def __init__(self, request, response): # pylint: disable=super-init-not-called # Set self.request, self.response and self.app. self.initialize(request, response) self.start_time = datetime.datetime.utcnow() # Initializes the return dict for the handlers. self.values = {} self.user = current_user_services.get_current_user() self.user_id = current_user_services.get_user_id( self.user) if self.user else None self.username = None self.has_seen_editor_tutorial = False self.partially_logged_in = False self.values['profile_picture_data_url'] = None self.preferred_site_language_code = None if self.user_id: email = current_user_services.get_user_email(self.user) user_settings = user_services.get_or_create_user( self.user_id, email) self.values['user_email'] = user_settings.email if (self.REDIRECT_UNFINISHED_SIGNUPS and not user_services.has_fully_registered(self.user_id)): _clear_login_cookies(self.response.headers) self.partially_logged_in = True self.user_id = None else: self.username = user_settings.username self.preferred_site_language_code = ( user_settings.preferred_site_language_code) self.values['username'] = self.username self.values['profile_picture_data_url'] = ( user_settings.profile_picture_data_url) if user_settings.last_started_state_editor_tutorial: self.has_seen_editor_tutorial = True # In order to avoid too many datastore writes, we do not bother # recording a log-in if the current time is sufficiently close # to the last log-in time. if (user_settings.last_logged_in is None or not utils.are_datetimes_close( datetime.datetime.utcnow(), user_settings.last_logged_in)): user_services.record_user_logged_in(self.user_id) self.is_moderator = rights_manager.Actor(self.user_id).is_moderator() self.is_admin = rights_manager.Actor(self.user_id).is_admin() self.is_super_admin = ( current_user_services.is_current_user_super_admin()) self.values['is_moderator'] = self.is_moderator self.values['is_admin'] = self.is_admin self.values['is_super_admin'] = self.is_super_admin if self.request.get('payload'): self.payload = json.loads(self.request.get('payload')) else: self.payload = None
def get(self, collection_id): """Handles GET requests.""" collection = collection_services.get_collection_by_id(collection_id, strict=False) if (collection is None or not rights_manager.Actor(self.user_id).can_view( rights_manager.ACTIVITY_TYPE_COLLECTION, collection_id)): self.redirect('/') return can_edit = ( bool(self.user_id) and self.username not in config_domain.BANNED_USERNAMES.value and rights_manager.Actor(self.user_id).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, collection_id)) self.values.update({ 'is_public': rights_manager.is_collection_public(collection_id), 'can_edit': can_edit, 'collection_id': collection.id, 'title': collection.title }) self.render_template('collection_editor/collection_editor.html')
def __init__(self, request, response): # Set self.request, self.response and self.app. self.initialize(request, response) self.start_time = datetime.datetime.utcnow() # Initializes the return dict for the handlers. self.values = {} self.user = current_user_services.get_current_user(self.request) self.user_id = current_user_services.get_user_id( self.user) if self.user else None if self.user_id: email = current_user_services.get_user_email(self.user) user_settings = user_services.get_or_create_user( self.user_id, email) self.username = user_settings.username self.values['user_email'] = user_settings.email self.values['username'] = self.username self.is_moderator = rights_manager.Actor(self.user_id).is_moderator() self.is_admin = rights_manager.Actor(self.user_id).is_admin() self.is_super_admin = user_services.is_super_admin( self.user_id, self.request) self.values['is_moderator'] = self.is_moderator self.values['is_admin'] = self.is_admin self.values['is_super_admin'] = self.is_super_admin if self.request.get('payload'): self.payload = json.loads(self.request.get('payload')) else: self.payload = None
def test_newly_created_exploration(self): exp = exp_domain.Exploration.create_default_exploration( self.EXP_ID, 'A title', 'A category') exp_services.save_new_exploration(self.user_id_a, exp) self.assertTrue( rights_manager.Actor(self.user_id_a).can_view(self.EXP_ID)) self.assertTrue( rights_manager.Actor(self.user_id_a).can_edit(self.EXP_ID)) self.assertTrue( rights_manager.Actor(self.user_id_a).can_delete(self.EXP_ID)) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_view(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_admin).can_edit(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_admin).can_delete(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete(self.EXP_ID))
