def manage_users(request, org, course, name): """ This view will return all CMS users who are editors for the specified course """ location = Location("i4x", org, course, "course", name) # check that logged in user has permissions to this item if not has_access(request.user, location, role=INSTRUCTOR_ROLE_NAME) and not has_access( request.user, location, role=STAFF_ROLE_NAME ): raise PermissionDenied() course_module = modulestore().get_item(location) staff_groupname = get_course_groupname_for_role(location, "staff") staff_group, __ = Group.objects.get_or_create(name=staff_groupname) inst_groupname = get_course_groupname_for_role(location, "instructor") inst_group, __ = Group.objects.get_or_create(name=inst_groupname) return render_to_response( "manage_users.html", { "context_course": course_module, "staff": staff_group.user_set.all(), "instructors": inst_group.user_set.all(), "allow_actions": has_access(request.user, location, role=INSTRUCTOR_ROLE_NAME), }, )
def _manage_users(request, location): """ This view will return all CMS users who are editors for the specified course """ old_location = loc_mapper().translate_locator_to_location(location) # check that logged in user has permissions to this item if not has_access(request.user, location, role=INSTRUCTOR_ROLE_NAME) and not has_access( request.user, location, role=STAFF_ROLE_NAME): raise PermissionDenied() course_module = modulestore().get_item(old_location) staff_groupname = get_course_groupname_for_role(location, "staff") staff_group, __ = Group.objects.get_or_create(name=staff_groupname) inst_groupname = get_course_groupname_for_role(location, "instructor") inst_group, __ = Group.objects.get_or_create(name=inst_groupname) return render_to_response( 'manage_users.html', { 'context_course': course_module, 'staff': staff_group.user_set.all(), 'instructors': inst_group.user_set.all(), 'allow_actions': has_access(request.user, location, role=INSTRUCTOR_ROLE_NAME), })
def setUp(self): super(UsersTestCase, self).setUp() self.ext_user = User.objects.create_user("joe", "*****@*****.**", "haha") self.ext_user.is_active = True self.ext_user.is_staff = False self.ext_user.save() self.inactive_user = User.objects.create_user( "carl", "*****@*****.**", "haha") self.inactive_user.is_active = False self.inactive_user.is_staff = False self.inactive_user.save() self.location = loc_mapper().translate_location( self.course.location.course_id, self.course.location, False, True) self.index_url = self.location.url_reverse('course_team', '') self.detail_url = self.location.url_reverse('course_team', self.ext_user.email) self.inactive_detail_url = self.location.url_reverse( 'course_team', self.inactive_user.email) self.invalid_detail_url = self.location.url_reverse( 'course_team', "*****@*****.**") self.staff_groupname = get_course_groupname_for_role( self.course_locator, "staff") self.inst_groupname = get_course_groupname_for_role( self.course_locator, "instructor")
def setUp(self): super(UsersTestCase, self).setUp() self.ext_user = User.objects.create_user("joe", "*****@*****.**", "haha") self.ext_user.is_active = True self.ext_user.is_staff = False self.ext_user.save() self.inactive_user = User.objects.create_user("carl", "*****@*****.**", "haha") self.inactive_user.is_active = False self.inactive_user.is_staff = False self.inactive_user.save() self.index_url = reverse( "manage_users", kwargs={ "org": self.course.location.org, "course": self.course.location.course, "name": self.course.location.name, }, ) self.detail_url = reverse( "course_team_user", kwargs={ "org": self.course.location.org, "course": self.course.location.course, "name": self.course.location.name, "email": self.ext_user.email, }, ) self.inactive_detail_url = reverse( "course_team_user", kwargs={ "org": self.course.location.org, "course": self.course.location.course, "name": self.course.location.name, "email": self.inactive_user.email, }, ) self.invalid_detail_url = reverse( "course_team_user", kwargs={ "org": self.course.location.org, "course": self.course.location.course, "name": self.course.location.name, "email": "*****@*****.**", }, ) self.staff_groupname = get_course_groupname_for_role(self.course.location, "staff") self.inst_groupname = get_course_groupname_for_role(self.course.location, "instructor")
def create_other_user(_step, name, course_admin): user = create_studio_user(uname=name, password=PASSWORD, email=(name + EMAIL_EXTENSION)) if course_admin: location = world.scenario_dict["COURSE"].location for role in ("staff", "instructor"): group, __ = Group.objects.get_or_create(name=get_course_groupname_for_role(location, role)) user.groups.add(group) user.save()
