_collection_owner_names( self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_a).can_play( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_a).can_view( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_a).can_edit( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_a).can_delete( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_play( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_view( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_edit( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_admin).can_delete( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_moderator).can_play( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_moderator).can_view( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_moderator).can_edit( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_moderator).can_delete( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
def test_newly_created_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) self.assertListEqual(['A'], rights_manager.get_collection_owner_names( self.COLLECTION_ID)) collection_rights = rights_manager.get_collection_rights( self.COLLECTION_ID) self.assertTrue( rights_manager.check_can_access_activity(self.user_a, collection_rights)) self.assertTrue( rights_manager.check_can_edit_activity(self.user_a, collection_rights)) self.assertTrue( rights_manager.check_can_delete_activity(self.user_a, collection_rights)) self.assertTrue( rights_manager.check_can_access_activity(self.user_admin, collection_rights)) self.assertTrue( rights_manager.check_can_edit_activity(self.user_admin, collection_rights)) self.assertTrue( rights_manager.check_can_delete_activity(self.user_admin, collection_rights)) self.assertTrue( rights_manager.check_can_access_activity(self.user_moderator, collection_rights)) self.assertFalse( rights_manager.check_can_edit_activity(self.user_moderator, collection_rights)) self.assertFalse( rights_manager.check_can_delete_activity(self.user_moderator, collection_rights)) self.assertFalse( rights_manager.check_can_access_activity(self.user_b, collection_rights)) self.assertFalse( rights_manager.check_can_edit_activity(self.user_b, collection_rights)) self.assertFalse( rights_manager.check_can_delete_activity(self.user_b, collection_rights))
def get(self, collection_id): """Gets the editing rights for the given collection.""" collection = collection_services.get_collection_by_id(collection_id) self.values.update({ 'can_edit': True, 'can_unpublish': rights_manager.Actor( self.user_id).can_unpublish( feconf.ACTIVITY_TYPE_COLLECTION, collection_id), 'collection_id': collection.id, 'is_private': rights_manager.is_collection_private(collection_id), 'owner_names': rights_manager.get_collection_owner_names( collection_id) }) self.render_json(self.values)
def test_ownership_of_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) rights_manager.assign_role_for_collection( self.user_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) self.assertListEqual(['A'], rights_manager.get_collection_owner_names( self.COLLECTION_ID)) collection_rights = rights_manager.get_collection_rights( self.COLLECTION_ID) self.assertTrue(collection_rights.is_owner(self.user_id_a)) self.assertFalse(collection_rights.is_owner(self.user_id_b)) self.assertFalse(collection_rights.is_owner(self.user_id_admin))
def put(self, collection_id): """Updates the editing rights for the given collection.""" collection = collection_services.get_collection_by_id(collection_id) version = self.payload.get('version') _require_valid_version(version, collection.version) # TODO(bhenning): Implement other rights changes here. is_public = self.payload.get('is_public') if is_public is not None: if is_public: try: collection.validate(strict=True) collection_services.validate_exps_in_collection_are_public( collection) except utils.ValidationError as e: raise self.InvalidInputException(e) collection_services.publish_collection_and_update_user_profiles( self.user_id, collection_id) collection_services.index_collections_given_ids( [collection_id]) elif rights_manager.Actor(self.user_id).can_unpublish( feconf.ACTIVITY_TYPE_COLLECTION, collection_id): rights_manager.unpublish_collection(self.user_id, collection_id) collection_services.delete_documents_from_search_index( [collection_id]) else: raise self.InvalidInputException( 'Cannot unpublish a collection.') self.values.update({ 'can_edit': True, 'can_unpublish': rights_manager.Actor(self.user_id).can_unpublish( feconf.ACTIVITY_TYPE_COLLECTION, collection_id), 'collection_id': collection.id, 'is_private': rights_manager.is_collection_private(collection_id), 'owner_names': rights_manager.get_collection_owner_names(collection_id) })
def get(self, collection_id): """Gets the editing rights for the given collection.""" collection = collection_services.get_collection_by_id(collection_id) self.values.update({ 'can_edit': True, 'can_unpublish': rights_manager.Actor(self.user_id).can_unpublish( feconf.ACTIVITY_TYPE_COLLECTION, collection_id), 'collection_id': collection.id, 'is_private': rights_manager.is_collection_private(collection_id), 'owner_names': rights_manager.get_collection_owner_names(collection_id) }) self.render_json(self.values)
def put(self, collection_id): """Updates the editing rights for the given collection.""" collection = collection_services.get_collection_by_id(collection_id) version = self.payload.get('version') _require_valid_version(version, collection.version) # TODO(bhenning): Implement other rights changes here. is_public = self.payload.get('is_public') if is_public is not None: if is_public: try: collection.validate(strict=True) collection_services.validate_exps_in_collection_are_public( collection) except utils.ValidationError as e: raise self.InvalidInputException(e) collection_services.publish_collection_and_update_user_profiles( self.user_id, collection_id) collection_services.index_collections_given_ids([ collection_id]) elif rights_manager.Actor(self.user_id).can_unpublish( feconf.ACTIVITY_TYPE_COLLECTION, collection_id): rights_manager.unpublish_collection(self.user_id, collection_id) collection_services.delete_documents_from_search_index([ collection_id]) else: raise self.InvalidInputException( 'Cannot unpublish a collection.') self.values.update({ 'can_edit': True, 'can_unpublish': rights_manager.Actor( self.user_id).can_unpublish( feconf.ACTIVITY_TYPE_COLLECTION, collection_id), 'collection_id': collection.id, 'is_private': rights_manager.is_collection_private(collection_id), 'owner_names': rights_manager.get_collection_owner_names( collection_id) })
def test_ownership_of_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) rights_manager.assign_role_for_collection( self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) self.assertListEqual(['A'], rights_manager.get_collection_owner_names( self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_a).is_owner( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).is_owner( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_admin).is_owner( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
def test_ownership_of_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) rights_manager.assign_role_for_collection(self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) self.assertListEqual(['A'], rights_manager.get_collection_owner_names( self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_a).is_owner( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).is_owner( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_admin).is_owner( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
def test_inviting_collaborator_to_collection(self): self.save_new_valid_collection( self.COLLECTION_ID, self.user_id_a, exploration_id=self.EXP_ID_FOR_COLLECTION) # Verify initial editor permissions for the collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) # Verify initial editor permissions for the exploration within the # collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) # User A adds user B to the collection as an editor. rights_manager.assign_role_for_collection( self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) # Ensure User A is the only user in the owner names list. self.assertListEqual(['A'], rights_manager.get_collection_owner_names( self.COLLECTION_ID)) # Ensure User B is now an editor of the collection. self.assertTrue( rights_manager.Actor(self.user_id_b).can_play( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_view( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_edit( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) # Ensure User B is not an editor of the exploration within the # collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION))
def test_inviting_collaborator_to_collection(self): self.save_new_valid_collection( self.COLLECTION_ID, self.user_id_a, exploration_id=self.EXP_ID_FOR_COLLECTION) # Verify initial editor permissions for the collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) # Verify initial editor permissions for the exploration within the # collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) # User A adds user B to the collection as an editor. rights_manager.assign_role_for_collection(self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) # Ensure User A is the only user in the owner names list. self.assertListEqual(['A'], rights_manager.get_collection_owner_names( self.COLLECTION_ID)) # Ensure User B is now an editor of the collection. self.assertTrue( rights_manager.Actor(self.user_id_b).can_play( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_view( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_edit( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( feconf.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) # Ensure User B is not an editor of the exploration within the # collection. self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID_FOR_COLLECTION))