def test_list_project_faculty(self):
"""Test that students and faculty can list projects"""
p1 = ProjectFactory.create(course=self.sandbox_course)
p2 = ProjectFactory.create(course=self.sandbox_course)
self.assertTrue(
self.client.login(
username=self.faculty.username,
password='******'
)
)
response = self.client.get(
reverse('course-detail-view', args=[self.sandbox_course.pk]))
self.assertIn(p1, response.context['projects'])
self.assertIn(p2, response.context['projects'])
self.assertContains(response, 'Create New Project')
def test_has_object_permissions_patch(self):
"""Tests PATCH permissions"""
perm = IsFeedbackFacultyOrStudentRecipient()
p = ProjectFactory.create(course=self.sandbox_course)
a = ActivityFactory.create(project=p)
r = ResponseFactory.create(activity=a, owners=[self.student])
r.status = r.SUBMITTED
r.save()
f = FeedbackFactory(response=r)
req = RequestFactory().patch(
reverse('api-feedback-detail', args=[f.pk]), {'feedback': 'foo'})
# Anon
req.user = AnonymousUser()
self.assertFalse(perm.has_object_permission(req, None, r.feedback))
# Related Faculty
req.user = self.faculty
self.assertTrue(perm.has_object_permission(req, None, r.feedback))
# Unrelated Faculty
# Checks that faculty in a different course can not
# patch an object
unrelated_faculty = UserFactory.create(first_name='Faculty',
last_name='Two',
email='*****@*****.**')
self.registrar_course.faculty_group.user_set.add(unrelated_faculty)
req.user = unrelated_faculty
self.assertFalse(perm.has_object_permission(req, None, r.feedback))
# Student
req.user = self.student
self.assertFalse(perm.has_object_permission(req, None, r.feedback))
def test_has_permissions_put(self):
"""Tests POST permissions"""
perm = IsResponseOwnerOrFaculty()
p = ProjectFactory.create(course=self.sandbox_course)
a = ActivityFactory.create(project=p)
req = RequestFactory().put(reverse('api-response-list'),
{'activity': a.pk})
req.user = AnonymousUser()
# Patch the request object, as it doesn't seem to create the
# data attribute as expected
req.data = {'activity': a.pk}
# Anon
self.assertFalse(perm.has_permission(req, None))
# Faculty
req.user = self.faculty
self.assertFalse(perm.has_permission(req, None))
# Unrelated Student
unrelated_student = UserFactory.create(first_name='Student',
last_name='Two',
email='*****@*****.**')
self.registrar_course.group.user_set.add(unrelated_student)
req.user = unrelated_student
self.assertFalse(perm.has_permission(req, None))
# Related Student
req.user = self.student
self.assertTrue(perm.has_permission(req, None))
def test_has_permissions_put(self):
"""Tests POST permissions"""
perm = IsFeedbackFacultyOrStudentRecipient()
p = ProjectFactory.create(course=self.sandbox_course)
a = ActivityFactory.create(project=p)
r = ResponseFactory.create(activity=a, owners=[self.student])
req = RequestFactory().post(reverse('api-feedback-list'), {
'response': r.pk,
'body': 'foobar'
})
req.query_params = dict()
req.data = {'response': r.pk, 'body': 'foobar'}
# Anon
req.user = AnonymousUser()
self.assertFalse(perm.has_permission(req, None))
# Faculty
req.user = self.faculty
self.assertTrue(perm.has_permission(req, None))
# Unrelated Student
unrelated_student = UserFactory.create(first_name='Student',
last_name='Two',
email='*****@*****.**')
self.registrar_course.group.user_set.add(unrelated_student)
req.user = unrelated_student
self.assertFalse(perm.has_permission(req, None))
# Related Student
req.user = self.student
self.assertFalse(perm.has_permission(req, None))
def test_activity_create_anon(self):
"""
Test that anon users can not create an activity
"""
c = self.registrar_course
p = ProjectFactory.create(course=c)
r1 = self.client.get(reverse('activity-create', args=[c.pk, p.pk]))
self.assertEqual(r1.status_code, 302)
def test_create_student_response(self):
self.assertTrue(
self.client.login(username=self.student.username, password='******'))
p = ProjectFactory.create(course=self.sandbox_course)
a = ActivityFactory.create(project=p)
response = self.client.post(reverse('api-response-list'), {
'activity': a.pk,
})
self.assertEqual(response.status_code, 201)
def test_activity_create_student(self):
"""
Test that students can not create an activity
"""
self.assertTrue(
self.client.login(username=self.student.username, password='******'))