def add_course_author(user, course): """ Add the user to the instructor group of the course so they will have the permissions to see it in studio """ for role in ("staff", "instructor"): groupname = get_course_groupname_for_role(course.location, role) group, __ = Group.objects.get_or_create(name=groupname) user.groups.add(group) user.save()
def setUp(self): super(UsersTestCase, self).setUp() self.ext_user = User.objects.create_user( "joe", "*****@*****.**", "haha") self.ext_user.is_active = True self.ext_user.is_staff = False self.ext_user.save() self.inactive_user = User.objects.create_user( "carl", "*****@*****.**", "haha") self.inactive_user.is_active = False self.inactive_user.is_staff = False self.inactive_user.save() self.location = loc_mapper().translate_location(self.course.location.course_id, self.course.location, False, True) self.index_url = self.location.url_reverse('course_team', '') self.detail_url = self.location.url_reverse('course_team', self.ext_user.email) self.inactive_detail_url = self.location.url_reverse('course_team', self.inactive_user.email) self.invalid_detail_url = self.location.url_reverse('course_team', "*****@*****.**") self.staff_groupname = get_course_groupname_for_role(self.course.location, "staff") self.inst_groupname = get_course_groupname_for_role(self.course.location, "instructor")
def setUp(self): super(UsersTestCase, self).setUp() self.ext_user = User.objects.create_user( "joe", "*****@*****.**", "haha") self.ext_user.is_active = True self.ext_user.is_staff = False self.ext_user.save() self.inactive_user = User.objects.create_user( "carl", "*****@*****.**", "haha") self.inactive_user.is_active = False self.inactive_user.is_staff = False self.inactive_user.save() self.index_url = reverse("manage_users", kwargs={ "org": self.course.location.org, "course": self.course.location.course, "name": self.course.location.name, }) self.detail_url = reverse("course_team_user", kwargs={ "org": self.course.location.org, "course": self.course.location.course, "name": self.course.location.name, "email": self.ext_user.email, }) self.inactive_detail_url = reverse("course_team_user", kwargs={ "org": self.course.location.org, "course": self.course.location.course, "name": self.course.location.name, "email": self.inactive_user.email, }) self.invalid_detail_url = reverse("course_team_user", kwargs={ "org": self.course.location.org, "course": self.course.location.course, "name": self.course.location.name, "email": "*****@*****.**", }) self.staff_groupname = get_course_groupname_for_role(self.course.location, "staff") self.inst_groupname = get_course_groupname_for_role(self.course.location, "instructor")
def _manage_users(request, location): """ This view will return all CMS users who are editors for the specified course """ old_location = loc_mapper().translate_locator_to_location(location) # check that logged in user has permissions to this item if not has_access(request.user, location, role=INSTRUCTOR_ROLE_NAME) and not has_access(request.user, location, role=STAFF_ROLE_NAME): raise PermissionDenied() course_module = modulestore().get_item(old_location) staff_groupname = get_course_groupname_for_role(location, "staff") staff_group, __ = Group.objects.get_or_create(name=staff_groupname) inst_groupname = get_course_groupname_for_role(location, "instructor") inst_group, __ = Group.objects.get_or_create(name=inst_groupname) return render_to_response('manage_users.html', { 'context_course': course_module, 'staff': staff_group.user_set.all(), 'instructors': inst_group.user_set.all(), 'allow_actions': has_access(request.user, location, role=INSTRUCTOR_ROLE_NAME), })
def create_other_user(_step, name, has_extra_perms, role_name): email = name + EMAIL_EXTENSION user = create_studio_user(uname=name, password=PASSWORD, email=email) if has_extra_perms: location = world.scenario_dict["COURSE"].location if role_name == "admin": # admins get staff privileges, as well roles = ("staff", "instructor") else: roles = ("staff",) for role in roles: groupname = get_course_groupname_for_role(location, role) group, __ = Group.objects.get_or_create(name=groupname) user.groups.add(group) user.save()
