def setUp(self):
super().setUp()
dump_random_state()
self.user = UserFactory(username=self.MOCK_USER_DATA["username"])
self.client.login(username=self.user.username, password=USER_PASSWORD)
self.course = CourseFactory(site=self.site)
self.course_runs = CourseRunFactory.create_batch(3, course=self.course)
self.user_grade_low = UserGradeFactory(
username=self.MOCK_USER_DATA["username"],
course_run=self.course_runs[0],
letter_grade="A",
percent_grade=0.70,
)
self.user_grade_high = UserGradeFactory(
username=self.MOCK_USER_DATA["username"],
course_run=self.course_runs[1],
letter_grade="C",
percent_grade=1.00,
)
self.user_grade_revoked_cert = UserGradeFactory(
username=self.MOCK_USER_DATA["username"],
course_run=self.course_runs[2],
letter_grade="B",
percent_grade=0.80,
)
self.course_certs = [
CourseCertificateFactory(course_id=course_run.key, site=self.site) for course_run in self.course_runs
]
self.credential_content_type = ContentType.objects.get(app_label="credentials", model="coursecertificate")
self.program_cert = ProgramCertificateFactory(site=self.site)
self.program_content_type = ContentType.objects.get(app_label="credentials", model="programcertificate")
self.user_credentials = [
UserCredentialFactory(
username=self.MOCK_USER_DATA["username"],
credential_content_type=self.credential_content_type,
credential=course_cert,
)
for course_cert in self.course_certs
]
self.user_credentials[2].status = UserCredential.REVOKED
self.user_credentials[2].save()
self.org_names = ["CCC", "AAA", "BBB"]
self.orgs = [OrganizationFactory(name=name, site=self.site) for name in self.org_names]
self.program = ProgramFactory(
course_runs=self.course_runs,
authoring_organizations=self.orgs,
site=self.site,
uuid=self.program_cert.program_uuid,
)
self.pcr = ProgramCertRecordFactory(program=self.program, user=self.user)
self.pathway = PathwayFactory(site=self.site)
self.pathway.programs.set([self.program])
def setUp(self):
super().setUp()
self.user = UserFactory(username=self.USERNAME)
self.client.login(username=self.user.username, password=USER_PASSWORD)
self.program = ProgramFactory(site=self.site)
self.pathway = PathwayFactory(site=self.site, programs=[self.program])
self.pc = ProgramCertificateFactory(site=self.site, program_uuid=self.program.uuid)
self.user_credential = UserCredentialFactory(username=self.USERNAME, credential=self.pc)
self.data = {"username": self.USERNAME, "pathway_id": self.pathway.id}
self.url = reverse("records:send_program", kwargs={"uuid": self.program.uuid.hex})
mail.outbox = []
def setUp(self):
super().setUp()
self.user = UserFactory(username=self.MOCK_USER_DATA['username'])
self.client.login(username=self.user.username, password=USER_PASSWORD)
self.course = CourseFactory(site=self.site)
self.course_runs = [
CourseRunFactory(course=self.course) for _ in range(3)
]
self.user_grade_low = UserGradeFactory(
username=self.MOCK_USER_DATA['username'],
course_run=self.course_runs[0],
letter_grade='A',
percent_grade=0.70)
self.user_grade_high = UserGradeFactory(
username=self.MOCK_USER_DATA['username'],
course_run=self.course_runs[1],
letter_grade='C',
percent_grade=1.00)
self.user_grade_revoked_cert = UserGradeFactory(
username=self.MOCK_USER_DATA['username'],
course_run=self.course_runs[2],
letter_grade='B',
percent_grade=.80)
self.course_certs = [
