def can_create_block(): """ Check if studio lets us make a new XBlock in the library """ response = self.client.ajax_post(reverse_url('xblock_handler'), { 'parent_locator': six.text_type(self.library.location), 'category': 'html', }) self.assertIn(response.status_code, (200, 403)) # 400 would be ambiguous return response.status_code == 200
def setUp(self): """ Create a staff user and log them in (creating the client). Create a pool of users w/o granting them any permissions """ user_password = super(TestCourseAccess, self).setUp() self.client = AjaxEnabledTestClient() self.client.login(username=self.user.username, password=user_password) # create a course via the view handler which has a different strategy for permissions than the factory self.course_key = SlashSeparatedCourseKey('myu', 'mydept.mycourse', 'myrun') course_url = reverse_url('course_handler') self.client.ajax_post( course_url, { 'org': self.course_key.org, 'number': self.course_key.course, 'display_name': 'My favorite course', 'run': self.course_key.run, }, ) self.users = self._create_users()
def test_duplicate_across_courses(self, library_role, course_role, expected_result): """ Test that the REST API will correctly allow/refuse when copying from a library with (write, read, or no) access to a course with (write or no) access. """ # As staff user, add a block to self.library: block = self._add_simple_content_block() # And create a course: with modulestore().default_store(ModuleStoreEnum.Type.split): course = CourseFactory.create() self._login_as_non_staff_user() # Assign roles: if library_role: library_role(self.lib_key).add_users(self.non_staff_user) if course_role: course_role(course.location.course_key).add_users(self.non_staff_user) # Copy block to the course: response = self.client.ajax_post( reverse_url("xblock_handler"), {"parent_locator": unicode(course.location), "duplicate_source_locator": unicode(block.location)}, ) self.assertIn(response.status_code, (200, 403)) # 400 would be ambiguous duplicate_action_allowed = response.status_code == 200 self.assertEqual(duplicate_action_allowed, expected_result)
def test_duplicate_across_courses(self, library_role, course_role, expected_result): """ Test that the REST API will correctly allow/refuse when copying from a library with (write, read, or no) access to a course with (write or no) access. """ # As staff user, add a block to self.library: block = self._add_simple_content_block() # And create a course: with modulestore().default_store(ModuleStoreEnum.Type.split): course = CourseFactory.create() self._login_as_non_staff_user() # Assign roles: if library_role: library_role(self.lib_key).add_users(self.non_staff_user) if course_role: course_role(course.location.course_key).add_users( self.non_staff_user) # Copy block to the course: response = self.client.ajax_post( reverse_url('xblock_handler'), { 'parent_locator': unicode(course.location), 'duplicate_source_locator': unicode(block.location), }) self.assertIn(response.status_code, (200, 403)) # 400 would be ambiguous duplicate_action_allowed = (response.status_code == 200) self.assertEqual(duplicate_action_allowed, expected_result)
def setUp(self): """ Create a staff user and log them in (creating the client). Create a pool of users w/o granting them any permissions """ user_password = super(TestCourseAccess, self).setUp() self.client = AjaxEnabledTestClient() self.client.login(username=self.user.username, password=user_password) # create a course via the view handler which has a different strategy for permissions than the factory self.course_key = self.store.make_course_key("myu", "mydept.mycourse", "myrun") course_url = reverse_url("course_handler") self.client.ajax_post( course_url, { "org": self.course_key.org, "number": self.course_key.course, "display_name": "My favorite course", "run": self.course_key.run, }, ) self.users = self._create_users()
def setUp(self): """ Create a staff user and log them in (creating the client). Create a pool of users w/o granting them any permissions """ super(TestCourseAccess, self).setUp() self.client = AjaxEnabledTestClient() self.client.login(username=self.user.username, password=self.user_password) # create a course via the view handler which has a different strategy for permissions than the factory self.course_key = self.store.make_course_key('myu', 'mydept.mycourse', 'myrun') course_url = reverse_url('course_handler') self.client.ajax_post( course_url, { 'org': self.course_key.org, 'number': self.course_key.course, 'display_name': 'My favorite course', 'run': self.course_key.run, }, ) self.users = self._create_users()
