def setUp(self):
super(ApiAccessRequestSignalTests, self).setUp()
self.user = UserFactory()
self.api_access_request = ApiAccessRequest(user=self.user,
site=SiteFactory())
self.send_new_pending_email_function = 'openedx.core.djangoapps.api_admin.models._send_new_pending_email'
self.send_decision_email_function = 'openedx.core.djangoapps.api_admin.models._send_decision_email'
def post(self, request):
"""
POST /api/user/v1/accounts/retire_misc/
{
'username': '******'
}
Retires the user with the given username in the LMS.
"""
username = request.data['username']
try:
retirement = UserRetirementStatus.get_retirement_for_retirement_action(
username)
RevisionPluginRevision.retire_user(retirement.user)
ArticleRevision.retire_user(retirement.user)
PendingNameChange.delete_by_user_value(retirement.user,
field='user')
PasswordHistory.retire_user(retirement.user.id)
course_enrollments = CourseEnrollment.objects.filter(
user=retirement.user)
ManualEnrollmentAudit.retire_manual_enrollments(
course_enrollments, retirement.retired_email)
CreditRequest.retire_user(retirement)
ApiAccessRequest.retire_user(retirement.user)
CreditRequirementStatus.retire_user(retirement)
# This signal allows code in higher points of LMS to retire the user as necessary
USER_RETIRE_LMS_MISC.send(sender=self.__class__,
user=retirement.user)
# This signal allows code in higher points of LMS to unsubscribe the user
# from various types of mailings.
USER_RETIRE_MAILINGS.send(sender=self.__class__,
email=retirement.original_email,
new_email=retirement.retired_email,
user=retirement.user)
except UserRetirementStatus.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
except RetirementStateError as exc:
return Response(text_type(exc), status=status.HTTP_400_BAD_REQUEST)
except Exception as exc: # pylint: disable=broad-except
return Response(text_type(exc),
status=status.HTTP_500_INTERNAL_SERVER_ERROR)
return Response(status=status.HTTP_204_NO_CONTENT)
def get(self, request):
"""
If the requesting user has already requested API access, redirect
them to the client creation page.
"""
if ApiAccessRequest.api_access_status(request.user) is not None:
return redirect(reverse('api_admin:api-status'))
return super(ApiRequestView, self).get(request)
def get(self, request): # lint-amnesty, pylint: disable=arguments-differ
"""
If the requesting user has already requested API access, redirect
them to the client creation page.
"""
if ApiAccessRequest.api_access_status(request.user) is not None:
return redirect(reverse('api_admin:api-status'))
return super(ApiRequestView, self).get(request) # lint-amnesty, pylint: disable=super-with-arguments
def get(self, request):
"""
If the requesting user has already requested API access, redirect
them to the client creation page.
"""
if ApiAccessRequest.api_access_status(request.user) is not None:
return redirect(reverse('api-status'))
return super(ApiRequestView, self).get(request)
def post(self, request):
"""
POST /api/user/v1/accounts/retire_misc/
{
'username': '******'
}
Retires the user with the given username in the LMS.
"""
username = request.data['username']
try:
retirement = UserRetirementStatus.get_retirement_for_retirement_action(username)
RevisionPluginRevision.retire_user(retirement.user)
ArticleRevision.retire_user(retirement.user)
PendingNameChange.delete_by_user_value(retirement.user, field='user')
PasswordHistory.retire_user(retirement.user.id)
course_enrollments = CourseEnrollment.objects.filter(user=retirement.user)
ManualEnrollmentAudit.retire_manual_enrollments(course_enrollments, retirement.retired_email)
CreditRequest.retire_user(retirement.original_username, retirement.retired_username)
ApiAccessRequest.retire_user(retirement.user)
CreditRequirementStatus.retire_user(retirement.user.username)
# This signal allows code in higher points of LMS to retire the user as necessary
USER_RETIRE_LMS_MISC.send(sender=self.__class__, user=retirement.user)