def create_other_user(_step, name, has_extra_perms, role_name): email = name + EMAIL_EXTENSION user = create_studio_user(uname=name, password=PASSWORD, email=email) if has_extra_perms: location = world.scenario_dict["COURSE"].location if role_name == "admin": # admins get staff privileges, as well roles = ("staff", "instructor") else: roles = ("staff", ) for role in roles: groupname = get_course_groupname_for_role(location, role) group, __ = Group.objects.get_or_create(name=groupname) user.groups.add(group) user.save()
def create_other_user(_step, name, has_extra_perms, role_name): email = name + '@edx.org' user = create_studio_user(uname=name, password="******", email=email) if has_extra_perms: if role_name == "is_staff": user.is_staff = True else: if role_name == "admin": # admins get staff privileges, as well roles = ("staff", "instructor") else: roles = ("staff",) location = world.scenario_dict["COURSE"].location for role in roles: groupname = get_course_groupname_for_role(location, role) group, __ = Group.objects.get_or_create(name=groupname) user.groups.add(group) user.save()
def create_other_user(_step, name, has_extra_perms, role_name): email = name + '@edx.org' user = create_studio_user(uname=name, password="******", email=email) if has_extra_perms: if role_name == "is_staff": user.is_staff = True else: if role_name == "admin": # admins get staff privileges, as well roles = ("staff", "instructor") else: roles = ("staff", ) location = world.scenario_dict["COURSE"].location for role in roles: groupname = get_course_groupname_for_role(location, role) group, __ = Group.objects.get_or_create(name=groupname) user.groups.add(group) user.save()
def create_a_course(): course = world.CourseFactory.create(org="MITx", course="999", display_name="Robot Super Course") world.scenario_dict["COURSE"] = course user = world.scenario_dict.get("USER") if not user: user = get_user_by_email("*****@*****.**") # Add the user to the instructor group of the course # so they will have the permissions to see it in studio for role in ("staff", "instructor"): groupname = get_course_groupname_for_role(course.location, role) group, __ = Group.objects.get_or_create(name=groupname) user.groups.add(group) user.save() world.browser.reload() course_link_css = "span.class-name" world.css_click(course_link_css) course_title_css = "span.course-title" assert_true(world.is_css_present(course_title_css))
def create_a_course(): course = world.CourseFactory.create(org='MITx', course='999', display_name='Robot Super Course') world.scenario_dict['COURSE'] = course user = world.scenario_dict.get("USER") if not user: user = get_user_by_email('*****@*****.**') # Add the user to the instructor group of the course # so they will have the permissions to see it in studio for role in ("staff", "instructor"): groupname = get_course_groupname_for_role(course.location, role) group, __ = Group.objects.get_or_create(name=groupname) user.groups.add(group) user.save() # Navigate to the studio dashboard world.visit('/') course_link_css = 'a.course-link' world.css_click(course_link_css) course_title_css = 'span.course-title' assert_true(world.is_css_present(course_title_css))
def course_team_user(request, org, course, name, email): location = Location('i4x', org, course, 'course', name) # check that logged in user has permissions to this item if has_access(request.user, location, role=INSTRUCTOR_ROLE_NAME): # instructors have full permissions pass elif has_access(request.user, location, role=STAFF_ROLE_NAME) and email == request.user.email: # staff can only affect themselves pass else: msg = { "error": _("Insufficient permissions") } return JsonResponse(msg, 400) try: user = User.objects.get(email=email) except: msg = { "error": _("Could not find user by email address '{email}'.").format(email=email), } return JsonResponse(msg, 404) # role hierarchy: "instructor" has more permissions than "staff" (in a course) roles = ["instructor", "staff"] if request.method == "GET": # just return info about the user msg = { "email": user.email, "active": user.is_active, "role": None, } # what's the highest role that this user has? groupnames = set(g.name for g in user.groups.all()) for role in roles: role_groupname = get_course_groupname_for_role(location, role) if role_groupname in groupnames: msg["role"] = role break return JsonResponse(msg) # can't modify an inactive user if not user.is_active: msg = { "error": _('User {email} has registered but has not yet activated his/her account.').format(email=email), } return JsonResponse(msg, 400) # make sure that the role groups exist groups = {} for role