def test_exploration_subscription(self): with self.swap( subscription_services, 'subscribe_to_thread', self._null_fn ), self.swap( subscription_services, 'subscribe_to_activity', self._null_fn): # User A adds user B as an editor to the exploration. rights_manager.assign_role( self.user_a_id, self.EXP_ID, self.user_b_id, rights_manager.ROLE_EDITOR) # User A adds user C as a viewer of the exploration. rights_manager.assign_role( self.user_a_id, self.EXP_ID, self.user_c_id, rights_manager.ROLE_VIEWER) self._run_one_off_job() # Users A and B are subscribed to the exploration. User C is not. user_a_subscriptions_model = user_models.UserSubscriptionsModel.get( self.user_a_id) user_b_subscriptions_model = user_models.UserSubscriptionsModel.get( self.user_b_id) user_c_subscriptions_model = user_models.UserSubscriptionsModel.get( self.user_c_id, strict=False) self.assertEqual( user_a_subscriptions_model.activity_ids, [self.EXP_ID]) self.assertEqual( user_b_subscriptions_model.activity_ids, [self.EXP_ID]) self.assertEqual(user_a_subscriptions_model.feedback_thread_ids, []) self.assertEqual(user_b_subscriptions_model.feedback_thread_ids, []) self.assertEqual(user_c_subscriptions_model, None)
def test_deletion_rights_for_published_exploration(self): """Test rights management for deletion of published explorations.""" PUBLISHED_EXP_ID = 'published_eid' exploration = exp_domain.Exploration.create_default_exploration( PUBLISHED_EXP_ID, 'A title', 'A category') exp_services.save_new_exploration(self.owner_id, exploration) rights_manager.assign_role( self.owner_id, PUBLISHED_EXP_ID, self.editor_id, rights_manager.ROLE_EDITOR) rights_manager.publish_exploration(self.owner_id, PUBLISHED_EXP_ID) self.login(self.EDITOR_EMAIL) response = self.testapp.delete( '/createhandler/data/%s' % PUBLISHED_EXP_ID, expect_errors=True) self.assertEqual(response.status_int, 401) self.logout() self.login(self.VIEWER_EMAIL) response = self.testapp.delete( '/createhandler/data/%s' % PUBLISHED_EXP_ID, expect_errors=True) self.assertEqual(response.status_int, 401) self.logout() self.login(self.OWNER_EMAIL) response = self.testapp.delete( '/createhandler/data/%s' % PUBLISHED_EXP_ID, expect_errors=True) self.assertEqual(response.status_int, 401) self.logout() self.login(self.ADMIN_EMAIL) response = self.testapp.delete( '/createhandler/data/%s' % PUBLISHED_EXP_ID) self.assertEqual(response.status_int, 200) self.logout()
def test_inviting_playtester(self): exp = exp_domain.Exploration.create_default_exploration( self.EXP_ID, 'A title', 'A category') exp_services.save_new_exploration(self.user_id_a, exp) self.assertFalse( rights_manager.Actor(self.user_id_b).can_play(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_view(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete(self.EXP_ID)) rights_manager.assign_role( self.user_id_a, self.EXP_ID, self.user_id_b, rights_manager.ROLE_VIEWER) self.assertTrue( rights_manager.Actor(self.user_id_b).can_play(self.EXP_ID)) self.assertTrue( rights_manager.Actor(self.user_id_b).can_view(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_edit(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).can_delete(self.EXP_ID))
