def test_refresh_user_course_permissions_with_missing_permissions(self): """ If the authorization backend fails to return course permission data, a warning should be logged and the users should be assumed to have no course permissions. """ G(UserSocialAuth, user=self.user, provider='edx-oidc', extra_data={'access_token': '1234'}) # Make sure the cache is completely empty cache.clear() with LogCapture(level=logging.WARN) as l: # Refresh permissions actual = permissions.refresh_user_course_permissions(self.user) # Verify the correct permissions were returned self.assertListEqual(actual, []) # Verify the warning was logged l.check(( 'courses.permissions', 'WARNING', 'Authorization server did not return course permissions. Defaulting to no course access.' ), )
def test_refresh_user_course_permissions(self): """ Verify course permissions are refreshed from the auth server. """ courses = [self.course_id] # Make sure the cache is completely empty cache.clear() # If user is not associated with the edX OIDC backend, an exception should be raised. self.assertRaises(UserNotAssociatedWithBackendError, permissions.refresh_user_course_permissions, self.user) # Add backend association usa = G(UserSocialAuth, user=self.user, provider='edx-oidc', extra_data={}) # An empty access token should raise an error self.assertRaises(InvalidAccessTokenError, permissions.refresh_user_course_permissions, self.user) # Set the access token usa.extra_data = {'access_token': '1234'} usa.save() # Refreshing the permissions should populate the cache and return the updated permissions actual = permissions.refresh_user_course_permissions(self.user) self.assertListEqual(list(actual), courses) # Verify the courses are stored in the cache permissions_key = 'course_permissions_{}'.format(self.user.pk) self.assertListEqual(cache.get(permissions_key), courses) # Verify the updated time is stored in the cache update_key = 'course_permissions_updated_at_{}'.format(self.user.pk) self.assertIsNotNone(cache.get(update_key)) # Sanity check: verify the user can view the course self.assertTrue( permissions.user_can_view_course(self.user, self.course_id))
def test_refresh_user_course_permissions_with_missing_permissions(self): """ If the authorization backend fails to return course permission data, a warning should be logged and the users should be assumed to have no course permissions. """ G(UserSocialAuth, user=self.user, provider='edx-oidc', extra_data={'access_token': '1234'}) # Make sure the cache is completely empty cache.clear() with LogCapture(level=logging.WARN) as l: # Refresh permissions actual = permissions.refresh_user_course_permissions(self.user) # Verify the correct permissions were returned self.assertListEqual(actual, []) # Verify the warning was logged l.check(('courses.permissions', 'WARNING', 'Authorization server did not return course permissions. Defaulting to no course access.'), )
def test_refresh_user_course_permissions(self): """ Verify course permissions are refreshed from the auth server. """ courses = [self.course_id] # Make sure the cache is completely empty cache.clear() # If user is not associated with the edX OIDC backend, an exception should be raised. self.assertRaises(UserNotAssociatedWithBackendError, permissions.refresh_user_course_permissions, self.user) # Add backend association usa = G(UserSocialAuth, user=self.user, provider='edx-oidc', extra_data={}) # An empty access token should raise an error self.assertRaises(InvalidAccessTokenError, permissions.refresh_user_course_permissions, self.user) # Set the access token usa.extra_data = {'access_token': '1234'} usa.save() # Refreshing the permissions should populate the cache and return the updated permissions actual = permissions.refresh_user_course_permissions(self.user) self.assertListEqual(list(actual), courses) # Verify the courses are stored in the cache permissions_key = 'course_permissions_{}'.format(self.user.pk) self.assertListEqual(cache.get(permissions_key), courses) # Verify the updated time is stored in the cache update_key = 'course_permissions_updated_at_{}'.format(self.user.pk) self.assertIsNotNone(cache.get(update_key)) # Sanity check: verify the user can view the course self.assertTrue(permissions.user_can_view_course(self.user, self.course_id))