# This signal allows code in higher points of LMS to unsubscribe the user
# from various types of mailings.
USER_RETIRE_MAILINGS.send(
sender=self.__class__,
email=retirement.original_email,
new_email=retirement.retired_email,
user=retirement.user
)
except UserRetirementStatus.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
except RetirementStateError as exc:
return Response(text_type(exc), status=status.HTTP_400_BAD_REQUEST)
except Exception as exc: # pylint: disable=broad-except
return Response(text_type(exc), status=status.HTTP_500_INTERNAL_SERVER_ERROR)
return Response(status=status.HTTP_204_NO_CONTENT)
def post(self, request):
"""
POST /api/user/v1/accounts/retire_misc/
{
'username': '******'
}
Retires the user with the given username in the LMS.
"""
username = request.data['username']
if is_username_retired(username):
return Response(status=status.HTTP_404_NOT_FOUND)
try:
retirement = UserRetirementStatus.get_retirement_for_retirement_action(
username)
RevisionPluginRevision.retire_user(retirement.user)
ArticleRevision.retire_user(retirement.user)
PendingNameChange.delete_by_user_value(retirement.user,
field='user')
PasswordHistory.retire_user(retirement.user.id)
course_enrollments = CourseEnrollment.objects.filter(
user=retirement.user)
ManualEnrollmentAudit.retire_manual_enrollments(
course_enrollments, retirement.retired_email)
CreditRequest.retire_user(retirement.original_username,
retirement.retired_username)
ApiAccessRequest.retire_user(retirement.user)
CreditRequirementStatus.retire_user(retirement.user.username)
SurveyAnswer.retire_user(retirement.user.id)
except UserRetirementStatus.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
except RetirementStateError as exc:
return Response(text_type(exc), status=status.HTTP_400_BAD_REQUEST)
except Exception as exc: # pylint: disable=broad-except
return Response(text_type(exc),
status=status.HTTP_500_INTERNAL_SERVER_ERROR)
return Response(status=status.HTTP_204_NO_CONTENT)
def get(self, request):
"""
If the user has not created an API request, redirect them to the
request form. Otherwise, display the status of their API request.
"""
status = ApiAccessRequest.api_access_status(request.user)
if status is None:
return redirect(reverse('api_admin:api-request'))
return render_to_response('api_admin/status.html', {
'status': status,
'api_support_link': _('TODO'),
'api_support_email': settings.API_ACCESS_MANAGER_EMAIL,
})
def get(self, request):
"""
If the user has not created an API request, redirect them to the
request form. Otherwise, display the status of their API request.
"""
status = ApiAccessRequest.api_access_status(request.user)
if status is None:
return redirect(reverse('api-request'))
return render_to_response('api_admin/status.html', {
'status': status,
'api_support_link': _('TODO'),
'api_support_email': settings.API_ACCESS_MANAGER_EMAIL,
})
def test_nonexistent_request(self):
"""Test that users who have not requested API access do not get it."""
other_user = UserFactory()
self.assertFalse(ApiAccessRequest.has_api_access(other_user))
def wrapped_view(view_obj, *args, **kwargs):
"""Wrapper for the view function."""
if ApiAccessRequest.has_api_access(args[0].user):
return view_func(view_obj, *args, **kwargs)
return redirect(reverse('api_admin:api-request'))
def test_default_status(self):
self.assertEqual(self.request.status, ApiAccessRequest.PENDING)
self.assertFalse(ApiAccessRequest.has_api_access(self.user))
def wrapped_view(view_obj, *args, **kwargs):
"""Wrapper for the view function."""