def test_collaborators_can_see_explorations_on_dashboard(self): self.save_new_default_exploration( self.EXP_ID, self.OWNER_ID, title=self.EXP_TITLE) rights_manager.assign_role( self.OWNER_ID, self.EXP_ID, self.COLLABORATOR_ID, rights_manager.ROLE_EDITOR) self.set_admins([self.OWNER_EMAIL]) self.login(self.COLLABORATOR_EMAIL) response = self.get_json('/dashboardhandler/data') self.assertEqual(len(response['explorations']), 1) self.assertIn(self.EXP_ID, response['explorations']) self.assertEqual( response['explorations'][self.EXP_ID]['rights']['status'], rights_manager.EXPLORATION_STATUS_PRIVATE) rights_manager.publish_exploration(self.OWNER_ID, self.EXP_ID) response = self.get_json('/dashboardhandler/data') self.assertEqual(len(response['explorations']), 1) self.assertIn(self.EXP_ID, response['explorations']) self.assertEqual( response['explorations'][self.EXP_ID]['rights']['status'], rights_manager.EXPLORATION_STATUS_PUBLIC) rights_manager.publicize_exploration(self.OWNER_ID, self.EXP_ID) response = self.get_json('/dashboardhandler/data') self.assertEqual(len(response['explorations']), 1) self.assertIn(self.EXP_ID, response['explorations']) self.assertEqual( response['explorations'][self.EXP_ID]['rights']['status'], rights_manager.EXPLORATION_STATUS_PUBLICIZED) self.logout()
def test_collaborators_can_see_explorations(self): self.save_new_default_exploration( self.EXP_ID, self.owner_id, title=self.EXP_TITLE) rights_manager.assign_role( self.owner_id, self.EXP_ID, self.collaborator_id, rights_manager.ROLE_EDITOR) self.set_admins([self.OWNER_EMAIL]) self.login(self.COLLABORATOR_EMAIL) response = self.get_json(self.MY_EXPLORATIONS_DATA_URL) self.assertEqual(len(response['explorations_list']), 1) self.assertEqual( response['explorations_list'][0]['status'], rights_manager.EXPLORATION_STATUS_PRIVATE) rights_manager.publish_exploration(self.owner_id, self.EXP_ID) response = self.get_json(self.MY_EXPLORATIONS_DATA_URL) self.assertEqual(len(response['explorations_list']), 1) self.assertEqual( response['explorations_list'][0]['status'], rights_manager.EXPLORATION_STATUS_PUBLIC) rights_manager.publicize_exploration(self.owner_id, self.EXP_ID) response = self.get_json(self.MY_EXPLORATIONS_DATA_URL) self.assertEqual(len(response['explorations_list']), 1) self.assertEqual( response['explorations_list'][0]['status'], rights_manager.EXPLORATION_STATUS_PUBLICIZED) self.logout()
def test_get_editable_explorations_summary_dict(self): self.save_new_default_exploration(self.EXP_ID) rights_manager.assign_role( self.OWNER_ID, self.EXP_ID, self.EDITOR_ID, rights_manager.ROLE_EDITOR) exp_dict = { 'title': 'A title', 'category': 'A category', 'rights': { 'owner_names': [self.OWNER_NAME], 'editor_names': [self.EDITOR_NAME], 'viewer_names': [], 'community_owned': False, 'cloned_from': None, 'status': rights_manager.EXPLORATION_STATUS_PRIVATE } } self.assertEqual( exp_services.get_editable_explorations_summary_dict(self.OWNER_ID), {self.EXP_ID: exp_dict}) self.assertEqual( exp_services.get_editable_explorations_summary_dict( self.EDITOR_ID), {self.EXP_ID: exp_dict}) self.assertEqual( exp_services.get_editable_explorations_summary_dict( self.VIEWER_ID), {})
def test_community_owned_exploration(self): with self.swap( subscription_services, 'subscribe_to_thread', self._null_fn ), self.swap( subscription_services, 'subscribe_to_activity', self._null_fn): # User A adds user B as an editor to the exploration. rights_manager.assign_role( self.user_a_id, self.EXP_ID, self.user_b_id, rights_manager.ROLE_EDITOR) # The exploration becomes community-owned. rights_manager.publish_exploration(self.user_a_id, self.EXP_ID) rights_manager.release_ownership(self.user_a_id, self.EXP_ID) # User C edits the exploration. exp_services.update_exploration( self.user_c_id, self.EXP_ID, [], 'Update exploration') self._run_one_off_job() # User A and user B are subscribed to the exploration; user C is not. user_a_subscriptions_model = user_models.UserSubscriptionsModel.get( self.user_a_id) user_b_subscriptions_model = user_models.UserSubscriptionsModel.get( self.user_b_id) user_c_subscriptions_model = user_models.UserSubscriptionsModel.get( self.user_c_id, strict=False) self.assertEqual( user_a_subscriptions_model.activity_ids, [self.EXP_ID]) self.assertEqual( user_b_subscriptions_model.activity_ids, [self.EXP_ID]) self.assertEqual(user_c_subscriptions_model, None)