in roles: groupname = get_course_groupname_for_role(location, role) group, __ = Group.objects.get_or_create(name=groupname) groups[role] = group if request.method == "DELETE": # remove all roles in this course from this user: but fail if the user # is the last instructor in the course team instructors = set(groups["instructor"].user_set.all()) staff = set(groups["staff"].user_set.all()) if user in instructors and len(instructors) == 1: msg = { "error": _("You may not remove the last instructor from a course") } return JsonResponse(msg, 400) if user in instructors: user.groups.remove(groups["instructor"]) if user in staff: user.groups.remove(groups["staff"]) user.save() return JsonResponse() # all other operations require the requesting user to specify a role if request.META.get("CONTENT_TYPE", "") == "application/json" and request.body: try: payload = json.loads(request.body) except: return JsonResponse({"error": _("malformed JSON")}, 400) try: role = payload["role"] except KeyError: return JsonResponse({"error": _("`role` is required")}, 400) else: if not "role" in request.POST: return JsonResponse({"error": _("`role` is required")}, 400) role = request.POST["role"] if role == "instructor": if not has_access(request.user, location, role=INSTRUCTOR_ROLE_NAME): msg = { "error": _("Only instructors may create other instructors") } return JsonResponse(msg, 400) user.groups.add(groups["instructor"]) user.save() elif role == "staff": # if we're trying to downgrade a user from "instructor" to "staff", # make sure we have at least one other instructor in the course team. instructors = set(groups["instructor"].user_set.all()) if user in instructors: if len(instructors) == 1: msg = { "error": _("You may not remove the last instructor from a course") } return JsonResponse(msg, 400) user.groups.remove(groups["instructor"]) user.groups.add(groups["staff"]) user.save() return JsonResponse()
def _course_team_user(request, locator, email): """ Handle the add, remove, promote, demote requests ensuring the requester has authority """ # check that logged in user has permissions to this item if has_access(request.user, locator, role=INSTRUCTOR_ROLE_NAME): # instructors have full permissions pass elif has_access(request.user, locator, role=STAFF_ROLE_NAME) and email == request.user.email: # staff can only affect themselves pass else: msg = { "error": _("Insufficient permissions") } return JsonResponse(msg, 400) try: user = User.objects.get(email=email) except: msg = { "error": _("Could not find user by email address '{email}'.").format(email=email), } return JsonResponse(msg, 404) # role hierarchy: "instructor" has more permissions than "staff" (in a course) roles = ["instructor", "staff"] if request.method == "GET": # just return info about the user msg = { "email": user.email, "active": user.is_active, "role": None, } # what's the highest role that this user has? groupnames = set(g.name for g in user.groups.all()) for role in roles: role_groupname = get_course_groupname_for_role(locator, role) if role_groupname in groupnames: msg["role"] = role break return JsonResponse(msg) # can't modify an inactive user if not user.is_active: msg = { "error": _('User {email} has registered but has not yet activated his/her account.').format(email=email), } return JsonResponse(msg, 400) # make sure that the role groups exist groups = {} for role in roles: groupname = get_course_groupname_for_role(locator, role) group, __ = Group.objects.get_or_create(name=groupname) groups[role] = group if request.method == "DELETE": # remove all roles in this course from this user: but fail if the user # is the last instructor in the course team instructors = set(groups["instructor"].user_set.all()) staff = set(groups["staff"].user_set.all()) if user in instructors and len(instructors) == 1: msg = { "error": _("You may not remove the last instructor from a course") } return JsonResponse(msg, 400) if user in instructors: user.groups.remove(groups["instructor"]) if user in staff: user.groups.remove(groups["staff"]) user.save() return JsonResponse() # all other operations require the requesting user to specify a role role = request.json.get("role", request.POST.get("role")) if role is None: return JsonResponse({"error": _("`role` is required")}, 400) old_location = loc_mapper().translate_locator_to_location(locator) if role == "instructor": if not has_access(request.user, locator, role=INSTRUCTOR_ROLE_NAME): msg = { "error": _("Only instructors may