if ApiAccessRequest.has_api_access(args[0].user):
return view_func(view_obj, *args, **kwargs)
return redirect(reverse('api_admin:api-request'))
def test_has_access(self, status, should_have_access):
self.request.status = status
self.request.save() # pylint: disable=no-member
self.assertEqual(ApiAccessRequest.has_api_access(self.user),
should_have_access)
class ApiAccessRequestSignalTests(TestCase):
def setUp(self):
super(ApiAccessRequestSignalTests, self).setUp()
self.user = UserFactory()
self.api_access_request = ApiAccessRequest(user=self.user,
site=SiteFactory())
self.send_new_pending_email_function = 'openedx.core.djangoapps.api_admin.models._send_new_pending_email'
self.send_decision_email_function = 'openedx.core.djangoapps.api_admin.models._send_decision_email'
def test_save_signal_success_new_email(self):
""" Verify that initial save sends new email and no decision email. """
with mock.patch(
self.send_new_pending_email_function) as mock_new_email:
with mock.patch(
self.send_decision_email_function) as mock_decision_email:
self.api_access_request.save()
mock_new_email.assert_called_once_with(self.api_access_request)
self.assertFalse(mock_decision_email.called)
def test_save_signal_success_decision_email(self):
""" Verify that updating request status sends decision email and no new email. """
self.api_access_request.save()
with mock.patch(
self.send_new_pending_email_function) as mock_new_email:
with mock.patch(
self.send_decision_email_function) as mock_decision_email:
self.api_access_request.approve()
mock_decision_email.assert_called_once_with(self.api_access_request)
self.assertFalse(mock_new_email.called)
def test_save_signal_success_no_emails(self):
""" Verify that updating request status again sends no emails. """
self.api_access_request.save()
self.api_access_request.approve()
with mock.patch(
self.send_new_pending_email_function) as mock_new_email:
with mock.patch(
self.send_decision_email_function) as mock_decision_email:
self.api_access_request.deny()
self.assertFalse(mock_decision_email.called)
self.assertFalse(mock_new_email.called)
def test_save_signal_failure_email(self):
""" Verify that saving still functions even on email errors. """
self.assertIsNone(self.api_access_request.id)
mail_function = 'openedx.core.djangoapps.api_admin.models.send_mail'
with mock.patch(mail_function, side_effect=SMTPException):
with mock.patch.object(model_log,
'exception') as mock_model_log_exception:
self.api_access_request.save()
# Verify that initial save logs email errors properly
mock_model_log_exception.assert_called_once_with(
u'Error sending API user notification email for request [%s].',
self.api_access_request.id)
# Verify object saved
self.assertIsNotNone(self.api_access_request.id)
with mock.patch(mail_function, side_effect=SMTPException):
with mock.patch.object(model_log,
'exception') as mock_model_log_exception:
self.api_access_request.approve()
# Verify that updating request status logs email errors properly
mock_model_log_exception.assert_called_once_with(
u'Error sending API user notification email for request [%s].',
self.api_access_request.id)
# Verify object saved
self.assertEqual(self.api_access_request.status,
ApiAccessRequest.APPROVED)
def test_has_access(self, status, should_have_access):
self.request.status = status
self.request.save()
assert ApiAccessRequest.has_api_access(self.user) == should_have_access
def test_no_access(self):
self.request.delete() # pylint: disable=no-member
self.assertIsNone(ApiAccessRequest.api_access_status(self.user))
class ApiAccessRequestSignalTests(TestCase):
def setUp(self):
super(ApiAccessRequestSignalTests, self).setUp()
self.user = UserFactory()
self.api_access_request = ApiAccessRequest(user=self.user, site=SiteFactory())
self.send_new_pending_email_function = 'openedx.core.djangoapps.api_admin.models._send_new_pending_email'
self.send_decision_email_function = 'openedx.core.djangoapps.api_admin.models._send_decision_email'
def test_save_signal_success_new_email(self):
""" Verify that initial save sends new email and no decision email. """
with mock.patch(self.send_new_pending_email_function) as mock_new_email:
