def test_newly_created_collection(self): self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a) self.assertListEqual( ['A'], rights_manager.get_collection_owner_names( self.COLLECTION_ID)) collection_rights = rights_manager.get_collection_rights( self.COLLECTION_ID) self.assertTrue(rights_manager.check_can_access_activity( self.user_a, collection_rights)) self.assertTrue(rights_manager.check_can_edit_activity( self.user_a, collection_rights)) self.assertTrue(rights_manager.check_can_delete_activity( self.user_a, collection_rights)) self.assertTrue(rights_manager.check_can_access_activity( self.user_admin, collection_rights)) self.assertTrue(rights_manager.check_can_edit_activity( self.user_admin, collection_rights)) self.assertTrue(rights_manager.check_can_delete_activity( self.user_admin, collection_rights)) self.assertTrue(rights_manager.check_can_access_activity( self.user_moderator, collection_rights)) self.assertFalse(rights_manager.check_can_edit_activity( self.user_moderator, collection_rights)) self.assertFalse(rights_manager.check_can_delete_activity( self.user_moderator, collection_rights)) self.assertFalse(rights_manager.check_can_access_activity( self.user_b, collection_rights)) self.assertFalse(rights_manager.check_can_edit_activity( self.user_b, collection_rights)) self.assertFalse(rights_manager.check_can_delete_activity( self.user_b, collection_rights))
def test_inviting_collaborator_to_collection(self): self.save_new_valid_collection( self.COLLECTION_ID, self.user_id_a, exploration_id=self.EXP_ID_FOR_COLLECTION) collection_rights = rights_manager.get_collection_rights( self.COLLECTION_ID) # Verify initial editor permissions for the collection. self.assertTrue(rights_manager.check_can_access_activity( self.user_a, collection_rights)) self.assertTrue(rights_manager.check_can_edit_activity( self.user_a, collection_rights)) # Verify initial editor permissions for the exploration within the # collection. self.assertFalse(rights_manager.check_can_access_activity( self.user_b, collection_rights)) self.assertFalse(rights_manager.check_can_edit_activity( self.user_b, collection_rights)) # User A adds user B to the collection as an editor. rights_manager.assign_role_for_collection( self.user_a, self.COLLECTION_ID, self.user_id_b, rights_manager.ROLE_EDITOR) # Ensure User A is the only user in the owner names list. self.assertListEqual( ['A'], rights_manager.get_collection_owner_names( self.COLLECTION_ID)) collection_rights = rights_manager.get_collection_rights( self.COLLECTION_ID) # Ensure User B is now an editor of the collection. self.assertTrue(rights_manager.check_can_access_activity( self.user_b, collection_rights)) self.assertTrue(rights_manager.check_can_edit_activity( self.user_b, collection_rights)) self.assertFalse(rights_manager.check_can_delete_activity( self.user_b, collection_rights)) exp_for_collection_rights = rights_manager.get_exploration_rights( self.EXP_ID_FOR_COLLECTION) # Ensure User B is not an editor of the exploration within the # collection. self.assertFalse(rights_manager.check_can_access_activity( self.user_b, exp_for_collection_rights)) self.assertFalse(rights_manager.check_can_edit_activity( self.user_b, exp_for_collection_rights))