def test_can_publicize_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) rights_manager.publish_collection(self.user_id_a, self.COLLECTION_ID) self.assertFalse( rights_manager.Actor(self.user_id_a).can_publicize( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_publicize( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
def test_can_publicize_exploration(self): exp = exp_domain.Exploration.create_default_exploration( self.EXP_ID, 'A title', 'A category') exp_services.save_new_exploration(self.user_id_a, exp) rights_manager.publish_exploration(self.user_id_a, self.EXP_ID) self.assertFalse( rights_manager.Actor(self.user_id_a).can_publicize(self.EXP_ID)) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_publicize( self.EXP_ID))
def test_demo_collection(self): collection_services.load_demo('0') rights_manager.release_ownership_of_collection( feconf.SYSTEM_COMMITTER_ID, '0') self.assertTrue( rights_manager.Actor(self.user_id_a).can_play( rights_manager.ACTIVITY_TYPE_COLLECTION, '0')) self.assertTrue( rights_manager.Actor(self.user_id_a).can_view( rights_manager.ACTIVITY_TYPE_COLLECTION, '0')) self.assertTrue( rights_manager.Actor(self.user_id_a).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, '0')) self.assertFalse( rights_manager.Actor(self.user_id_a).can_delete( rights_manager.ACTIVITY_TYPE_COLLECTION, '0')) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_play( rights_manager.ACTIVITY_TYPE_COLLECTION, '0')) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_view( rights_manager.ACTIVITY_TYPE_COLLECTION, '0')) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, '0')) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_delete( rights_manager.ACTIVITY_TYPE_COLLECTION, '0'))
def test_non_splash_page_demo_exploration(self): # Note: there is no difference between permissions for demo # explorations, whether or not they are on the splash page. exp_services.load_demo('3') rights_manager.release_ownership_of_exploration( feconf.SYSTEM_COMMITTER_ID, '3') self.assertTrue( rights_manager.Actor(self.user_id_a).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, '3')) self.assertTrue( rights_manager.Actor(self.user_id_a).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, '3')) self.assertTrue(rights_manager.Actor( self.user_id_a).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, '3')) self.assertFalse(rights_manager.Actor( self.user_id_a).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, '3')) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, '3')) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, '3')) self.assertTrue(rights_manager.Actor( self.user_id_admin).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, '3')) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, '3'))
def test_inviting_collaborator(self): exp = exp_domain.Exploration.create_default_exploration( self.EXP_ID, 'A title', 'A category') exp_services.save_new_exploration(self.user_id_a, exp) rights_manager.assign_role(self.user_id_a, self.EXP_ID, self.user_id_b, rights_manager.ROLE_EDITOR) self.assertTrue( rights_manager.Actor(self.user_id_b).can_view(self.EXP_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_edit(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete(self.EXP_ID))
def test_inviting_collaborator_to_exploration(self): exp = exp_domain.Exploration.create_default_exploration(self.EXP_ID) exp_services.save_new_exploration(self.user_id_a, exp) self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) rights_manager.assign_role_for_exploration(self.user_id_a, self.EXP_ID, self.user_id_b, rights_manager.ROLE_EDITOR) self.assertTrue( rights_manager.Actor(self.user_id_b).can_play( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_view( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_edit( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
def test_inviting_playtester_to_exploration(self): exp = exp_domain.Exploration.create_default_exploration( self.EXP_ID, 'A title', 'A category') exp_services.save_new_exploration(self.user_id_a, exp) self.assertFalse( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) rights_manager.assign_role_for_exploration( self.user_id_a, self.EXP_ID, self.user_id_b, rights_manager.ROLE_VIEWER) self.assertTrue( rights_manager.Actor(self.user_id_b).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