with mock.patch(self.send_decision_email_function) as mock_decision_email:
self.api_access_request.save()
mock_new_email.assert_called_once_with(self.api_access_request)
self.assertFalse(mock_decision_email.called)
def test_save_signal_success_decision_email(self):
""" Verify that updating request status sends decision email and no new email. """
self.api_access_request.save()
with mock.patch(self.send_new_pending_email_function) as mock_new_email:
with mock.patch(self.send_decision_email_function) as mock_decision_email:
self.api_access_request.approve()
mock_decision_email.assert_called_once_with(self.api_access_request)
self.assertFalse(mock_new_email.called)
def test_save_signal_success_no_emails(self):
""" Verify that updating request status again sends no emails. """
self.api_access_request.save()
self.api_access_request.approve()
with mock.patch(self.send_new_pending_email_function) as mock_new_email:
with mock.patch(self.send_decision_email_function) as mock_decision_email:
self.api_access_request.deny()
self.assertFalse(mock_decision_email.called)
self.assertFalse(mock_new_email.called)
def test_save_signal_failure_email(self):
""" Verify that saving still functions even on email errors. """
self.assertIsNone(self.api_access_request.id)
mail_function = 'openedx.core.djangoapps.api_admin.models.send_mail'
with mock.patch(mail_function, side_effect=SMTPException):
with mock.patch.object(model_log, 'exception') as mock_model_log_exception:
self.api_access_request.save()
# Verify that initial save logs email errors properly
mock_model_log_exception.assert_called_once_with(
'Error sending API user notification email for request [%s].', self.api_access_request.id
)
# Verify object saved
self.assertIsNotNone(self.api_access_request.id)
with mock.patch(mail_function, side_effect=SMTPException):
with mock.patch.object(model_log, 'exception') as mock_model_log_exception:
self.api_access_request.approve()
# Verify that updating request status logs email errors properly
mock_model_log_exception.assert_called_once_with(
'Error sending API user notification email for request [%s].', self.api_access_request.id
)
# Verify object saved
self.assertEqual(self.api_access_request.status, ApiAccessRequest.APPROVED)
def test_has_access(self, status, should_have_access):
self.request.status = status
self.request.save()
self.assertEqual(ApiAccessRequest.has_api_access(self.user), should_have_access)
def test_has_access(self, status, should_have_access):
self.request.status = status
self.request.save() # pylint: disable=no-member
self.assertEqual(ApiAccessRequest.has_api_access(self.user), should_have_access)
def test_default_status(self):
self.assertEqual(self.request.status, ApiAccessRequest.PENDING)
self.assertFalse(ApiAccessRequest.has_api_access(self.user))
def test_no_access(self):
self.request.delete()
self.assertIsNone(ApiAccessRequest.api_access_status(self.user))
def test_no_access(self):
self.request.delete()
assert ApiAccessRequest.api_access_status(self.user) is None
def test_has_access(self, status, should_have_access):
self.request.status = status
self.request.save()
self.assertEqual(ApiAccessRequest.has_api_access(self.user),
should_have_access)
def setUp(self):
super(ApiAccessRequestSignalTests, self).setUp()
self.user = UserFactory()
self.api_access_request = ApiAccessRequest(user=self.user, site=SiteFactory())
self.send_new_pending_email_function = 'openedx.core.djangoapps.api_admin.models._send_new_pending_email'
self.send_decision_email_function = 'openedx.core.djangoapps.api_admin.models._send_decision_email'
def test_no_access(self):
self.request.delete()
self.assertIsNone(ApiAccessRequest.api_access_status(self.user))
def test_no_access(self):
self.request.delete() # pylint: disable=no-member
self.assertIsNone(ApiAccessRequest.api_access_status(self.user))
def test_nonexistent_request(self):
"""Test that users who have not requested API access do not get it."""
other_user = UserFactory()
self.assertFalse(ApiAccessRequest.has_api_access(other_user))
def test_default_status(self):
assert self.request.status == ApiAccessRequest.PENDING
assert not ApiAccessRequest.has_api_access(self.user)