def get(self, exploration_id): """Handles GET requests.""" exploration_rights = rights_manager.get_exploration_rights( exploration_id) interaction_ids = ( interaction_registry.Registry.get_all_interaction_ids()) interaction_dependency_ids = ( interaction_registry.Registry.get_deduplicated_dependency_ids( interaction_ids)) dependencies_html, additional_angular_modules = ( dependency_registry.Registry.get_deps_html_and_angular_modules( interaction_dependency_ids + self.EDITOR_PAGE_DEPENDENCY_IDS)) self.values.update({ 'INTERACTION_SPECS': interaction_registry.Registry.get_all_specs(), 'additional_angular_modules': additional_angular_modules, 'can_delete': rights_manager.check_can_delete_activity(self.user, exploration_rights), 'can_edit': rights_manager.check_can_edit_activity(self.user, exploration_rights), 'can_modify_roles': (rights_manager.check_can_modify_activity_roles( self.user, exploration_rights)), 'can_publish': rights_manager.check_can_publish_activity(self.user, exploration_rights), 'can_release_ownership': (rights_manager.check_can_release_ownership( self.user, exploration_rights)), 'can_voiceover': (rights_manager.check_can_voiceover_activity( self.user, exploration_rights)), 'can_unpublish': rights_manager.check_can_unpublish_activity( self.user, exploration_rights), 'dependencies_html': jinja2.utils.Markup(dependencies_html), 'meta_description': feconf.CREATE_PAGE_DESCRIPTION, }) self.render_template('dist/exploration-editor-page.mainpage.html')
def test_can_delete(self, exploration_id, **kwargs): """Checks if the user can delete the exploration. Args: exploration_id: str. The exploration id. """ if not self.user_id: raise base.UserFacingExceptions.NotLoggedInException exploration_rights = rights_manager.get_exploration_rights( exploration_id, strict=False) if rights_manager.check_can_delete_activity(self.user, exploration_rights): return handler(self, exploration_id, **kwargs) else: raise base.UserFacingExceptions.UnauthorizedUserException( 'User %s does not have permissions to delete exploration %s' % (self.user_id, exploration_id))
def get(self, exploration_id): """Gets the user permissions for an exploration.""" exploration_rights = rights_manager.get_exploration_rights( exploration_id) self.values.update({ 'can_delete': rights_manager.check_can_delete_activity( self.user, exploration_rights), 'can_edit': rights_manager.check_can_edit_activity( self.user, exploration_rights), 'can_modify_roles': ( rights_manager.check_can_modify_activity_roles( self.user, exploration_rights)), 'can_publish': rights_manager.check_can_publish_activity( self.user, exploration_rights), 'can_release_ownership': ( rights_manager.check_can_release_ownership( self.user, exploration_rights)), 'can_voiceover': ( rights_manager.check_can_voiceover_activity( self.user, exploration_rights)), 'can_unpublish': rights_manager.check_can_unpublish_activity( self.user, exploration_rights), }) self.render_json(self.values)
def get(self, exploration_id): """Handles GET requests.""" if exploration_id in constants.DISABLED_EXPLORATION_IDS: self.render_template('pages/error/disabled_exploration.html', iframe_restriction=None) return (exploration, exploration_rights) = ( exp_services.get_exploration_and_exploration_rights_by_id( exploration_id)) visualizations_html = visualization_registry.Registry.get_full_html() interaction_ids = ( interaction_registry.Registry.get_all_interaction_ids()) interaction_dependency_ids = ( interaction_registry.Registry.get_deduplicated_dependency_ids( interaction_ids)) dependencies_html, additional_angular_modules = ( dependency_registry.Registry.get_deps_html_and_angular_modules( interaction_dependency_ids + self.EDITOR_PAGE_DEPENDENCY_IDS)) interaction_templates = (interaction_registry.Registry. get_interaction_html(interaction_ids)) self.values.update({ 'INTERACTION_SPECS': interaction_registry.Registry.get_all_specs(), 'DEFAULT_OBJECT_VALUES': obj_services.get_default_object_values(), 