create other instructors") } return JsonResponse(msg, 400) user.groups.add(groups["instructor"]) user.save() # auto-enroll the course creator in the course so that "View Live" will work. CourseEnrollment.enroll(user, old_location.course_id) elif role == "staff": # if we're trying to downgrade a user from "instructor" to "staff", # make sure we have at least one other instructor in the course team. instructors = set(groups["instructor"].user_set.all()) if user in instructors: if len(instructors) == 1: msg = { "error": _("You may not remove the last instructor from a course") } return JsonResponse(msg, 400) user.groups.remove(groups["instructor"]) user.groups.add(groups["staff"]) user.save() # auto-enroll the course creator in the course so that "View Live" will work. CourseEnrollment.enroll(user, old_location.course_id) return JsonResponse()
def _course_team_user(request, location, email): old_location = loc_mapper().translate_locator_to_location(location) # check that logged in user has permissions to this item if has_access(request.user, location, role=INSTRUCTOR_ROLE_NAME): # instructors have full permissions pass elif has_access(request.user, location, role=STAFF_ROLE_NAME) and email == request.user.email: # staff can only affect themselves pass else: msg = {"error": _("Insufficient permissions")} return JsonResponse(msg, 400) try: user = User.objects.get(email=email) except: msg = { "error": _("Could not find user by email address '{email}'.").format( email=email), } return JsonResponse(msg, 404) # role hierarchy: "instructor" has more permissions than "staff" (in a course) roles = ["instructor", "staff"] if request.method == "GET": # just return info about the user msg = { "email": user.email, "active": user.is_active, "role": None, } # what's the highest role that this user has? groupnames = set(g.name for g in user.groups.all()) for role in roles: role_groupname = get_course_groupname_for_role(old_location, role) if role_groupname in groupnames: msg["role"] = role break return JsonResponse(msg) # can't modify an inactive user if not user.is_active: msg = { "error": _('User {email} has registered but has not yet activated his/her account.' ).format(email=email), } return JsonResponse(msg, 400) # make sure that the role groups exist groups = {} for role in roles: groupname = get_course_groupname_for_role(old_location, role) group, __ = Group.objects.get_or_create(name=groupname) groups[role] = group if request.method == "DELETE": # remove all roles in this course from this user: but fail if the user # is the last instructor in the course team instructors = set(groups["instructor"].user_set.all()) staff = set(groups["staff"].user_set.all()) if user in instructors and len(instructors) == 1: msg = { "error": _("You may not remove the last instructor from a course") } return JsonResponse(msg, 400) if user in instructors: user.groups.remove(groups["instructor"]) if user in staff: user.groups.remove(groups["staff"]) user.save() return JsonResponse() # all other operations require the requesting user to specify a role if request.META.get("CONTENT_TYPE", "").startswith("application/json") and request.body: try: payload = json.loads(request.body) except: return JsonResponse({"error": _("malformed JSON")}, 400) try: role = payload["role"] except KeyError: return JsonResponse({"error": _("`role` is required")}, 400) else: if not "role" in request.POST: return JsonResponse({"error": _("`role` is required")}, 400) role = request.POST["role"] if role == "instructor": if not has_access(request.user, location, role=INSTRUCTOR_ROLE_NAME): msg = {"error": _("Only instructors may create other instructors")} return JsonResponse(msg, 400) user.groups.add(groups["instructor"]) user.save() # auto-enroll the course creator in the course so that "View Live" will work. CourseEnrollment.enroll(user, old_location.course_id) elif role == "staff": # if we're trying to downgrade a user from "instructor" to "staff", # make sure we have at least one other instructor in the course team. instructors = set(groups["instructor"].user_set.all()) if user in instructors: if len(instructors) == 1: msg = { "error": _("You may not remove the last instructor from a course") } return JsonResponse(msg, 400) user.groups.remove(groups["instructor"]) user.groups.add(groups["staff"]) user.save() # auto-enroll the course creator in the course so that "View Live" will work. CourseEnrollment.enroll(user, old_location.course_id) return JsonResponse()