def test_notes_and_notify_ta_pperm_masked_profile(self): # add view_participant_masked_profile pperm to ta pp = ParticipationPermission( participation=self.ta_participation, permission=pperm.view_participant_masked_profile) pp.save() self.ta_participation.individual_permissions.set([pp]) grade_data_extra_kwargs = { "notes": 'test notes', "notify_instructor": "on" } with self.temporarily_switch_to_user(self.ta_participation.user): self.submit_page_human_grading_by_page_id_and_test( self.page_id, grade_data_extra_kwargs=grade_data_extra_kwargs, force_login_instructor=False) self.assertEqual(len(mail.outbox), 1) self.assertIn(self.course.notify_email, mail.outbox[0].recipients()) # make sure the name (appellation) not in the email body, # the masked one is used instead self.assertNotIn( self.student_participation.user.get_email_appellation(), mail.outbox[0].body) self.assertIn(self.student_participation.user.get_masked_profile(), mail.outbox[0].body)
def test_notes_and_notify_ta_pperm_masked_profile(self): # add view_participant_masked_profile pperm to ta pp = ParticipationPermission( participation=self.ta_participation, permission=pperm.view_participant_masked_profile ) pp.save() self.ta_participation.individual_permissions.set([pp]) grade_data_extra_kwargs = { "notes": 'test notes', "notify_instructor": "on"} with self.temporarily_switch_to_user(self.ta_participation.user): self.submit_page_human_grading_by_page_id_and_test( self.page_id, grade_data_extra_kwargs=grade_data_extra_kwargs, force_login_instructor=False) self.assertEqual(len(mail.outbox), 1) self.assertIn(self.course.notify_email, mail.outbox[0].recipients()) # make sure the name (appellation) not in the email body, # the masked one is used instead self.assertNotIn( self.student_participation.user.get_email_appellation(), mail.outbox[0].body) self.assertIn( self.student_participation.user.get_masked_profile(), mail.outbox[0].body)
def test_feedback_and_notify_instructor_pperm_masked_profile(self): # add view_participant_masked_profile pperm to instructor pp = ParticipationPermission( participation=self.instructor_participation, permission=pperm.view_participant_masked_profile) pp.save() self.instructor_participation.individual_permissions.set([pp]) grade_data_extra_kwargs = { "feedback_text": 'test feedback', "notify": "on" } self.submit_page_human_grading_by_page_id_and_test( self.page_id, grade_data_extra_kwargs=grade_data_extra_kwargs) self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].reply_to, []) # Instructor also get the feedback email self.assertIn(self.course.notify_email, mail.outbox[0].recipients()) # make sure the name (appellation) not in the email body, not the masked one self.assertNotIn( self.student_participation.user.get_email_appellation(), mail.outbox[0].body) self.assertNotIn(self.student_participation.user.get_masked_profile(), mail.outbox[0].body) self.assertIn("Dear user", mail.outbox[0].body)
def test_feedback_and_notify_instructor_pperm_masked_profile(self): # add view_participant_masked_profile pperm to instructor pp = ParticipationPermission( participation=self.instructor_participation, permission=pperm.view_participant_masked_profile ) pp.save() self.instructor_participation.individual_permissions.set([pp]) grade_data_extra_kwargs = { "feedback_text": 'test feedback', "notify": "on"} self.submit_page_human_grading_by_page_id_and_test( self.page_id, grade_data_extra_kwargs=grade_data_extra_kwargs) self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].reply_to, []) # Instructor also get the feedback email self.assertIn(self.course.notify_email, mail.outbox[0].recipients()) # make sure the name (appellation) not in the email body, not the masked one self.assertNotIn( self.student_participation.user.get_email_appellation(), mail.outbox[0].body) self.assertNotIn( self.student_participation.user.get_masked_profile(), mail.outbox[0].body) self.assertIn("Dear user", mail.outbox[0].body)
def test_participation_with_update_permission(self): # Just to make sure it won't fail, Todo: assersion on form kwargs from course.models import ParticipationPermission pp = ParticipationPermission(participation=self.student_participation, permission=pperm.update_content) pp.save() self.student_participation.individual_permissions.set([pp]) with self.temporarily_switch_to_user(self.student_participation.user): for command in versioning.ALLOWED_COURSE_REVISIOIN_COMMANDS: resp = self.post_update_course_content( "some_commit_sha", command=command, force_login_instructor=False) self.assertEqual(resp.status_code, 200, command)
def test_participation_with_update_permission(self): # Just to make sure it won't fail, Todo: assersion on form kwargs from course.models import ParticipationPermission pp = ParticipationPermission( participation=self.student_participation, permission=pperm.update_content) pp.save() self.student_participation.individual_permissions.set([pp]) with self.temporarily_switch_to_user(self.student_participation.user): for command in versioning.ALLOWED_COURSE_REVISIOIN_COMMANDS: resp = self.post_update_course_content( "some_commit_sha", command=command, force_login_instructor=False) self.assertEqual(resp.status_code, 200, command)
