def test_accordion_state(self): """ Verify the accordion remembers which chapter you were last viewing. """ email, password = self.STUDENT_INFO[0] self.login(email, password) self.enroll(self.course, True) self.enroll(self.test_course, True) # Now we directly navigate to a section in a chapter other than 'Overview'. check_for_get_code(self, 200, reverse( 'courseware_section', kwargs={ 'course_id': self.course.id.to_deprecated_string(), 'chapter': 'factory_chapter', 'section': 'factory_section' } )) # And now hitting the courseware tab should redirect to 'factory_chapter' resp = self.client.get(reverse('courseware', kwargs={'course_id': self.course.id.to_deprecated_string()})) self.assertRedirects(resp, reverse('courseware_chapter', kwargs={'course_id': self.course.id.to_deprecated_string(), 'chapter': 'factory_chapter'}))
def _check_non_staff_light(self, course): """ Check that non-staff have access to light urls. `course` is an instance of CourseDescriptor. """ urls = [reverse('about_course', kwargs={'course_id': course.id}), reverse('courses')] for url in urls: check_for_get_code(self, 200, url)
def test_access(self): """ Make sure only staff have access. """ self.login(self.student, self.password) # both get and post should return 404 for view_name in ("staff_grading_get_next", "staff_grading_save_grade"): url = reverse(view_name, kwargs={"course_id": self.course_id.to_deprecated_string()}) check_for_get_code(self, 404, url) check_for_post_code(self, 404, url)
def test_access(self): """ Make sure only staff have access. """ self.login(self.student, self.password) # both get and post should return 404 for view_name in ('staff_grading_get_next', 'staff_grading_save_grade'): url = reverse(view_name, kwargs={'course_id': self.course_id}) check_for_get_code(self, 404, url) check_for_post_code(self, 404, url)
def test_global_staff_access(self): """ Verify the global staff user can access any course. """ self.login(self.global_staff_user) # and now should be able to load both urls = [reverse('instructor_dashboard', kwargs={'course_id': self.course.id}), reverse('instructor_dashboard', kwargs={'course_id': self.test_course.id})] for url in urls: check_for_get_code(self, 200, url)
def test_instructor_course_access(self): """ Verify instructor can load the instructor dashboard, the grade views, and student profile pages for their course. """ self.login(self.instructor_user) # Now should be able to get to self.course, but not self.test_course url = reverse('instructor_dashboard', kwargs={'course_id': self.course.id}) check_for_get_code(self, 200, url) url = reverse('instructor_dashboard', kwargs={'course_id': self.test_course.id}) check_for_get_code(self, 404, url)
def test_instructor_page_access_nonstaff(self): """ Verify non-staff cannot load the instructor dashboard, the grade views, and student profile pages. """ self.login(self.enrolled_user) urls = [reverse('instructor_dashboard', kwargs={'course_id': self.course.id}), reverse('instructor_dashboard', kwargs={'course_id': self.test_course.id})] # Shouldn't be able to get to the instructor pages for url in urls: check_for_get_code(self, 404, url)
def _check_non_staff_dark(self, course): """ Check that non-staff don't have access to dark urls. """ names = ['courseware', 'instructor_dashboard', 'progress'] urls = self._reverse_urls(names, course) urls.extend([ reverse('book', kwargs={'course_id': course.id, 'book_index': index}) for index, book in enumerate(course.textbooks) ]) for url in urls: check_for_get_code(self, 404, url)
def _check_non_staff_dark(self, course): """ Check that non-staff don't have access to dark urls. """ names = ["courseware", "instructor_dashboard", "progress"] urls = self._reverse_urls(names, course) urls.extend( [ reverse("book", kwargs={"course_id": course.id, "book_index": index}) for index, book in enumerate(course.textbooks) ] ) for url in urls: check_for_get_code(self, 404, url)
def _check_non_staff_dark(self, course): """ Check that non-staff don't have access to dark urls. """ names = ['courseware', 'instructor_dashboard', 'progress'] urls = self._reverse_urls(names, course) urls.extend([ reverse('book', kwargs={ 'course_id': course.id.to_deprecated_string(), 'book_index': index }) for index, book in enumerate(course.textbooks) ]) for url in urls: check_for_get_code(self, 404, url)
def test_instructor_page_access_nonstaff(self): """ Verify non-staff cannot load the instructor dashboard, the grade views, and student profile pages. """ self.login(self.enrolled_user) urls = [ reverse('instructor_dashboard', kwargs={'course_id': self.course.id}), reverse('instructor_dashboard', kwargs={'course_id': self.test_course.id}) ] # Shouldn't be able to get to the instructor pages for url in urls: check_for_get_code(self, 404, url)
def test_instructor_course_access(self): """ Verify instructor can load the instructor dashboard, the grade views, and student profile pages for their course. """ self.login(self.instructor_user) # Now should be able to get to self.course, but not self.test_course url = reverse( 'instructor_dashboard', kwargs={'course_id': self.course.id.to_deprecated_string()}) check_for_get_code(self, 200, url) url = reverse( 'instructor_dashboard', kwargs={'course_id': self.test_course.id.to_deprecated_string()}) check_for_get_code(self, 404, url)
