def test_publish_and_unpublish_topic(self):
"""Test the publish and unpublish functionality."""
self.login(self.ADMIN_EMAIL)
response = self.get_html_response(
'%s/%s' % (feconf.TOPIC_EDITOR_URL_PREFIX, self.topic_id))
csrf_token = self.get_csrf_token_from_response(response)
# Test whether admin can publish and unpublish a topic.
self.put_json('%s/%s' %
(feconf.TOPIC_STATUS_URL_PREFIX, self.topic_id),
{'publish_status': True},
csrf_token=csrf_token)
topic_rights = topic_services.get_topic_rights(self.topic_id)
self.assertTrue(topic_rights.topic_is_published)
self.put_json('%s/%s' %
(feconf.TOPIC_STATUS_URL_PREFIX, self.topic_id),
{'publish_status': False},
csrf_token=csrf_token)
topic_rights = topic_services.get_topic_rights(self.topic_id)
self.assertFalse(topic_rights.topic_is_published)
self.logout()
self.login(self.NEW_USER_EMAIL)
# Test that other users cannot access topic rights.
self.put_json('%s/%s' %
(feconf.TOPIC_STATUS_URL_PREFIX, self.topic_id),
{'publish_status': False},
csrf_token=csrf_token,
expected_status_int=401)
self.logout()
def test_publish_and_unpublish_topic(self):
"""Test the publish and unpublish functionality."""
self.login(self.ADMIN_EMAIL)
with self.swap(constants, 'ENABLE_NEW_STRUCTURES', True):
response = self.testapp.get(
'%s/%s' % (feconf.TOPIC_EDITOR_URL_PREFIX, self.topic_id))
csrf_token = self.get_csrf_token_from_response(response)
# Test whether admin can publish and unpublish a topic.
json_response = self.put_json(
'%s/%s' % (feconf.TOPIC_STATUS_URL_PREFIX, self.topic_id),
{'publish_status': True},
csrf_token=csrf_token)
topic_rights = topic_services.get_topic_rights(self.topic_id)
self.assertTrue(topic_rights.topic_is_published)
json_response = self.put_json(
'%s/%s' % (feconf.TOPIC_STATUS_URL_PREFIX, self.topic_id),
{'publish_status': False},
csrf_token=csrf_token)
topic_rights = topic_services.get_topic_rights(self.topic_id)
self.assertFalse(topic_rights.topic_is_published)
self.logout()
self.login(self.NEW_USER_EMAIL)
# Test that other users cannot access topic rights.
json_response = self.put_json(
'%s/%s' % (feconf.TOPIC_STATUS_URL_PREFIX, self.topic_id),
{'publish_status': False},
csrf_token=csrf_token,
expect_errors=True,
expected_status_int=401)
self.assertEqual(json_response['status_code'], 401)
self.logout()
def test_cannot_publish_a_published_topic(self):
topic_rights = topic_services.get_topic_rights(self.TOPIC_ID)
self.assertFalse(topic_rights.topic_is_published)
topic_services.publish_topic(self.TOPIC_ID, self.user_id_admin)
topic_rights = topic_services.get_topic_rights(self.TOPIC_ID)
self.assertTrue(topic_rights.topic_is_published)
with self.assertRaisesRegexp(
Exception, 'The topic is already published.'):
topic_services.publish_topic(self.TOPIC_ID, self.user_id_admin)
def test_deassigning_manager_role(self):
topic_services.assign_role(
self.user_admin, self.user_a,
topic_domain.ROLE_MANAGER, self.TOPIC_ID)
topic_rights = topic_services.get_topic_rights(self.TOPIC_ID)
self.assertTrue(topic_services.check_can_edit_topic(
self.user_a, topic_rights))
self.assertFalse(topic_services.check_can_edit_topic(
self.user_b, topic_rights))
topic_services.assign_role(
self.user_admin, self.user_a,
topic_domain.ROLE_NONE, self.TOPIC_ID)
self.assertFalse(topic_services.check_can_edit_topic(
self.user_a, topic_rights))
self.assertFalse(topic_services.check_can_edit_topic(
self.user_b, topic_rights))
topic_services.assign_role(
self.user_admin, self.user_a,
topic_domain.ROLE_NONE, self.TOPIC_ID)
self.assertFalse(topic_services.check_can_edit_topic(
self.user_a, topic_rights))
self.assertFalse(topic_services.check_can_edit_topic(
self.user_b, topic_rights))
def test_admin_can_manage_topic(self):
topic_services.create_new_topic_rights(
self.topic_id, self.user_id_admin)
topic_rights = topic_services.get_topic_rights(self.topic_id)
self.assertTrue(topic_services.check_can_edit_topic(
self.user_admin, topic_rights))
def test_publish_and_unpublish_topic(self):
topic_rights = topic_services.get_topic_rights(self.TOPIC_ID)
self.assertFalse(topic_rights.topic_is_published)
topic_services.publish_topic(self.TOPIC_ID, self.user_id_admin)
with self.assertRaisesRegexp(
Exception,
'The user does not have enough rights to unpublish the topic.'):
topic_services.unpublish_topic(self.TOPIC_ID, self.user_id_a)
topic_rights = topic_services.get_topic_rights(self.TOPIC_ID)
self.assertTrue(topic_rights.topic_is_published)
topic_services.unpublish_topic(self.TOPIC_ID, self.user_id_admin)
topic_rights = topic_services.get_topic_rights(self.TOPIC_ID)
self.assertFalse(topic_rights.topic_is_published)
with self.assertRaisesRegexp(
Exception,
'The user does not have enough rights to publish the topic.'):
topic_services.publish_topic(self.TOPIC_ID, self.user_id_a)
def test_cannot_unpublish_an_unpublished_exploration(self):
self.login(self.ADMIN_EMAIL)
csrf_token = self.get_new_csrf_token()
topic_rights = topic_services.get_topic_rights(self.topic_id)
self.assertFalse(topic_rights.topic_is_published)
response = self.put_json(
'%s/%s' % (
feconf.TOPIC_STATUS_URL_PREFIX, self.topic_id),
{'publish_status': False}, csrf_token=csrf_token,
expected_status_int=401)
self.assertEqual(response['error'], 'The topic is already unpublished.')