def test_demo_exploration(self): exp_services.load_demo('1') rights_manager.release_ownership_of_exploration( feconf.SYSTEM_COMMITTER_ID, '1') self.assertTrue( rights_manager.Actor(self.user_id_a).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, '1')) self.assertTrue( rights_manager.Actor(self.user_id_a).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, '1')) self.assertTrue( rights_manager.Actor(self.user_id_a).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, '1')) self.assertFalse( rights_manager.Actor(self.user_id_a).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, '1')) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_play( rights_manager.ACTIVITY_TYPE_EXPLORATION, '1')) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, '1')) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_edit( rights_manager.ACTIVITY_TYPE_EXPLORATION, '1')) self.assertTrue( rights_manager.Actor(self.user_id_admin).can_delete( rights_manager.ACTIVITY_TYPE_EXPLORATION, '1'))
def __init__(self, request, response): # Set self.request, self.response and self.app. self.initialize(request, response) self.start_time = datetime.datetime.utcnow() # Initializes the return dict for the handlers. self.values = {} self.user = current_user_services.get_current_user(self.request) self.user_id = current_user_services.get_user_id( self.user) if self.user else None self.username = None self.user_has_started_state_editor_tutorial = False self.partially_logged_in = False self.values['profile_picture_data_url'] = None if self.user_id: email = current_user_services.get_user_email(self.user) user_settings = user_services.get_or_create_user( self.user_id, email) self.values['user_email'] = user_settings.email if self.REDIRECT_UNFINISHED_SIGNUPS and not user_settings.username: _clear_login_cookies(self.response.headers) self.partially_logged_in = True self.user_id = None else: self.username = user_settings.username self.last_agreed_to_terms = user_settings.last_agreed_to_terms self.values['username'] = self.username self.values['profile_picture_data_url'] = ( user_settings.profile_picture_data_url) if user_settings.last_started_state_editor_tutorial: self.user_has_started_state_editor_tutorial = True self.is_moderator = rights_manager.Actor(self.user_id).is_moderator() self.is_admin = rights_manager.Actor(self.user_id).is_admin() self.is_super_admin = user_services.is_super_admin( self.user_id, self.request) self.values['is_moderator'] = self.is_moderator self.values['is_admin'] = self.is_admin self.values['is_super_admin'] = self.is_super_admin if self.request.get('payload'): self.payload = json.loads(self.request.get('payload')) else: self.payload = None
def test_ownership(self): exp = exp_domain.Exploration.create_default_exploration( self.EXP_ID, 'A title', 'A category') exp_services.save_new_exploration(self.user_id_a, exp) rights_manager.assign_role(self.user_id_a, self.EXP_ID, self.user_id_b, rights_manager.ROLE_EDITOR) self.assertTrue( rights_manager.Actor(self.user_id_a).is_owner(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).is_owner(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_admin).is_owner(self.EXP_ID))
def get(self, exploration_id): """Gets the data for the exploration overview page.""" if not rights_manager.Actor(self.user_id).can_view(exploration_id): raise self.PageNotFoundException self.values.update(self._get_exploration_data(exploration_id)) self.render_json(self.values)
def get(self, collection_id): """Populates the data on the individual collection page.""" allow_invalid_explorations = bool( self.request.get('allow_invalid_explorations')) try: collection_dict = ( collection_services.get_learner_collection_dict_by_id( collection_id, self.user_id, allow_invalid_explorations=allow_invalid_explorations)) except Exception as e: raise self.PageNotFoundException(e) self.values.update({ 'can_edit': (self.user_id and rights_manager.Actor(self.user_id).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, collection_id)), 'collection': collection_dict, 'info_card_image_url': utils.get_info_card_url_for_category(collection_dict['category']), 'is_logged_in': bool(self.user_id), 'session_id': utils.generate_new_session_id(), }) self.render_json(self.values)