def test_contentstore_views_entrance_exam_post_new_sequential_confirm_grader( self): """ Unit Test: test_contentstore_views_entrance_exam_post """ resp = self.client.post(self.exam_url, {}, http_accept='application/json') self.assertEqual(resp.status_code, 201) resp = self.client.get(self.exam_url) self.assertEqual(resp.status_code, 200) # Reload the test course now that the exam module has been added self.course = modulestore().get_course(self.course.id) # Add a new child sequential to the exam module # Confirm that the grader type is 'Entrance Exam' chapter_locator_string = json.loads( resp.content.decode('utf-8')).get('locator') # chapter_locator = UsageKey.from_string(chapter_locator_string) seq_data = { 'category': "sequential", 'display_name': "Entrance Exam Subsection", 'parent_locator': chapter_locator_string, } resp = self.client.ajax_post(reverse_url('xblock_handler'), seq_data) seq_locator_string = json.loads( resp.content.decode('utf-8')).get('locator') seq_locator = UsageKey.from_string(seq_locator_string) section_grader_type = CourseGradingModel.get_section_grader_type( seq_locator) self.assertEqual(GRADER_TYPES['ENTRANCE_EXAM'], section_grader_type['graderType'])
def test_contentstore_views_entrance_exam_post_new_sequential_confirm_grader(self): """ Unit Test: test_contentstore_views_entrance_exam_post """ resp = self.client.post(self.exam_url, {}, http_accept='application/json') self.assertEqual(resp.status_code, 201) resp = self.client.get(self.exam_url) self.assertEqual(resp.status_code, 200) # Reload the test course now that the exam module has been added self.course = modulestore().get_course(self.course.id) # Add a new child sequential to the exam module # Confirm that the grader type is 'Entrance Exam' chapter_locator_string = json.loads(resp.content).get('locator') # chapter_locator = UsageKey.from_string(chapter_locator_string) seq_data = { 'category': "sequential", 'display_name': "Entrance Exam Subsection", 'parent_locator': chapter_locator_string, } resp = self.client.ajax_post(reverse_url('xblock_handler'), seq_data) seq_locator_string = json.loads(resp.content).get('locator') seq_locator = UsageKey.from_string(seq_locator_string) section_grader_type = CourseGradingModel.get_section_grader_type(seq_locator) self.assertEqual(GRADER_TYPES['ENTRANCE_EXAM'], section_grader_type['graderType'])
def setUp(self): """ Create a staff user and log them in (creating the client). Create a pool of users w/o granting them any permissions """ user_password = super(TestCourseAccess, self).setUp() self.client = AjaxEnabledTestClient() self.client.login(username=self.user.username, password=user_password) # create a course via the view handler which has a different strategy for permissions than the factory self.course_key = self.store.make_course_key('myu', 'mydept.mycourse', 'myrun') course_url = reverse_url('course_handler') with mock.patch.dict('django.conf.settings.FEATURES', {"DEFAULT_STORE_FOR_NEW_COURSE": None}): self.client.ajax_post( course_url, { 'org': self.course_key.org, 'number': self.course_key.course, 'display_name': 'My favorite course', 'run': self.course_key.run, } ) self.users = self._create_users()
def can_create_block(): """ Check if studio lets us make a new XBlock in the library """ response = self.client.ajax_post( reverse_url("xblock_handler"), {"parent_locator": unicode(self.library.location), "category": "html"} ) self.assertIn(response.status_code, (200, 403)) # 400 would be ambiguous return response.status_code == 200
def can_copy_block(): """ Check if studio lets us duplicate the XBlock in the library """ response = self.client.ajax_post( reverse_url("xblock_handler"), {"parent_locator": unicode(self.library.location), "duplicate_source_locator": unicode(block.location)}, ) self.assertIn(response.status_code, (200, 403)) # 400 would be ambiguous return response.status_code == 200
def can_copy_block(): """ Check if studio lets us duplicate the XBlock in the library """ response = self.client.ajax_post(reverse_url('xblock_handler'), { 'parent_locator': six.text_type(self.library.location), 'duplicate_source_locator': six.text_type(block.location), }) self.assertIn(response.status_code, (200, 403)) # 400 would be ambiguous return response.status_code == 200