def test_create_new_topic_rights(self):
topic_services.create_new_topic_rights(self.topic_id,
self.user_id_admin)
topic_services.assign_role(self.user_admin, self.user_id_a,
topic_domain.ROLE_MANAGER, self.topic_id)
topic_rights = topic_services.get_topic_rights(self.topic_id)
self.assertTrue(
topic_services.check_can_edit_topic(self.user_a, topic_rights))
self.assertFalse(
topic_services.check_can_edit_topic(self.user_b, topic_rights))
def test_non_admin_cannot_assign_roles(self):
with self.assertRaisesRegexp(
Exception,
'UnauthorizedUserException: Could not assign new role.'):
topic_services.assign_role(
self.user_b, self.user_a,
topic_domain.ROLE_MANAGER, self.TOPIC_ID)
topic_rights = topic_services.get_topic_rights(self.TOPIC_ID)
self.assertFalse(topic_services.check_can_edit_topic(
self.user_a, topic_rights))
self.assertFalse(topic_services.check_can_edit_topic(
self.user_b, topic_rights))
def test_can_delete_story(self, topic_id, **kwargs):
if not self.user_id:
raise base.UserFacingExceptions.NotLoggedInException
topic_rights = topic_services.get_topic_rights(topic_id)
if topic_rights is None:
raise base.UserFacingExceptions.PageNotFoundException
if topic_services.check_can_edit_topic(self.user, topic_rights):
return handler(self, topic_id, **kwargs)
else:
raise self.UnauthorizedUserException(
'You do not have credentials to delete this story.')
def test_reassigning_manager_role_to_same_user(self):
topic_services.assign_role(self.user_admin, self.user_a,
topic_domain.ROLE_MANAGER, self.TOPIC_ID)
with self.assertRaisesRegexp(
Exception, 'This user already is a manager for this topic'):
topic_services.assign_role(self.user_admin, self.user_a,
topic_domain.ROLE_MANAGER,
self.TOPIC_ID)
topic_rights = topic_services.get_topic_rights(self.TOPIC_ID)
self.assertTrue(
topic_services.check_can_edit_topic(self.user_a, topic_rights))
self.assertFalse(
topic_services.check_can_edit_topic(self.user_b, topic_rights))
def test_cannot_publish_a_published_exploration(self):
self.login(self.ADMIN_EMAIL)
response = self.get_html_response(
'%s/%s' % (feconf.TOPIC_EDITOR_URL_PREFIX, self.topic_id))
csrf_token = self.get_csrf_token_from_response(response)
self.put_json('%s/%s' %
(feconf.TOPIC_STATUS_URL_PREFIX, self.topic_id),
{'publish_status': True},
csrf_token=csrf_token)
topic_rights = topic_services.get_topic_rights(self.topic_id)
self.assertTrue(topic_rights.topic_is_published)
response = self.put_json(
'%s/%s' % (feconf.TOPIC_STATUS_URL_PREFIX, self.topic_id),
{'publish_status': True},
csrf_token=csrf_token,
expected_status_int=401)
self.assertEqual(response['error'], 'The topic is already published.')
def test_manager_cannot_assign_roles(self):
topic_services.create_new_topic_rights(self.topic_id,
self.user_id_admin)
topic_services.assign_role(self.user_admin, self.user_id_a,
topic_domain.ROLE_MANAGER, self.topic_id)
with self.assertRaisesRegexp(
Exception,
'UnauthorizedUserException: Could not assign new role.'):
topic_services.assign_role(self.user_a, self.user_id_b,
topic_domain.ROLE_MANAGER,
self.topic_id)
topic_rights = topic_services.get_topic_rights(self.topic_id)
self.assertTrue(
topic_services.check_can_edit_topic(self.user_a, topic_rights))
self.assertFalse(
topic_services.check_can_edit_topic(self.user_b, topic_rights))
def get(self, topic_id):
"""Returns the TopicRights object of a topic."""
topic_rights = topic_services.get_topic_rights(topic_id, strict=False)
if topic_rights is None:
raise self.InvalidInputException(
'Expected a valid topic id to be provided.')
user_actions_info = user_services.UserActionsInfo(self.user_id)
can_edit_topic = topic_services.check_can_edit_topic(
user_actions_info, topic_rights)
can_publish_topic = (role_services.ACTION_CHANGE_TOPIC_STATUS
in user_actions_info.actions)
self.values.update({
'can_edit_topic': can_edit_topic,
'published': topic_rights.topic_is_published,
'can_publish_topic': can_publish_topic
})
self.render_json(self.values)
def test_admin_can_manage_topic(self):
topic_rights = topic_services.get_topic_rights(self.TOPIC_ID)
self.assertTrue(topic_services.check_can_edit_topic(
self.user_admin, topic_rights))