def get(self, exploration_id): """Populates the data on the individual exploration page.""" version = self.request.get('v') version = int(version) if version else None try: exploration = exp_services.get_exploration_by_id( exploration_id, version=version) except Exception as e: raise self.PageNotFoundException(e) info_card_color = ( feconf.CATEGORIES_TO_COLORS[exploration.category] if exploration.category in feconf.CATEGORIES_TO_COLORS else feconf.DEFAULT_COLOR) self.values.update({ 'can_edit': ( self.user_id and rights_manager.Actor(self.user_id).can_edit(exploration_id)), 'exploration': exploration.to_player_dict(), 'info_card_image_url': ( '/images/gallery/exploration_background_%s_large.png' % info_card_color), 'is_logged_in': bool(self.user_id), 'session_id': utils.generate_random_string(24), 'version': exploration.version, }) self.render_json(self.values)
def get(self, collection_id): """Handles GET requests.""" collection = collection_services.get_collection_by_id(collection_id, strict=False) self.values.update({ 'can_edit': True, 'can_unpublish': rights_manager.Actor(self.user_id).can_unpublish( feconf.ACTIVITY_TYPE_COLLECTION, collection_id), 'collection_id': collection.id, 'is_private': rights_manager.is_collection_private(collection_id), 'nav_mode': feconf.NAV_MODE_CREATE, 'title': collection.title, 'SHOW_COLLECTION_NAVIGATION_TAB_HISTORY': (feconf.SHOW_COLLECTION_NAVIGATION_TAB_HISTORY), 'SHOW_COLLECTION_NAVIGATION_TAB_STATS': (feconf.SHOW_COLLECTION_NAVIGATION_TAB_STATS), 'TAG_REGEX': feconf.TAG_REGEX, }) self.render_template('pages/collection_editor/collection_editor.html')
def get(self, exploration_id): """Handles GET requests.""" version_str = self.request.get('v') version = int(version_str) if version_str else None if self.request.get('iframed'): redirect_url = '/embed/exploration/%s' % exploration_id if version_str: redirect_url += '?v=%s' % version_str self.redirect(redirect_url) return # Note: this is an optional argument and will be None when the # exploration is being played outside the context of a collection. collection_id = self.request.get('collection_id') can_edit = (bool(self.username) and self.username not in config_domain.BANNED_USERNAMES.value and rights_manager.Actor(self.user_id).can_edit( feconf.ACTIVITY_TYPE_EXPLORATION, exploration_id)) try: # If the exploration does not exist, a 404 error is raised. exploration_data_values = _get_exploration_player_data( exploration_id, version, collection_id, can_edit) except Exception: raise self.PageNotFoundException self.values.update(exploration_data_values) self.values['iframed'] = False self.render_template( 'pages/exploration_player/exploration_player.html')
def get(self, exploration_id): """Handles GET requests.""" try: exploration = exp_services.get_exploration_by_id(exploration_id) except: raise self.PageNotFoundException if not rights_manager.Actor(self.user_id).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, exploration_id): raise self.PageNotFoundException version = self.request.get('v', default_value=exploration.version) output_format = self.request.get('output_format', default_value='zip') width = int(self.request.get('width', default_value=80)) # If the title of the exploration has changed, we use the new title filename = 'oppia-%s-v%s' % (utils.to_ascii( exploration.title.replace(' ', '')), version) if output_format == feconf.OUTPUT_FORMAT_ZIP: self.response.headers['Content-Type'] = 'text/plain' self.response.headers['Content-Disposition'] = ( 'attachment; filename=%s.zip' % str(filename)) self.response.write( exp_services.export_to_zip_file(exploration_id, version)) elif output_format == feconf.OUTPUT_FORMAT_JSON: self.render_json( exp_services.export_states_to_yaml(exploration_id, version=version, width=width)) else: raise self.InvalidInputException('Unrecognized output format %s' % output_format)
def get(self, exploration_id): """Handles GET requests.""" try: exploration = exp_services.get_exploration_by_id(exploration_id) except: raise self.PageNotFoundException if not rights_manager.Actor(self.user_id).can_view( rights_manager.ACTIVITY_TYPE_EXPLORATION, exploration_id): raise self.PageNotFoundException version = self.request.get('v', default_value=exploration.version) width = int(self.request.get('width', default_value=80)) try: state = self.request.get('state') except: raise self.InvalidInputException('State not found') exploration_dict = exp_services.export_states_to_yaml(exploration_id, version=version, width=width) if state not in exploration_dict: raise self.PageNotFoundException self.response.write(exploration_dict[state])
