def test_single_organization(self):
     """
     Ensure multiple orgs to be forbidden.
     """
     my_site = SiteFactory(domain='my_site.org')
     other_site = SiteFactory(domain='other_site.org')  # ensure no collision.
     my_org = OrganizationFactory.create(sites=[my_site])
     OrganizationFactory.create(sites=[other_site])  # ensure no collision.
     request = Mock(get_host=Mock(return_value=my_site.domain))
     assert my_org == get_current_organization(request)
Exemple #2
0
    def test_two_organizations(self):
        """
        Ensure multiple orgs to be forbidden.
        """
        site = SiteFactory.create(domain='my_site.org')
        OrganizationFactory.create_batch(2, sites=[site])
        request = Mock(site=site)

        with pytest.raises(Organization.MultipleObjectsReturned):
            get_current_organization(request)
Exemple #3
0
 def setup(self, client):
     client.defaults['SERVER_NAME'] = self.domain
     self.user = UserFactory.create(username='******')
     self.site = SiteFactory.create(domain=self.domain)
     self.my_org = OrganizationFactory.create(name='my_org', sites=[self.site])
     self.other_org = OrganizationFactory.create(name='other_org')
     self.staff = UserOrganizationMapping.objects.create(
         user=self.user,
         organization=self.my_org,
         is_amc_admin=True,
     )
     client.force_login(self.user)
Exemple #4
0
    def test_on_main_site_without_uuid_parameter(self, settings):
        """
        Non superusers shouldn't use the CAG on main site ( e.g. tahoe.appsembler.com/admin ).
        """
        main_site = SiteFactory.create(domain='main_site')
        settings.SITE_ID = main_site.id

        customer_site = SiteFactory.create(domain='customer_site')
        OrganizationFactory.create(sites=[customer_site
                                          ])  # Creates customer_org
        superuser = UserFactory.create(is_superuser=True)
        request = Mock(site=main_site, user=superuser, GET={})

        with pytest.raises(Organization.DoesNotExist,
                           match=r'Tahoe.*Should not find.*SITE_ID'):
            get_requested_organization(request)
Exemple #5
0
    def test_on_customer_site(self):
        """
        Customer sites can use CAG APIs.
        """
        site = SiteFactory.create(domain='my_site.org')
        expected_org = OrganizationFactory.create(sites=[site])
        non_superuser = UserFactory.create()
        request = Mock(site=site, user=non_superuser, GET={})

        requested_org = get_requested_organization(request)
        assert requested_org == expected_org, 'Should return the site organization'
    def test_multiple_user_orgs(self, username, allow, log_call_count):
        """
        Prevent users from having multiple orgs.
        """
        self.request.user = get_user_model().objects.get(username=username)
        org2 = OrganizationFactory(sites=[self.site])
        UserOrganizationMapping.objects.create(user=self.request.user, organization=org2),

        with patch('course_access_groups.permissions.log') as mock_log:
            permission = IsSiteAdminUser().has_permission(self.request, None)
            assert mock_log.exception.call_count == log_call_count
        assert permission == allow, 'Incorrect permission for user: "******"'.format(username=username)
Exemple #7
0
    def test_allow_public_courses(self, default_has_access):
        """
        Public courses should be allowed to non-members.

        Via the `PublicCourse` model.
        """
        org = OrganizationFactory.create()
        OrganizationCourse.objects.create(course_id=str(self.course.id),
                                          organization=org)
        UserOrganizationMapping.objects.create(
            user=self.user,
            organization=org,
        )
        PublicCourseFactory.create(course=self.course)
        assert user_has_access(self.user, self.course, default_has_access,
                               {}) == default_has_access
Exemple #8
0
    def test_on_main_site_with_uuid_parameter(self, settings):
        """
        Superusers can use the `get_requested_organization` helper with `organization_uuid`.
        """
        main_site = SiteFactory.create(domain='main_site')
        settings.SITE_ID = main_site.id

        customer_site = SiteFactory.create(domain='customer_site')
        customer_org = OrganizationFactory.create(sites=[customer_site])
        superuser = UserFactory.create(is_superuser=True)
        request = Mock(site=main_site,
                       user=superuser,
                       GET={
                           'organization_uuid': customer_org.edx_uuid,
                       })

        requested_org = get_requested_organization(request)
        assert requested_org == customer_org, 'Should return the site organization'
Exemple #9
0
    def test_org_admins_have_access(self, default_has_access):
        """
        Organization-wide admins have access to all org courses.
        """
        user = UserFactory.create()
        organization = OrganizationFactory.create()
        OrganizationCourse.objects.create(course_id=str(self.course.id),
                                          organization=organization)
        UserOrganizationMapping.objects.create(
            user=user,
            organization=organization,
            is_amc_admin=True,
        )
        assert user_has_access(user, self.course, default_has_access,
                               {}) == default_has_access

        # Basic test for `is_organization_staff` to ensure `user.is_active` is respected.
        inactive = UserFactory.create(is_active=False)
        assert not user_has_access(inactive, self.course, default_has_access,
                                   {})
Exemple #10
0
 def setup(self, db, monkeypatch, standard_test_users):
     self.site = SiteFactory.create()
     self.organization = OrganizationFactory(sites=[self.site])
     self.callers = [
         UserFactory.create(username='******'),
         UserFactory.create(username='******'),
         UserFactory.create(username='******'),
     ]
     self.user_organization_mappings = [
         UserOrganizationMapping.objects.create(
             user=self.callers[0], organization=self.organization),
         UserOrganizationMapping.objects.create(
             user=self.callers[1],
             organization=self.organization,
             is_amc_admin=True)
     ]
     self.callers += standard_test_users
     self.request = APIRequestFactory().get('/')
     self.request.site = self.site
     monkeypatch.setattr(sites_shortcuts, 'get_current_site',
                         self.get_test_site)
Exemple #11
0
    def test_on_main_site_with_uuid_parameter_non_staff(self, settings):
        """
        Non superusers shouldn't be able to use the `organization_uuid` parameters.
        """
        main_site = SiteFactory.create(domain='main_site')
        settings.SITE_ID = main_site.id

        customer_site = SiteFactory.create(domain='customer_site')
        customer_org = OrganizationFactory.create(sites=[customer_site])
        non_superuser = UserFactory.create()
        request = Mock(site=main_site,
                       user=non_superuser,
                       GET={
                           'organization_uuid': customer_org.edx_uuid,
                       })

        with pytest.raises(
                PermissionDenied,
                match=r'Not permitted to use the `organization_uuid` parameter.'
        ):
            get_requested_organization(request)