def test_is_internal_user(self):
""" Verify the function returns a boolean indicating if the user
is a member of the internal user group.
"""
self.assertFalse(is_internal_user(self.user))
internal_user_group = Group.objects.get(name=INTERNAL_USER_GROUP_NAME)
self.user.groups.add(internal_user_group)
self.assertTrue(is_internal_user(self.user))
def test_is_internal_user(self):
""" Verify the function returns a boolean indicating if the user
is a member of the internal user group.
"""
self.assertFalse(is_internal_user(self.user))
internal_user_group = Group.objects.get(name=INTERNAL_USER_GROUP_NAME)
self.user.groups.add(internal_user_group)
self.assertTrue(is_internal_user(self.user))
def get_queryset(self):
user = self.request.user
if is_publisher_admin(user):
courses = Course.objects.all()
elif is_internal_user(user):
courses = Course.objects.filter(course_user_roles__user=user).distinct()
else:
courses = get_objects_for_user(user, Course.VIEW_PERMISSION, Course)
return courses
def get_queryset(self):
user = self.request.user
if is_publisher_admin(user):
course_runs = CourseRun.objects.select_related('course').all()
elif is_internal_user(user):
internal_user_courses = Course.objects.filter(course_user_roles__user=user)
course_runs = CourseRun.objects.filter(course__in=internal_user_courses).select_related('course').all()
else:
# in future we will change permission from course to OrganizationExtension model
courses = get_objects_for_user(user, Course.VIEW_PERMISSION, Course)
course_runs = CourseRun.objects.filter(course__in=courses).select_related('course').all()
return course_runs
def get_courses(user, queryset=None):
if queryset is None:
queryset = Course.objects.all()
if is_publisher_admin(user):
return queryset
elif is_internal_user(user):
return queryset.filter(course_user_roles__user=user).distinct()
else:
organizations = get_objects_for_user(
user,
OrganizationExtension.VIEW_COURSE,
OrganizationExtension,
use_groups=True,
with_superuser=False).values_list('organization')
return queryset.filter(organizations__in=organizations)
def get_queryset(self):
user = self.request.user
if is_publisher_admin(user):
courses = Course.objects.all()
elif is_internal_user(user):
courses = Course.objects.filter(
course_user_roles__user=user).distinct()
else:
organizations = get_objects_for_user(
user,
OrganizationExtension.VIEW_COURSE,
OrganizationExtension,
use_groups=True,
with_superuser=False).values_list('organization')
courses = Course.objects.filter(organizations__in=organizations)
return courses
def __init__(self, *args, **kwargs):
# In case of edit mode pre-populate the drop-downs
user = kwargs.pop('user', None)
organization = kwargs.pop('organization', None)
if organization:
org_extension = OrganizationExtension.objects.get(organization=organization)
self.declared_fields['team_admin'].queryset = User.objects.filter(
groups__name=org_extension.group
).order_by('full_name', 'username')
if user:
self.declared_fields['organization'].queryset = get_user_organizations(user)
self.declared_fields['team_admin'].widget.attrs = {'data-user': user.id}
super(CourseForm, self).__init__(*args, **kwargs)
if user and not is_internal_user(user):
self.fields['video_link'].widget = forms.HiddenInput()
def get_context_data(self, **kwargs):
context = super(CourseRunDetailView, self).get_context_data(**kwargs)
user = self.request.user
course_run = CourseRunWrapper(self.get_object())
context['object'] = course_run
context['comment_object'] = course_run.course
context['can_edit'] = any(
[user.has_perm(OrganizationExtension.EDIT_COURSE_RUN, org.organization_extension)
for org in course_run.course.organizations.all()]
)
# Show role assignment widgets if user is an internal user.
if is_internal_user(user):
course_roles = course_run.course.course_user_roles.exclude(role=PublisherUserRole.CourseTeam)
context['role_widgets'] = self.get_role_widgets_data(course_roles)
context['user_list'] = get_internal_users()
return context
def get_queryset(self):
if self.q:
user = self.request.user
if is_publisher_admin(user):
qs = Course.objects.filter(title__icontains=self.q)
elif is_internal_user(user):
qs = Course.objects.filter(title__icontains=self.q, course_user_roles__user=user).distinct()
else:
organizations = get_objects_for_user(
user,
OrganizationExtension.VIEW_COURSE,
OrganizationExtension,
use_groups=True,
with_superuser=False
).values_list('organization')
qs = Course.objects.filter(title__icontains=self.q, organizations__in=organizations)
return qs
return []
def has_object_permission(self, request, view, obj):
return is_internal_user(request.user)
def check_roles_access(user):
""" Return True if user is part of a role that gives implicit access. """
return is_publisher_admin(user) or is_internal_user(user)
def get_course_role_widgets_data(user, course, state_object, change_state_url):
""" Create role widgets list for course user roles. """
role_widgets = []
for course_role in course.course_user_roles.order_by('role'):
role_widget = {
'course_role':
course_role,
'heading':
ROLE_WIDGET_HEADINGS.get(course_role.role),
'change_state_url':
reverse(change_state_url, kwargs={'pk': state_object.id})
}
if is_internal_user(user):
role_widget['user_list'] = get_internal_users()
if course_role.role != PublisherUserRole.CourseTeam:
role_widget['can_change_role_assignment'] = True
if course_role.role == PublisherUserRole.CourseTeam:
role_widget[
'user_list'] = course.organization_extension.group.user_set.all(
)
if user.groups.filter(
name=course.organization_extension.group).exists():
role_widget['can_change_role_assignment'] = True
if state_object.owner_role == course_role.role:
if state_object.owner_role_modified:
role_widget['ownership'] = timezone.now(
) - state_object.owner_role_modified
if user == course_role.user:
role_widget['state_button'] = STATE_BUTTONS.get(
state_object.name)
if state_object.name == CourseStateChoices.Draft and not state_object.can_send_for_review(
):
role_widget['button_disabled'] = True
if course_role.role in [
PublisherUserRole.CourseTeam,
PublisherUserRole.MarketingReviewer
]:
if state_object.name == CourseStateChoices.Approved and course_role.role == state_object.approved_by_role:
history_record = state_object.history.filter(
name=CourseStateChoices.Approved).order_by(
'-modified').first()
if history_record:
role_widget['reviewed'] = history_record.modified
elif ((state_object.name != CourseStateChoices.Draft
and course_role.role != state_object.owner_role)
or state_object.name == CourseRunStateChoices.Approved):
history_record = state_object.history.filter(
name=CourseStateChoices.Review).order_by(
'-modified').first()
if history_record:
role_widget['sent_for_review'] = history_record.modified
role_widgets.append(role_widget)
return role_widgets
def has_object_permission(self, request, view, obj):
return is_internal_user(request.user)