def get(self, exploration_id): """Populates the data on the individual exploration page.""" version = self.request.get('v') version = int(version) if version else None try: exploration = exp_services.get_exploration_by_id(exploration_id, version=version) except Exception as e: raise self.PageNotFoundException(e) self.values.update({ 'can_edit': (self.user_id and rights_manager.Actor(self.user_id).can_edit( feconf.ACTIVITY_TYPE_EXPLORATION, exploration_id)), 'exploration': exploration.to_player_dict(), 'is_logged_in': bool(self.user_id), 'session_id': utils.generate_new_session_id(), 'version': exploration.version, }) self.render_json(self.values)
def get_displayable_exp_summary_dicts_matching_ids(exploration_ids, editor_user_id=None): """Given a list of exploration ids, optionally filters the list for explorations that are currently non-private and not deleted, and returns a list of dicts of the corresponding exploration summaries. This function can also filter based on a user ID who has edit access to the corresponding exploration, where the editor ID is for private explorations. Please use this function when needing summary information to display on exploration summary tiles in the frontend. """ exploration_summaries = ( exp_services.get_exploration_summaries_matching_ids(exploration_ids)) filtered_exploration_summaries = [] for exploration_summary in exploration_summaries: if exploration_summary is None: continue if exploration_summary.status == ( rights_manager.ACTIVITY_STATUS_PRIVATE): if editor_user_id is None: continue if not rights_manager.Actor(editor_user_id).can_edit( feconf.ACTIVITY_TYPE_EXPLORATION, exploration_summary.id): continue filtered_exploration_summaries.append(exploration_summary) return get_displayable_exp_summary_dicts(filtered_exploration_summaries)
def get(self, collection_id): """Handles GET requests.""" try: collection = collection_services.get_collection_by_id( collection_id) except Exception as e: raise self.PageNotFoundException(e) self.values.update({ 'can_edit': (bool(self.username) and self.username not in config_domain.BANNED_USERNAMES.value and rights_manager.Actor(self.user_id).can_edit( rights_manager.ACTIVITY_TYPE_COLLECTION, collection_id)), 'is_logged_in': bool(self.user_id), 'collection_id': collection_id, 'collection_title': collection.title, 'is_private': rights_manager.is_collection_private(collection_id), 'meta_name': collection.title, 'meta_description': utils.capitalize_string(collection.objective) }) self.render_template('collection_player/collection_player.html')
def put(self, collection_id): """Updates the editing rights for the given collection.""" collection = collection_services.get_collection_by_id(collection_id) version = self.payload.get('version') _require_valid_version(version, collection.version) # TODO(bhenning): Implement other rights changes here. is_public = self.payload.get('is_public') if is_public is not None: if is_public: try: collection.validate(strict=True) collection_services.validate_exps_in_collection_are_public( collection) except utils.ValidationError as e: raise self.InvalidInputException(e) collection_services.publish_collection_and_update_user_profiles( self.user_id, collection_id) collection_services.index_collections_given_ids([ collection_id]) elif rights_manager.Actor(self.user_id).can_unpublish( feconf.ACTIVITY_TYPE_COLLECTION, collection_id): rights_manager.unpublish_collection(self.user_id, collection_id) collection_services.delete_documents_from_search_index([ collection_id]) else: raise self.InvalidInputException( 'Cannot unpublish a collection.') self.render_json({ 'rights': rights_manager.get_collection_rights( collection_id).to_dict() })
def test_ownership_of_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) rights_manager.assign_role_for_collection( self.user_id_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) self.assertTrue( rights_manager.Actor(self.user_id_a).is_owner( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).is_owner( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID)) self.assertFalse( rights_manager.Actor(self.user_id_admin).is_owner( rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