def test_deletion_rights_for_unpublished_exploration(self): """Test rights management for deletion of unpublished explorations.""" UNPUBLISHED_EXP_ID = 'unpublished_eid' exploration = exp_domain.Exploration.create_default_exploration( UNPUBLISHED_EXP_ID, 'A title', 'A category') exp_services.save_new_exploration(self.owner_id, exploration) rights_manager.assign_role( self.owner_id, UNPUBLISHED_EXP_ID, self.editor_id, rights_manager.ROLE_EDITOR) self.login(self.editor_email, is_admin=False) response = self.testapp.delete( '/createhandler/data/%s' % UNPUBLISHED_EXP_ID, expect_errors=True) self.assertEqual(response.status_int, 401) self.logout() self.login(self.viewer_email, is_admin=False) response = self.testapp.delete( '/createhandler/data/%s' % UNPUBLISHED_EXP_ID, expect_errors=True) self.assertEqual(response.status_int, 401) self.logout() self.login(self.owner_email, is_admin=False) response = self.testapp.delete( '/createhandler/data/%s' % UNPUBLISHED_EXP_ID) self.assertEqual(response.status_int, 200) self.logout()
def test_adding_new_viewer_role_does_not_result_in_subscription(self): EXP_ID = 'exp_id' exploration = exp_domain.Exploration.create_default_exploration( EXP_ID, 'Title', 'Category') exp_services.save_new_exploration(self.owner_id, exploration) self.assertEqual( self._get_activity_ids_subscribed_to(self.viewer_id), []) rights_manager.assign_role( self.owner_id, EXP_ID, self.viewer_id, rights_manager.ROLE_VIEWER) self.assertEqual( self._get_activity_ids_subscribed_to(self.viewer_id), [])
def test_ownership(self): exp = exp_domain.Exploration.create_default_exploration( self.EXP_ID, 'A title', 'A category') exp_services.save_new_exploration(self.user_id_a, exp) rights_manager.assign_role( self.user_id_a, self.EXP_ID, self.user_id_b, rights_manager.ROLE_EDITOR) self.assertTrue( rights_manager.Actor(self.user_id_a).is_owner(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_b).is_owner(self.EXP_ID)) self.assertFalse( rights_manager.Actor(self.user_id_admin).is_owner(self.EXP_ID))
def test_get_explicit_viewer_explorations_summary_dict(self): self.save_new_default_exploration(self.EXP_ID) rights_manager.assign_role( self.OWNER_ID, self.EXP_ID, self.VIEWER_ID, rights_manager.ROLE_VIEWER) self.assertEqual( exp_services.get_explicit_viewer_explorations_summary_dict( self.VIEWER_ID), { self.EXP_ID: { 'title': 'A title', 'category': 'A category', 'rights': { 'owner_names': [self.OWNER_NAME], 'editor_names': [], 'viewer_names': [self.VIEWER_NAME], 'community_owned': False, 'cloned_from': None, 'status': rights_manager.EXPLORATION_STATUS_PRIVATE } } } ) self.assertEqual( exp_services.get_explicit_viewer_explorations_summary_dict( self.EDITOR_ID), {}) self.assertEqual( exp_services.get_explicit_viewer_explorations_summary_dict( self.OWNER_ID), {}) # Set the exploration's status to published. This removes all viewer # ids. rights_manager.publish_exploration(self.OWNER_ID, self.EXP_ID) self.assertEqual( exp_services.get_explicit_viewer_explorations_summary_dict( self.VIEWER_ID), {}) self.assertEqual( exp_services.get_explicit_viewer_explorations_summary_dict( self.EDITOR_ID), {}) self.assertEqual( exp_services.get_explicit_viewer_explorations_summary_dict( self.OWNER_ID), {})