CourseCertificateFactory(course_id=course_run.key, site=self.site)
for course_run in self.course_runs
]
self.credential_content_type = ContentType.objects.get(
app_label='credentials', model='coursecertificate')
self.user_credentials = [
UserCredentialFactory(
username=self.MOCK_USER_DATA['username'],
credential_content_type=self.credential_content_type,
credential=course_cert) for course_cert in self.course_certs
]
self.user_credentials[2].status = UserCredential.REVOKED
self.org_names = ['CCC', 'AAA', 'BBB']
self.orgs = [
OrganizationFactory(name=name, site=self.site)
for name in self.org_names
]
self.program = ProgramFactory(course_runs=self.course_runs,
authoring_organizations=self.orgs,
site=self.site)
def setUp(self):
super(CertificateIssuerBase, self).setUp()
self.certificate = self.cert_factory.create()
self.username = '******'
self.user = UserFactory(username=self.username)
self.user_cred = self.issuer.issue_credential(self.certificate, self.username)
self.attributes = [{"name": "whitelist_reason", "value": "Reason for whitelisting."}]
def test_superuser_required(self):
""" Verify the view is not accessible to non-superusers. """
self.client.logout()
user = UserFactory()
self.client.login(username=user.username, password=USER_PASSWORD)
response = self.client.get(self.path)
self.assertEqual(response.status_code, 302)
def setUp(self):
super().setUp()
self.user = UserFactory()
self.user.groups.add(Group.objects.get(name=Role.ADMINS))
self.client.force_authenticate(self.user)
self.request = APIRequestFactory().get("/")
def test_auth(self):
""" Verify the endpoint only works with the service worker """
data = {
"username_mappings": [
{
"test_username_1": "test_new_username_1"
},
{
"test_username_2": "test_new_username_2"
},
]
}
# Test unauthenticated
response = self.client.post(self.url)
self.assertEqual(response.status_code, 401)
# Test non-service worker
random_user = UserFactory()
response = self.call_api(random_user, data)
self.assertEqual(response.status_code, 403)
# Test service worker
response = self.call_api(self.service_user, data)
self.assertEqual(response.status_code, 200)
def setUp(self):
super(CredentialViewSetTestsMixin, self).setUp()
self.user = UserFactory()
self.user.groups.add(Group.objects.get(name=Role.ADMINS))
self.client.force_authenticate(self.user)
self.request = APIRequestFactory().get('/')
def setUp(self):
super().setUp()
dump_random_state()
user = UserFactory(username=self.USERNAME)
self.client.login(username=user.username, password=USER_PASSWORD)
self.program = ProgramFactory(site=self.site)
def assert_permission_required(self, data):
"""
Ensure access to these APIs is restricted to those with explicit model
permissions.
"""
self.client.force_authenticate(user=UserFactory())
response = self.client.get(self.list_path, data)
self.assertEqual(response.status_code, 403)
def setUp(self):
self.site = SiteFactory()
self.program = ProgramFactory(site=self.site)
self.certificate = self.cert_factory.create(program_uuid=self.program.uuid, site=self.site)
self.username = '******'
self.user = UserFactory(username=self.username)
self.user_cred = self.issuer.issue_credential(self.certificate, self.username)
self.attributes = [{"name": "whitelist_reason", "value": "Reason for whitelisting."}]
def test_issue_credential_with_attributes(self):
"""Verify credentials can be issued with attributes."""