def get_displayable_exp_summary_dicts_matching_ids( exploration_ids, editor_user_id=None): """Gets a summary of explorations in human readable form from exploration ids. Given a list of exploration ids, optionally filters the list for explorations that are currently non-private and not deleted, and returns a list of dicts of the corresponding exploration summaries. This function can also filter based on a user ID who has edit access to the corresponding exploration, where the editor ID is for private explorations. Please use this function when needing summary information to display on exploration summary tiles in the frontend. Args: exploration_ids: list(str). List of exploration ids. editor_user_id: str or None. If provided, the returned value is filtered based on a user ID who has edit access to the corresponding explorations. Otherwise, the returned list is not filtered. Return: list(dict). A list of exploration summary dicts in human readable form. Example: [ { 'category': u'A category', 'community_owned': False, 'id': 'eid2', 'language_code': 'en', 'num_views': 0, 'objective': u'An objective', 'status': 'public', 'tags': [], 'thumbnail_bg_color': '#a33f40', 'thumbnail_icon_url': self.get_static_asset_url( '/images/subjects/Lightbulb.svg'), 'title': u'Exploration 2 Albert title', }, ] """ exploration_summaries = ( exp_services.get_exploration_summaries_matching_ids(exploration_ids)) filtered_exploration_summaries = [] for exploration_summary in exploration_summaries: if exploration_summary is None: continue if exploration_summary.status == ( rights_manager.ACTIVITY_STATUS_PRIVATE): if editor_user_id is None: continue if not rights_manager.Actor(editor_user_id).can_edit( feconf.ACTIVITY_TYPE_EXPLORATION, exploration_summary.id): continue filtered_exploration_summaries.append(exploration_summary) return get_displayable_exp_summary_dicts(filtered_exploration_summaries)
def get(self, exploration_id): """Handles GET requests.""" version = self.request.get('v') if not version: # The default value for a missing parameter seems to be ''. version = None else: version = int(version) try: exploration = exp_services.get_exploration_by_id(exploration_id, version=version) except Exception as e: raise self.PageNotFoundException(e) if not rights_manager.Actor(self.user_id).can_view(exploration_id): raise self.PageNotFoundException is_iframed = (self.request.get('iframed') == 'true') # TODO(sll): Cache these computations. interactive_widget_ids = exploration.get_interactive_widget_ids() widget_dependency_ids = ( widget_registry.Registry.get_deduplicated_dependency_ids( interactive_widget_ids)) widget_dependencies_html, additional_angular_modules = ( dependency_registry.Registry.get_deps_html_and_angular_modules( widget_dependency_ids)) widget_js_directives = ( widget_registry.Registry.get_noninteractive_widget_js() + widget_registry.Registry.get_interactive_widget_js( interactive_widget_ids)) self.values.update({ 'additional_angular_modules': additional_angular_modules, 'exploration_version': version, 'iframed': is_iframed, 'is_private': rights_manager.is_exploration_private(exploration_id), 'nav_mode': feconf.NAV_MODE_EXPLORE, 'skin_html': skins_services.Registry.get_skin_html(exploration.default_skin), 'widget_dependencies_html': jinja2.utils.Markup(widget_dependencies_html), 'widget_js_directives': jinja2.utils.Markup(widget_js_directives), }) if is_iframed: self.render_template('player/exploration_player.html', iframe_restriction=None) else: self.render_template('player/exploration_player.html')
def test_ownership_of_exploration(self): exp = exp_domain.Exploration.create_default_exploration(self.EXP_ID) exp_services.save_new_exploration(self.user_id_a, exp) rights_manager.assign_role_for_exploration(self.user_id_a, self.EXP_ID, self.user_id_b, rights_manager.ROLE_EDITOR) self.assertTrue( rights_manager.Actor(self.user_id_a).is_owner( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).is_owner( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_admin).is_owner( rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
def get(self, exploration_id): """Gets the data for the exploration overview page.""" if not rights_manager.Actor(self.user_id).can_view(exploration_id): raise self.PageNotFoundException version = self.request.get('v', default_value=None) self.values.update( self._get_exploration_data(exploration_id, version=version)) self.render_json(self.values)