def test_adding_new_owner_or_editor_role_results_in_subscription(self): EXP_ID = 'exp_id' exploration = exp_domain.Exploration.create_default_exploration( EXP_ID, 'Title', 'Category') exp_services.save_new_exploration(self.owner_id, exploration) self.assertEqual( self._get_activity_ids_subscribed_to(self.owner_2_id), []) rights_manager.assign_role( self.owner_id, EXP_ID, self.owner_2_id, rights_manager.ROLE_OWNER) self.assertEqual( self._get_activity_ids_subscribed_to(self.owner_2_id), [EXP_ID]) self.assertEqual( self._get_activity_ids_subscribed_to(self.editor_id), []) rights_manager.assign_role( self.owner_id, EXP_ID, self.editor_id, rights_manager.ROLE_EDITOR) self.assertEqual( self._get_activity_ids_subscribed_to(self.editor_id), [EXP_ID])
def test_viewer_cannot_see_explorations(self): self.save_new_default_exploration( self.EXP_ID, self.owner_id, title=self.EXP_TITLE) rights_manager.assign_role( self.owner_id, self.EXP_ID, self.viewer_id, rights_manager.ROLE_VIEWER) self.set_admins([self.OWNER_EMAIL]) self.login(self.VIEWER_EMAIL) response = self.get_json(self.MY_EXPLORATIONS_DATA_URL) self.assertEqual(response['explorations_list'], []) rights_manager.publish_exploration(self.owner_id, self.EXP_ID) response = self.get_json(self.MY_EXPLORATIONS_DATA_URL) self.assertEqual(response['explorations_list'], []) rights_manager.publicize_exploration(self.owner_id, self.EXP_ID) response = self.get_json(self.MY_EXPLORATIONS_DATA_URL) self.assertEqual(response['explorations_list'], []) self.logout()
def test_viewer_cannot_see_explorations_on_dashboard(self): self.save_new_default_exploration( self.EXP_ID, self.OWNER_ID, title=self.EXP_TITLE) rights_manager.assign_role( self.OWNER_ID, self.EXP_ID, self.VIEWER_ID, rights_manager.ROLE_VIEWER) self.login(self.VIEWER_EMAIL) response = self.get_json('/dashboardhandler/data') self.assertEqual(response['explorations'], {}) rights_manager.publish_exploration(self.OWNER_ID, self.EXP_ID) response = self.get_json('/dashboardhandler/data') self.assertEqual(response['explorations'], {}) self.set_admins([self.OWNER_EMAIL]) rights_manager.publicize_exploration(self.OWNER_ID, self.EXP_ID) response = self.get_json('/dashboardhandler/data') self.assertEqual(response['explorations'], {}) self.logout()
def test_deletion_rights_for_unpublished_exploration(self): """Test rights management for deletion of unpublished explorations.""" UNPUBLISHED_EXP_ID = "unpublished_eid" exploration = exp_domain.Exploration.create_default_exploration(UNPUBLISHED_EXP_ID, "A title", "A category") exp_services.save_new_exploration(self.owner_id, exploration) rights_manager.assign_role(self.owner_id, UNPUBLISHED_EXP_ID, self.editor_id, rights_manager.ROLE_EDITOR) self.login(self.EDITOR_EMAIL) response = self.testapp.delete("/createhandler/data/%s" % UNPUBLISHED_EXP_ID, expect_errors=True) self.assertEqual(response.status_int, 401) self.logout() self.login(self.VIEWER_EMAIL) response = self.testapp.delete("/createhandler/data/%s" % UNPUBLISHED_EXP_ID, expect_errors=True) self.assertEqual(response.status_int, 401) self.logout() self.login(self.OWNER_EMAIL) response = self.testapp.delete("/createhandler/data/%s" % UNPUBLISHED_EXP_ID) self.assertEqual(response.status_int, 200) self.logout()
def put(self, exploration_id): """Updates the editing rights for the given exploration.""" exploration = exp_services.get_exploration_by_id(exploration_id) version = self.payload.get('version') _require_valid_version(version, exploration.version) is_public = self.payload.get('is_public') is_publicized = self.payload.get('is_publicized') is_community_owned = self.payload.get('is_community_owned') new_member_email = self.payload.get('new_member_email') new_member_role = self.payload.get('new_member_role') if new_member_email: if not rights_manager.Actor( self.user_id).can_modify_roles(exploration_id): raise