def save(self): # type: () -> Participation inst = super(EditParticipationForm, self).save() (ParticipationPermission.objects.filter( participation=self.instance).delete()) pps = [] for perm in self.cleaned_data["individual_permissions"]: pp = ParticipationPermission(participation=self.instance, permission=perm) pp.save() pps.append(pp) self.instance.individual_permissions.set(pps) return inst
def save(self): # type: () -> None super(EditParticipationForm, self).save() (ParticipationPermission.objects .filter(participation=self.instance) .delete()) pps = [] for perm in self.cleaned_data["individual_permissions"]: pp = ParticipationPermission( participation=self.instance, permission=perm) pp.save() pps.append(pp) self.instance.individual_permissions.set(pps)
def test_no_perm_to_post_grade(self): some_user = factories.UserFactory() his_participation = factories.ParticipationFactory(user=some_user, course=self.course) from course.models import ParticipationPermission pp = ParticipationPermission(participation=his_participation, permission=pperm.view_gradebook) pp.save() his_participation.individual_permissions.set([pp]) with self.temporarily_switch_to_user(some_user): resp = self.c.get( self.get_page_grading_url_by_page_id(self.page_id)) self.assertEqual(resp.status_code, 200) grade_data = {"grade_points": "4", "released": "on"} resp = self.post_grade_by_page_id(self.page_id, grade_data, force_login_instructor=False) self.assertEqual(resp.status_code, 403)
def test_no_perm_to_post_grade(self): some_user = factories.UserFactory() his_participation = factories.ParticipationFactory( user=some_user, course=self.course) from course.models import ParticipationPermission pp = ParticipationPermission( participation=his_participation, permission=pperm.view_gradebook ) pp.save() his_participation.individual_permissions.set([pp]) with self.temporarily_switch_to_user(some_user): resp = self.c.get( self.get_page_grading_url_by_page_id(self.page_id)) self.assertEqual(resp.status_code, 200) grade_data = { "grade_points": "4", "released": "on" } resp = self.post_grade_by_page_id( self.page_id, grade_data, force_login_instructor=False) self.assertEqual(resp.status_code, 403)
def test_course_not_none_check_attributes_yml(self): # This test check_attributes_yml args access_type # is generated with course-specific pperm.access_files_for user = factories.UserFactory() # {{{ create another course with different set of participation role # permission and participation permission another_course = factories.CourseFactory(identifier="another-course") another_course_prole = ParticipationRole( course=another_course, identifier="another_course_role", name="another_course_role") another_course_prole.save() another_course_participation = factories.ParticipationFactory( course=another_course, user=user) another_course_participation.roles.set([another_course_prole]) another_course_ppm_access_files_for_roles = "another_role" ParticipationPermission( participation=another_course_participation, permission=pperm.access_files_for, argument=another_course_ppm_access_files_for_roles).save() another_course_rpm_access_files_for_roles = "another_course_everyone" ParticipationRolePermission( role=another_course_prole, permission=pperm.access_files_for, argument=another_course_rpm_access_files_for_roles).save() self.assertTrue( another_course_participation.has_permission( pperm.access_files_for, argument=another_course_ppm_access_files_for_roles)) self.assertTrue( another_course_participation.has_permission( pperm.access_files_for, argument=another_course_rpm_access_files_for_roles)) # }}} # {{{ create for default test course extra participation role # permission and participation permission this_course_prole = ParticipationRole(course=self.course, identifier="another_course_role", name="another_course_role") this_course_prole.save() this_course_participation = factories.ParticipationFactory( course=self.course, user=user) this_course_participation.roles.set([this_course_prole]) this_course_ppm_access_files_for_roles = "this_course_some_role" ParticipationPermission( participation=this_course_participation, permission=pperm.access_files_for, argument=this_course_ppm_access_files_for_roles).save() this_course_rpm_access_files_for_roles = "this_course_everyone" ParticipationRolePermission( role=this_course_prole, permission=pperm.access_files_for, argument=this_course_rpm_access_files_for_roles).save() self.assertTrue( this_course_participation.has_permission( pperm.access_files_for, argument=this_course_ppm_access_files_for_roles)) self.assertTrue( this_course_participation.has_permission( pperm.access_files_for, argument=this_course_rpm_access_files_for_roles)) # }}} validation.validate_course_content(self.repo, course_file, events_file, validate_sha, course=self.course) self.assertEqual(self.mock_vctx_add_warning.call_count, 0) # check_attributes_yml is called self.assertEqual(self.mock_check_attributes_yml.call_count, 1) access_kinds = list(self.mock_check_attributes_yml.call_args[0][-1]) self.assertIn(this_course_ppm_access_files_for_roles, access_kinds) self.assertIn(this_course_rpm_access_files_for_roles, access_kinds) self.assertNotIn(another_course_ppm_access_files_for_roles, access_kinds) self.assertNotIn(another_course_rpm_access_files_for_roles, access_kinds)