UserFactory(username="******")
user_credential = self.issuer.issue_credential(
self.certificate, "testuser2", attributes=self.attributes)
self._assert_usercredential_fields(user_credential, self.certificate,
"testuser2", "awarded",
self.attributes)
def setUp(self):
super().setUp()
self.user = UserFactory(username=self.USERNAME)
self.client.login(username=self.user.username, password=USER_PASSWORD)
self.program = None
self.program_cert = None
mail.outbox = []
def test_sharing_bar_with_staff_user(self):
""" Verify that the view renders certificate with sharing bar. """
self.client.logout()
staff_user = UserFactory(is_staff=True)
self.client.login(username=staff_user.username, password=USER_PASSWORD)
response = self._render_user_credential()
self.assertContains(response, "Print or share your certificate")
def test_different_user(self):
""" Verify that the view rejects a User attempting to send a program """
diff_username = "******"
UserFactory(username=diff_username)
self.data["username"] = diff_username
response = self.post()
self.assertEqual(response.status_code, 403)
def setUp(self):
super().setUp()
user = UserFactory(username=self.USERNAME)
self.client.login(username=user.username, password=USER_PASSWORD)
self.user_credential = UserCredentialFactory(username=self.USERNAME)
self.pc = ProgramCertificateFactory()
self.user_credential.credential = self.pc
self.user_credential.save()
def test_get_full_name(self):
""" Test that the user model concatenates first and last name if the full name is not set. """
full_name = "George Costanza"
user = UserFactory(full_name=full_name)
self.assertEqual(user.get_full_name(), full_name)
first_name = "Jerry"
last_name = "Seinfeld"
user = UserFactory(full_name=None, first_name=first_name, last_name=last_name)
expected = f"{first_name} {last_name}"
self.assertEqual(user.get_full_name(), expected)
user = UserFactory(full_name=full_name, first_name=first_name, last_name=last_name)
self.assertEqual(user.get_full_name(), full_name)
def test_authentication(self):
""" Verify the endpoint requires an authenticated user. """
self.client.logout()
response = self.client.post(self.list_path, data=json.dumps(self.data), content_type=JSON_CONTENT_TYPE)
self.assertEqual(response.status_code, 401)
superuser = UserFactory(is_staff=True, is_superuser=True)
self.authenticate_user(superuser)
response = self.client.post(self.list_path, data=json.dumps(self.data), content_type=JSON_CONTENT_TYPE)
self.assertEqual(response.status_code, 201)
def make_user(self, group=None, perm=None, **kwargs):
""" DRY helper to create users with specific groups and/or permissions. """
user = UserFactory(**kwargs)
if group:
user.groups.add(Group.objects.get(name=group))
if perm:
user.user_permissions.add(
Permission.objects.get(
codename='{}_usercredential'.format(perm)))
return user
def test_authentication(self):
""" Verify the endpoint requires an authenticated user. """
self.client.logout()
response = self.client.get(self.list_path)
self.assertEqual(response.status_code, 401)
superuser = UserFactory(is_staff=True, is_superuser=True)
self.authenticate_user(superuser)
response = self.client.get(self.list_path)
self.assertEqual(response.status_code, 200)
def test_different_user_creation(self):
""" Verify that the view rejects a User attempting to create a ProgramCertRecord for another """
diff_username = "******"
rev = reverse("records:share_program", kwargs={"uuid": self.program.uuid.hex})
UserFactory(username=diff_username)
data = {"username": diff_username}
jdata = json.dumps(data).encode("utf-8")
response = self.client.post(rev, data=jdata, content_type=JSON_CONTENT_TYPE)
self.assertEqual(response.status_code, 403)
def setUp(self):
super(GradeViewSetTests, self).setUp()
self.user = UserFactory()
self.course = CourseFactory(site=self.site)
self.course_run = CourseRunFactory(course=self.course)
self.data = {
'username': '******',
'course_run': self.course_run.key,
'letter_grade': 'A',
'percent_grade': 0.9,
'verified': True,
}
def test_different_user_creation(self):
""" Verify that the view rejects a User attempting to create a ProgramCertRecord for another """
diff_username = '******'
rev = reverse('records:cert_creation')
UserFactory(username=diff_username)
data = {
'username': diff_username,
'program_cert_uuid': self.pc.program_uuid
}
response = self.client.post(rev, data)
self.assertEqual(response.status_code, 403)
def setUp(self):
super().setUp()
self.user = UserFactory()