self.UnauthorizedUserException( 'Only an owner of this exploration can add or change ' 'roles.') new_member_id = user_services.get_user_id_from_email( new_member_email) if new_member_id is None: raise Exception( 'Sorry, we could not find a user with this email address.') user_services.get_or_create_user(new_member_id, new_member_email) rights_manager.assign_role(self.user_id, exploration_id, new_member_id, new_member_role) elif is_public is not None: exploration = exp_services.get_exploration_by_id(exploration_id) if is_public: try: exploration.validate(strict=True) except utils.ValidationError as e: raise self.InvalidInputException(e) rights_manager.publish_exploration(self.user_id, exploration_id) else: rights_manager.unpublish_exploration(self.user_id, exploration_id) elif is_publicized is not None: exploration = exp_services.get_exploration_by_id(exploration_id) if is_publicized: try: exploration.validate(strict=True) except utils.ValidationError as e: raise self.InvalidInputException(e) rights_manager.publicize_exploration(self.user_id, exploration_id) else: rights_manager.unpublicize_exploration(self.user_id, exploration_id) elif is_community_owned: exploration = exp_services.get_exploration_by_id(exploration_id) try: exploration.validate(strict=True) except utils.ValidationError as e: raise self.InvalidInputException(e) rights_manager.release_ownership(self.user_id, exploration_id) else: raise self.InvalidInputException( 'No change was made to this exploration.') self.render_json({ 'rights': rights_manager.get_exploration_rights(exploration_id).to_dict() })
def test_setting_rights(self): exp = exp_domain.Exploration.create_default_exploration( self.EXP_ID, 'A title', 'A category') exp_services.save_new_exploration(self.user_id_a, exp) rights_manager.assign_role( self.user_id_a, self.EXP_ID, self.user_id_b, rights_manager.ROLE_VIEWER) with self.assertRaisesRegexp(Exception, 'Could not assign new role.'): rights_manager.assign_role( self.user_id_b, self.EXP_ID, self.user_id_c, rights_manager.ROLE_VIEWER) rights_manager.assign_role( self.user_id_a, self.EXP_ID, self.user_id_b, rights_manager.ROLE_EDITOR) with self.assertRaisesRegexp(Exception, 'Could not assign new role.'): rights_manager.assign_role( self.user_id_b, self.EXP_ID, self.user_id_c, rights_manager.ROLE_VIEWER) rights_manager.assign_role( self.user_id_a, self.EXP_ID, self.user_id_b, rights_manager.ROLE_OWNER) rights_manager.assign_role( self.user_id_b, self.EXP_ID, self.user_id_c, rights_manager.ROLE_OWNER) rights_manager.assign_role( self.user_id_b, self.EXP_ID, self.user_id_d, rights_manager.ROLE_EDITOR) rights_manager.assign_role( self.user_id_b, self.EXP_ID, self.user_id_e, rights_manager.ROLE_VIEWER)
def put(self, exploration_id): """Updates the editing rights for the given exploration.""" exploration = exp_services.get_exploration_by_id(exploration_id) version = self.payload.get('version') _require_valid_version(version, exploration.version) is_public = self.payload.get('is_public') is_publicized = self.payload.get('is_publicized') is_community_owned = self.payload.get('is_community_owned') new_member_username = self.payload.get('new_member_username') new_member_role = self.payload.get('new_member_role') viewable_if_private = self.payload.get('viewable_if_private') if new_member_username: if not rights_manager.Actor( self.user_id).can_modify_roles(exploration_id): raise self.UnauthorizedUserException( 'Only an owner of this exploration can add or change ' 'roles.') new_member_id = user_services.get_user_id_from_username( new_member_username) if new_member_id is None: raise Exception('Sorry, we could not find the specified