'DEFAULT_TWITTER_SHARE_MESSAGE_EDITOR': (DEFAULT_TWITTER_SHARE_MESSAGE_EDITOR.value), 'additional_angular_modules': additional_angular_modules, 'can_delete': rights_manager.check_can_delete_activity(self.user, exploration_rights), 'can_edit': rights_manager.check_can_edit_activity(self.user, exploration_rights), 'can_modify_roles': (rights_manager.check_can_modify_activity_roles( self.user, exploration_rights)), 'can_publish': rights_manager.check_can_publish_activity(self.user, exploration_rights), 'can_release_ownership': (rights_manager.check_can_release_ownership( self.user, exploration_rights)), 'can_unpublish': rights_manager.check_can_unpublish_activity( self.user, exploration_rights), 'dependencies_html': jinja2.utils.Markup(dependencies_html), 'interaction_templates': jinja2.utils.Markup(interaction_templates), 'meta_description': feconf.CREATE_PAGE_DESCRIPTION, 'nav_mode': feconf.NAV_MODE_CREATE, 'value_generators_js': jinja2.utils.Markup(get_value_generators_js()), 'title': exploration.title, 'visualizations_html': jinja2.utils.Markup(visualizations_html), 'ALLOWED_INTERACTION_CATEGORIES': (feconf.ALLOWED_INTERACTION_CATEGORIES), 'INVALID_PARAMETER_NAMES': feconf.INVALID_PARAMETER_NAMES, 'NEW_STATE_TEMPLATE': NEW_STATE_TEMPLATE, 'SHOW_TRAINABLE_UNRESOLVED_ANSWERS': (feconf.SHOW_TRAINABLE_UNRESOLVED_ANSWERS), 'TAG_REGEX': feconf.TAG_REGEX, }) self.render_template( 'pages/exploration_editor/exploration_editor.html', redirect_url_on_logout=( '%s/%s' % (feconf.EDITOR_URL_PREFIX, exploration_id)))
def test_check_cannot_delete_activity_with_no_activity_rights(self): self.assertFalse( rights_manager.check_can_delete_activity(self.owner, None))
def get(self, exploration_id): """Handles GET requests.""" exploration_rights = rights_manager.get_exploration_rights( exploration_id) interaction_ids = ( interaction_registry.Registry.get_all_interaction_ids()) interaction_dependency_ids = ( interaction_registry.Registry.get_deduplicated_dependency_ids( interaction_ids)) dependencies_html, additional_angular_modules = ( dependency_registry.Registry.get_deps_html_and_angular_modules( interaction_dependency_ids + self.EDITOR_PAGE_DEPENDENCY_IDS)) interaction_templates = (interaction_registry.Registry. get_interaction_html(interaction_ids)) self.values.update({ 'INTERACTION_SPECS': interaction_registry.Registry.get_all_specs(), 'DEFAULT_OBJECT_VALUES': obj_services.get_default_object_values(), 'DEFAULT_TWITTER_SHARE_MESSAGE_EDITOR': (DEFAULT_TWITTER_SHARE_MESSAGE_EDITOR.value), 'additional_angular_modules': additional_angular_modules, 'can_delete': rights_manager.check_can_delete_activity(self.user, exploration_rights), 'can_edit': rights_manager.check_can_edit_activity(self.user, exploration_rights), 'can_modify_roles': (rights_manager.check_can_modify_activity_roles( self.user, exploration_rights)), 'can_publish': rights_manager.check_can_publish_activity(self.user, exploration_rights), 'can_release_ownership': (rights_manager.check_can_release_ownership( self.user, exploration_rights)), 'can_voiceover': (rights_manager.check_can_voiceover_activity( self.user, exploration_rights)), 'can_unpublish': rights_manager.check_can_unpublish_activity( self.user, exploration_rights), 'dependencies_html': jinja2.utils.Markup(dependencies_html), 'interaction_templates': jinja2.utils.Markup(interaction_templates), 'meta_description': feconf.CREATE_PAGE_DESCRIPTION, 'INVALID_PARAMETER_NAMES': feconf.INVALID_PARAMETER_NAMES, 'SHOW_TRAINABLE_UNRESOLVED_ANSWERS': (feconf.SHOW_TRAINABLE_UNRESOLVED_ANSWERS), 'TAG_REGEX': feconf.TAG_REGEX, }) self.render_template('dist/exploration-editor-page.mainpage.html')