self.course = CourseFactory(site=self.site)
self.course_run = CourseRunFactory(course=self.course)
self.data = {
"username": "******",
"course_run": self.course_run.key,
"letter_grade": "A",
"percent_grade": 0.9,
"verified": True,
}
def test_staff_override(self):
""" Verify a superuser does not get throttled for lower rate. """
list_path = reverse('api:v2:credentials-list')
superuser = UserFactory(is_staff=True, is_superuser=True)
self.authenticate_user(superuser)
# All requests up to the rate limit should be acceptable
self.hit_rate_limit('credential_view', list_path)
# Request after lower limit should still be acceptable for a superuser
response = self.client.get(list_path)
self.assertEqual(response.status_code, 200)
def setUp(self):
super().setUp()
self.program_certificate = factories.ProgramCertificateFactory(site=self.site)
self.signatory_1 = factories.SignatoryFactory()
self.signatory_2 = factories.SignatoryFactory()
self.program_certificate.signatories.add(self.signatory_1, self.signatory_2)
self.user_credential = factories.UserCredentialFactory(
username=self.MOCK_USER_DATA['username'], credential=self.program_certificate
)
self.platform_name = self.site.siteconfiguration.platform_name
user = UserFactory(username=self.MOCK_USER_DATA['username'])
self.client.login(username=user.username, password=USER_PASSWORD)
def setUp(self):
super().setUp()
dump_random_state()
self.user = UserFactory(username=self.MOCK_USER_DATA["username"], is_staff=True)
self.orgs = [OrganizationFactory.create(name=name, site=self.site) for name in ["TestOrg1", "TestOrg2"]]
self.course = CourseFactory.create(site=self.site)
self.course_runs = CourseRunFactory.create_batch(2, course=self.course)
self.program = ProgramFactory(
title="TestProgram1", course_runs=self.course_runs, authoring_organizations=self.orgs, site=self.site
)
self.course_certs = [
CourseCertificateFactory.create(
course_id=course_run.key,
site=self.site,
)
for course_run in self.course_runs
]
self.program_cert = ProgramCertificateFactory.create(program_uuid=self.program.uuid, site=self.site)
self.course_credential_content_type = ContentType.objects.get(
app_label="credentials", model="coursecertificate"
)
self.program_credential_content_type = ContentType.objects.get(
app_label="credentials", model="programcertificate"
)
self.course_user_credentials = [
UserCredentialFactory.create(
username=self.user.username,
credential_content_type=self.course_credential_content_type,
credential=course_cert,
)
for course_cert in self.course_certs
]
self.program_user_credentials = UserCredentialFactory.create(
username=self.user.username,
credential_content_type=self.program_credential_content_type,
credential=self.program_cert,
)
self.client.login(username=self.user.username, password=USER_PASSWORD)
def test_required_claims(self, claim):
"""
Verify that tokens that do not carry 'exp' or 'iat' claims are rejected
"""
authentication = JwtAuthentication()
user = UserFactory()
jwt_payload = self.default_payload(user)
del jwt_payload[claim]
jwt_value = self.generate_token(jwt_payload)
request = APIRequestFactory().get(
'dummy', HTTP_AUTHORIZATION=f'JWT {jwt_value}')
with self.assertRaises(AuthenticationFailed):
authentication.authenticate(request)
def setUp(self):
super().setUp()
dump_random_state()
self.user = UserFactory(username=self.USERNAME)
self.client.login(username=self.user.username, password=USER_PASSWORD)
self.program = ProgramFactory(site=self.site)
self.pathway = PathwayFactory(site=self.site, programs=[self.program])
self.pc = ProgramCertificateFactory(site=self.site, program_uuid=self.program.uuid)
self.pcr = ProgramCertRecordFactory(program=self.program, user=self.user)
self.data = {'username': self.USERNAME, 'pathway_id': self.pathway.id}
self.url = reverse('records:share_program', kwargs={'uuid': self.program.uuid.hex})
mail.outbox = []
def setUp(self):
super(UserCredentialViewSetTests, self).setUp()
self.user = UserFactory()
self.client.force_authenticate(self.user)
self.program_cert = factories.ProgramCertificateFactory()
self.program_id = self.program_cert.program_id
self.user_credential = factories.UserCredentialFactory.create(
credential=self.program_cert)
self.user_credential_attribute = factories.UserCredentialAttributeFactory.create(
user_credential=self.user_credential)
self.username = "******"
self.request = APIRequestFactory().get('/')
def setUp(self):
self.user = UserFactory.create()
super(TestPipelineUserRoles, self).setUp()