user.') rights_manager.assign_role(self.user_id, exploration_id, new_member_id, new_member_role) elif is_public is not None: exploration = exp_services.get_exploration_by_id(exploration_id) if is_public: try: exploration.validate(strict=True) except utils.ValidationError as e: raise self.InvalidInputException(e) rights_manager.publish_exploration(self.user_id, exploration_id) exp_services.index_explorations_given_ids([exploration_id]) else: rights_manager.unpublish_exploration(self.user_id, exploration_id) exp_services.delete_documents_from_search_index( [exploration_id]) elif is_publicized is not None: exploration = exp_services.get_exploration_by_id(exploration_id) if is_publicized: try: exploration.validate(strict=True) except utils.ValidationError as e: raise self.InvalidInputException(e) rights_manager.publicize_exploration(self.user_id, exploration_id) else: rights_manager.unpublicize_exploration(self.user_id, exploration_id) elif is_community_owned: exploration = exp_services.get_exploration_by_id(exploration_id) try: exploration.validate(strict=True) except utils.ValidationError as e: raise self.InvalidInputException(e) rights_manager.release_ownership(self.user_id, exploration_id) elif viewable_if_private is not None: rights_manager.set_private_viewability(self.user_id, exploration_id, viewable_if_private) else: raise self.InvalidInputException( 'No change was made to this exploration.') self.render_json({ 'rights': rights_manager.get_exploration_rights(exploration_id).to_dict() })
def test_subscribing_to_exp_subscribes_to_its_feedback_threads(self): with self.swap(jobs_registry, 'ALL_CONTINUOUS_COMPUTATION_MANAGERS', self.ALL_CONTINUOUS_COMPUTATION_MANAGERS_FOR_TESTS): EXP_ID = 'eid' EXP_TITLE = 'Title' FEEDBACK_THREAD_SUBJECT = 'feedback thread subject' USER_A_EMAIL = '*****@*****.**' USER_A_USERNAME = '******' self.signup(USER_A_EMAIL, USER_A_USERNAME) user_a_id = self.get_user_id_from_email(USER_A_EMAIL) USER_B_EMAIL = '*****@*****.**' USER_B_USERNAME = '******' self.signup(USER_B_EMAIL, USER_B_USERNAME) user_b_id = self.get_user_id_from_email(USER_B_EMAIL) # User A creates an exploration. self.save_new_valid_exploration(EXP_ID, user_a_id, title=EXP_TITLE, category='Category') exp_last_updated_ms = utils.get_time_in_millisecs( exp_services.get_exploration_by_id(EXP_ID).last_updated) # User B starts a feedback thread. feedback_services.create_thread(EXP_ID, None, user_b_id, FEEDBACK_THREAD_SUBJECT, 'text') thread_id = ( feedback_services.get_threadlist(EXP_ID)[0]['thread_id']) message = feedback_services.get_messages(thread_id)[0] # User A adds user B as an editor of the exploration. rights_manager.assign_role(user_a_id, EXP_ID, user_b_id, rights_manager.ROLE_EDITOR) ModifiedRecentUpdatesAggregator.start_computation() self.assertEqual( self.count_jobs_in_taskqueue( queue_name=taskqueue_services.QUEUE_NAME_DEFAULT), 1) self.process_and_flush_pending_tasks() recent_notifications_for_user_a = ( ModifiedRecentUpdatesAggregator.get_recent_notifications( user_a_id)[1]) recent_notifications_for_user_b = ( ModifiedRecentUpdatesAggregator.get_recent_notifications( user_b_id)[1]) expected_feedback_thread_notification_dict = { 'activity_id': EXP_ID, 'activity_title': EXP_TITLE, 'author_id': user_b_id, 'last_updated_ms': message['created_on'], 'subject': FEEDBACK_THREAD_SUBJECT, 'type': feconf.UPDATE_TYPE_FEEDBACK_MESSAGE, } expected_exploration_created_notification_dict = ( self._get_expected_exploration_created_dict( user_a_id, EXP_ID, EXP_TITLE, exp_last_updated_ms)) # User A sees A's commit and B's feedback thread. self.assertEqual(recent_notifications_for_user_a, [ expected_feedback_thread_notification_dict, expected_exploration_created_notification_dict ]) # User B sees A's commit and B's feedback thread. self.assertEqual(recent_notifications_for_user_b, [ expected_feedback_thread_notification_dict, expected_exploration_created_notification_dict, ])
