def test_has_ccx_coach_role(self):
"""
Assert that user has coach access on ccx.
"""
ccx_locator = self.make_ccx()
# user have access as coach on ccx
self.assertTrue(access.has_ccx_coach_role(self.coach, ccx_locator))
# user dont have access as coach on ccx
self.setup_user()
self.assertFalse(access.has_ccx_coach_role(self.user, ccx_locator))
def wrapper(request, course_id, **kwargs):
"""
Wraps the view function, performing access check, loading the course,
and modifying the view's call signature.
"""
course_key = CourseKey.from_string(course_id)
ccx = None
if isinstance(course_key, CCXLocator):
ccx_id = course_key.ccx
try:
ccx = CustomCourseForEdX.objects.get(pk=ccx_id)
except CustomCourseForEdX.DoesNotExist:
raise Http404
if ccx:
# get permissions for ccx course
course = get_course_by_id(course_key, depth=None)
is_staff = has_access(request.user, 'staff', course)
is_instructor = has_access(request.user, 'instructor', course)
# and then set course key to CCX master course
course_key = ccx.course_id
course = get_course_by_id(course_key, depth=None)
# if not course.enable_ccx:
# raise Http404
if ccx and (is_staff or is_instructor):
return view(request, course, ccx, **kwargs)
else:
if ccx is not None:
if not has_ccx_coach_role(request.user, ccx.ccx_course_id):
return HttpResponseForbidden(
_('You must be the coach for this ccx to access this view'
))
return view(request, course, ccx, **kwargs)