def _create_course_with_given_location(self, course_key): """ Create course at provided location """ resp = self.client.ajax_post( reverse_url("course_handler"), {"org": course_key.org, "number": course_key.course, "display_name": "test course", "run": course_key.run}, ) return resp
def _create_course_with_given_location(self, course_key): """ Create course at provided location """ resp = self.client.ajax_post( reverse_url('course_handler'), { 'org': course_key.org, 'number': course_key.course, 'display_name': 'test course', 'run': course_key.run, }) return resp
def _create_course_with_given_location(self, course_key): """ Create course at provided location """ resp = self.client.ajax_post( reverse_url('course_handler'), { 'org': course_key.org, 'number': course_key.course, 'display_name': 'test course', 'run': course_key.run, } ) return resp
def _create_course_with_given_location(self, course_key): """ Create course at provided location """ with mock.patch.dict('django.conf.settings.FEATURES', {"DEFAULT_STORE_FOR_NEW_COURSE": None}): resp = self.client.ajax_post( reverse_url('course_handler'), { 'org': course_key.org, 'number': course_key.course, 'display_name': 'test course', 'run': course_key.run, } ) return resp
def setUp(self): """ Create a staff user and log them in (creating the client). Create a pool of users w/o granting them any permissions """ super(TestCourseAccess, self).setUp() uname = "testuser" email = "*****@*****.**" password = "******" # Create the use so we can log them in. self.user = User.objects.create_user(uname, email, password) # Note that we do not actually need to do anything # for registration if we directly mark them active. self.user.is_active = True # Staff has access to view all courses self.user.is_staff = True self.user.save() self.client = AjaxEnabledTestClient() self.client.login(username=uname, password=password) # create a course via the view handler which has a different strategy for permissions than the factory self.course_key = SlashSeparatedCourseKey("myu", "mydept.mycourse", "myrun") course_url = reverse_url("course_handler") self.client.ajax_post( course_url, { "org": self.course_key.org, "number": self.course_key.course, "display_name": "My favorite course", "run": self.course_key.run, }, ) self.users = self._create_users()
def _rerun_course(request, destination_course_key, fields): """ Reruns an existing course. Returns the URL for the course listing page. """ source_course_key = CourseKey.from_string(request.json.get('source_course_key')) # verify user has access to the original course if not has_course_access(request.user, source_course_key): raise PermissionDenied() # Make sure user has instructor and staff access to the destination course # so the user can see the updated status for that course add_instructor(destination_course_key, request.user, request.user) # Mark the action as initiated CourseRerunState.objects.initiated(source_course_key, destination_course_key, request.user) # Rerun the course as a new celery task rerun_course.delay(source_course_key, destination_course_key, request.user.id, fields) # Return course listing page return JsonResponse({'url': reverse_url('course_handler')})
def setUp(self): """ Create a staff user and log them in (creating the client). Create a pool of users w/o granting them any permissions """ super(TestCourseAccess, self).setUp() uname = 'testuser' email = '*****@*****.**' password = '******' # Create the use so we can log them in. self.user = User.objects.create_user(uname, email, password) # Note that we do not actually need to do anything # for registration if we directly mark them active. self.user.is_active = True # Staff has access to view all courses self.user.is_staff = True self.user.save() self.client = AjaxEnabledTestClient() self.client.login(username=uname, password=password) # create a course via the view handler which has a different strategy for permissions than the factory self.course_key = SlashSeparatedCourseKey('myu', 'mydept.mycourse', 'myrun') course_url = reverse_url('course_handler') self.client.ajax_post( course_url, { 'org': self.course_key.org, 'number': self.course_key.course, 'display_name': 'My favorite course', 'run': self.course_key.run, }) self.users = self._create_users()
def get_url(handler_name, key_value, key_name='usage_key_string', kwargs=None): """ Helper function for getting HTML for a page in Studio and checking that it does not error. """ return reverse_url(handler_name, key_name, key_value, kwargs)