def put(self, exploration_id): """Updates the editing rights for the given exploration.""" exploration = exp_services.get_exploration_by_id(exploration_id) version = self.payload.get('version') _require_valid_version(version, exploration.version) is_public = self.payload.get('is_public') is_publicized = self.payload.get('is_publicized') is_community_owned = self.payload.get('is_community_owned') new_member_username = self.payload.get('new_member_username') new_member_role = self.payload.get('new_member_role') viewable_if_private = self.payload.get('viewable_if_private') if new_member_username: if not rights_manager.Actor(self.user_id).can_modify_roles( exploration_id): raise self.UnauthorizedUserException( 'Only an owner of this exploration can add or change ' 'roles.') new_member_id = user_services.get_user_id_from_username( new_member_username) if new_member_id is None: raise Exception( 'Sorry, we could not find the specified user.') rights_manager.assign_role( self.user_id, exploration_id, new_member_id, new_member_role) elif is_public is not None: exploration = exp_services.get_exploration_by_id(exploration_id) if is_public: try: exploration.validate(strict=True) except utils.ValidationError as e: raise self.InvalidInputException(e) rights_manager.publish_exploration( self.user_id, exploration_id) exp_services.index_explorations_given_ids([exploration_id]) else: rights_manager.unpublish_exploration( self.user_id, exploration_id) exp_services.delete_documents_from_search_index([ exploration_id]) elif is_publicized is not None: exploration = exp_services.get_exploration_by_id(exploration_id) if is_publicized: try: exploration.validate(strict=True) except utils.ValidationError as e: raise self.InvalidInputException(e) rights_manager.publicize_exploration( self.user_id, exploration_id) else: rights_manager.unpublicize_exploration( self.user_id, exploration_id) elif is_community_owned: exploration = exp_services.get_exploration_by_id(exploration_id) try: exploration.validate(strict=True) except utils.ValidationError as e: raise self.InvalidInputException(e) rights_manager.release_ownership(self.user_id, exploration_id) elif viewable_if_private is not None: rights_manager.set_private_viewability( self.user_id, exploration_id, viewable_if_private) else: raise self.InvalidInputException( 'No change was made to this exploration.') self.render_json({ 'rights': rights_manager.get_exploration_rights( exploration_id).to_dict() })
def put(self, exploration_id): """Updates the editing rights for the given exploration.""" exploration = exp_services.get_exploration_by_id(exploration_id) version = self.payload.get('version') _require_valid_version(version, exploration.version) is_public = self.payload.get('is_public') is_publicized = self.payload.get('is_publicized') is_community_owned = self.payload.get('is_community_owned') new_member_email = self.payload.get('new_member_email') new_member_role = self.payload.get('new_member_role') if new_member_email: if not rights_manager.Actor(self.user_id).can_modify_roles( exploration_id): raise self.UnauthorizedUserException( 'Only an owner of this exploration can add or change ' 'roles.') new_member_id = user_services.get_user_id_from_email( new_member_email) if new_member_id is None: raise Exception( 'Sorry, we could not find a user with this email