def test_instructor_course_access(self): """ Verify instructor can load the instructor dashboard, the grade views, and student profile pages for their course. """ email, password = self.ACCOUNT_INFO[1] # Make the instructor staff in self.course CourseInstructorRole(self.course.location).add_users(User.objects.get(email=email)) self.login(email, password) # Now should be able to get to self.course, but not self.test_course url = reverse('instructor_dashboard', kwargs={'course_id': self.course.id}) check_for_get_code(self, 200, url) url = reverse('instructor_dashboard', kwargs={'course_id': self.test_course.id}) check_for_get_code(self, 404, url)
def test_instructor_as_staff_access(self): """ Verify the instructor can load staff pages if he is given staff permissions. """ email, password = self.ACCOUNT_INFO[1] self.login(email, password) # now make the instructor also staff instructor = User.objects.get(email=email) instructor.is_staff = True instructor.save() # and now should be able to load both urls = [reverse('instructor_dashboard', kwargs={'course_id': self.course.id}), reverse('instructor_dashboard', kwargs={'course_id': self.test_course.id})] for url in urls: check_for_get_code(self, 200, url)
def test_global_staff_access(self): """ Verify the global staff user can access any course. """ self.login(self.global_staff_user) # and now should be able to load both urls = [ reverse( 'instructor_dashboard', kwargs={'course_id': self.course.id.to_deprecated_string()}), reverse('instructor_dashboard', kwargs={ 'course_id': self.test_course.id.to_deprecated_string() }) ] for url in urls: check_for_get_code(self, 200, url)
def test_incomplete_course(self): email = self.staff_user.email password = "******" self.login(email, password) self.enroll(self.test_course, True) test_course_id = self.test_course.id.to_deprecated_string() check_for_get_code( self, 200, reverse( 'courseware', kwargs={'course_id': test_course_id} ) ) section = ItemFactory.create( parent_location=self.test_course.location, display_name='New Section' ) check_for_get_code( self, 200, reverse( 'courseware', kwargs={'course_id': test_course_id} ) ) subsection = ItemFactory.create( parent_location=section.location, display_name='New Subsection' ) check_for_get_code( self, 200, reverse( 'courseware', kwargs={'course_id': test_course_id} ) ) ItemFactory.create( parent_location=subsection.location, display_name='New Unit' ) check_for_get_code( self, 302, reverse( 'courseware', kwargs={'course_id': test_course_id} ) )
def _check_staff(self, course): """ Check that access is right for staff in course. """ names = ['about_course', 'instructor_dashboard', 'progress'] urls = self._reverse_urls(names, course) urls.extend([ reverse('book', kwargs={'course_id': course.id, 'book_index': index}) for index, book in enumerate(course.textbooks) ]) for url in urls: check_for_get_code(self, 200, url) # The student progress tab is not accessible to a student # before launch, so the instructor view-as-student feature # should return a 404 as well. # TODO (vshnayder): If this is not the behavior we want, will need # to make access checking smarter and understand both the effective # user (the student), and the requesting user (the prof) url = reverse('student_progress', kwargs={'course_id': course.id, 'student_id': self.enrolled_user.id}) check_for_get_code(self, 404, url) # The courseware url should redirect, not 200 url = self._reverse_urls(['courseware'], course)[0] check_for_get_code(self, 302, url)
def _check_staff(self, course): """ Check that access is right for staff in course. """ names = ['about_course', 'instructor_dashboard', 'progress'] urls = self._reverse_urls(names, course) urls.extend([ reverse('book', kwargs={ 'course_id': course.id.to_deprecated_string(), 'book_index': index }) for index in xrange(len(course.textbooks)) ]) for url in urls: check_for_get_code(self, 200, url) # The student progress tab is not accessible to a student # before launch, so the instructor view-as-student feature # should return a 404 as well. # TODO (vshnayder): If this is not the behavior we want, will need # to make access checking smarter and understand both the effective # user (the student), and the requesting user (the prof) url = reverse('student_progress', kwargs={ 'course_id': course.id.to_deprecated_string(), 'student_id': self.enrolled_user.id }) check_for_get_code(self, 404, url) # The courseware url should redirect, not 200 url = self._reverse_urls(['courseware'], course)[0] check_for_get_code(self, 302, url)
def test_accordion_state(self): """ Verify the accordion remembers which chapter you were last viewing. """ email, password = self.STUDENT_INFO[0] self.login(email, password) self.enroll(self.course, True) self.enroll(self.test_course, True) # Now we directly navigate to a section in a chapter other than 'Overview'. check_for_get_code(self, 200, reverse('courseware_section', kwargs={'course_id': self.course.id, 'chapter': 'factory_chapter', 'section': 'factory_section'})) # And now hitting the courseware tab should redirect to 'factory_chapter' resp = self.client.get(reverse('courseware', kwargs={'course_id': self.course.id})) self.assertRedirects(resp, reverse('courseware_chapter', kwargs={'course_id': self.course.id, 'chapter': 'factory_chapter'}))
def test_org_instructor_access(self): """ Verify org instructor can load the instructor dashboard, the grade views, and student profile pages for course in their org. """ self.login(self.org_instructor_user) url = reverse('instructor_dashboard', kwargs={'course_id': self.course.id}) check_for_get_code(self, 200, url) url = reverse('instructor_dashboard', kwargs={'course_id': self.test_course.id}) check_for_get_code(self, 200, url) url = reverse('instructor_dashboard', kwargs={'course_id': self.other_org_course.id}) check_for_get_code(self, 404, url)