address.') user_services.get_or_create_user(new_member_id, new_member_email) rights_manager.assign_role( self.user_id, exploration_id, new_member_id, new_member_role) elif is_public is not None: exploration = exp_services.get_exploration_by_id(exploration_id) if is_public: try: exploration.validate(strict=True) except utils.ValidationError as e: raise self.InvalidInputException(e) rights_manager.publish_exploration( self.user_id, exploration_id) else: rights_manager.unpublish_exploration( self.user_id, exploration_id) elif is_publicized is not None: exploration = exp_services.get_exploration_by_id(exploration_id) if is_publicized: try: exploration.validate(strict=True) except utils.ValidationError as e: raise self.InvalidInputException(e) rights_manager.publicize_exploration( self.user_id, exploration_id) else: rights_manager.unpublicize_exploration( self.user_id, exploration_id) elif is_community_owned: exploration = exp_services.get_exploration_by_id(exploration_id) try: exploration.validate(strict=True) except utils.ValidationError as e: raise self.InvalidInputException(e) rights_manager.release_ownership(self.user_id, exploration_id) else: raise self.InvalidInputException( 'No change was made to this exploration.') self.render_json({ 'rights': rights_manager.get_exploration_rights( exploration_id).to_dict() })
def test_subscribing_to_exp_subscribes_to_its_feedback_threads(self): with self.swap( jobs_registry, 'ALL_CONTINUOUS_COMPUTATION_MANAGERS', self.ALL_CONTINUOUS_COMPUTATION_MANAGERS_FOR_TESTS): EXP_ID = 'eid' EXP_TITLE = 'Title' FEEDBACK_THREAD_SUBJECT = 'feedback thread subject' USER_A_EMAIL = '*****@*****.**' USER_A_USERNAME = '******' self.signup(USER_A_EMAIL, USER_A_USERNAME) user_a_id = self.get_user_id_from_email(USER_A_EMAIL) USER_B_EMAIL = '*****@*****.**' USER_B_USERNAME = '******' self.signup(USER_B_EMAIL, USER_B_USERNAME) user_b_id = self.get_user_id_from_email(USER_B_EMAIL) # User A creates an exploration. self.save_new_valid_exploration( EXP_ID, user_a_id, title=EXP_TITLE, category='Category') exp_last_updated_ms = utils.get_time_in_millisecs( exp_services.get_exploration_by_id(EXP_ID).last_updated) # User B starts a feedback thread. feedback_services.create_thread( EXP_ID, None, user_b_id, FEEDBACK_THREAD_SUBJECT, 'text') thread_id = ( feedback_services.get_threadlist(EXP_ID)[0]['thread_id']) message = feedback_services.get_messages(thread_id)[0] # User A adds user B as an editor of the exploration. rights_manager.assign_role( user_a_id, EXP_ID, user_b_id, rights_manager.ROLE_EDITOR) ModifiedRecentUpdatesAggregator.start_computation() self.assertEqual( self.count_jobs_in_taskqueue( queue_name=taskqueue_services.QUEUE_NAME_DEFAULT), 1) self.process_and_flush_pending_tasks() recent_notifications_for_user_a = ( ModifiedRecentUpdatesAggregator.get_recent_notifications( user_a_id)[1]) recent_notifications_for_user_b = ( ModifiedRecentUpdatesAggregator.get_recent_notifications( user_b_id)[1]) expected_feedback_thread_notification_dict = { 'activity_id': EXP_ID, 'activity_title': EXP_TITLE, 'author_id': user_b_id, 'last_updated_ms': message['created_on'], 'subject': FEEDBACK_THREAD_SUBJECT, 'type': feconf.UPDATE_TYPE_FEEDBACK_MESSAGE, } expected_exploration_created_notification_dict = ( self._get_expected_exploration_created_dict( user_a_id, EXP_ID, EXP_TITLE, exp_last_updated_ms)) # User A sees A's commit and B's feedback thread. self.assertEqual(recent_notifications_for_user_a, [ expected_feedback_thread_notification_dict, expected_exploration_created_notification_dict ]) # User B sees A's commit and B's feedback thread. self.assertEqual(recent_notifications_for_user_b, [ expected_feedback_thread_notification_dict, expected_exploration_created_notification_dict, ])