c = self.registrar_course
p = ProjectFactory.create(course=c)
r1 = self.client.get(reverse('activity-create', args=[c.pk, p.pk]))
self.assertEqual(r1.status_code, 403)
def test_activity_404(self):
"""
Test that a request for an activity detail page that
does not exist returns 404
"""
self.assertTrue(
self.client.login(username=self.faculty.username, password='******'))
c = self.registrar_course
p = ProjectFactory.create(course=c)
r1 = self.client.get(reverse('activity-detail', args=[c.pk, p.pk]))
self.assertEqual(r1.status_code, 404)
def test_detail_project_students(self):
"""Test that students can view a project"""
project = ProjectFactory.create(course=self.sandbox_course)
self.assertTrue(
self.client.login(
username=self.student.username,
password='******'
)
)
response = self.client.get(
reverse('course-project-detail',
args=[self.sandbox_course.pk, project.pk]))
self.assertEqual(response.status_code, 200)
def test_delete_project_students(self):
"""Test that students can not delete projects"""
project = ProjectFactory.create(course=self.sandbox_course)
self.assertTrue(
self.client.login(
username=self.student.username,
password='******'
)
)
response = self.client.post(
reverse(
'course-project-delete',
args=[self.sandbox_course.pk, project.pk]),
)
self.assertEqual(response.status_code, 403)
def test_activity_create_faculty(self):
"""
Test that faculty can GET and POST to the
activity creation view
"""
self.assertTrue(
self.client.login(username=self.faculty.username, password='******'))
c = self.registrar_course
p = ProjectFactory.create(course=c)
r1 = self.client.get(reverse('activity-create', args=[c.pk, p.pk]))
self.assertEqual(r1.status_code, 200)
r2 = self.client.post(reverse('activity-create', args=[c.pk, p.pk]), {
'instructions': 'Some instructions',
})
self.assertEqual(r2.status_code, 302)
def test_unique_owner_per_activity(self):
"""
Test that a user can not be added as an owner to multiple responses
for a single activity.
"""
# Add a new activity response to an existing activity
student: User = UserFactory.create(first_name='Student',
last_name='One',
email='*****@*****.**')
course = RegistrarCourseFactory.create()
project = ProjectFactory.create(course=course)
activity = ActivityFactory.create(project=project)
ResponseFactory.create(activity=activity, owners=[student])
# Try adding self.student to this new response
with self.assertRaises(IntegrityError):
ResponseFactory.create(activity=activity, owners=[student])
def test_unique_owner_per_response(self):
"""
Test that a user can not be added as an owner to response
multiple times.
Noting that Django's default behavior is to prevent
multiple instances of many to many relation.
"""
student: User = UserFactory.create(first_name='Student',
last_name='One',
email='*****@*****.**')
course = RegistrarCourseFactory.create()
project = ProjectFactory.create(course=course)
activity = ActivityFactory.create(project=project)
response = ResponseFactory.create(activity=activity, owners=[student])
self.assertEqual(response.owners.count(), 1)
response.owners.add(student)
self.assertEqual(response.owners.count(), 1)
def test_delete_project_faculty(self):
"""Test that faculty can delete projects"""
project = ProjectFactory.create(course=self.sandbox_course)
project_pk = project.pk
self.assertTrue(
self.client.login(
username=self.faculty.username,
password='******'
)
)
response = self.client.post(
reverse(
'course-project-delete',
args=[self.sandbox_course.pk, project.pk]),
)
self.assertEqual(response.status_code, 302)
r2 = self.client.get(
reverse('course-project-detail',
args=[self.sandbox_course.pk, project_pk]))
self.assertEqual(r2.status_code, 404)
def test_submitted_by_on(self):
student: User = UserFactory.create(
first_name='Student',
last_name='One',
email='*****@*****.**'
)
course = RegistrarCourseFactory.create()
project = ProjectFactory.create(course=course)
activity = ActivityFactory.create(project=project)
response = ResponseFactory.create(
activity=activity, owners=[student])
# Assert that submitted_* are null
self.assertIsNone(response.submitted_at)
# Then submit the assignment
response.status = response.SUBMITTED
response.save()
# Check that the fields have updated
self.assertIsNot(response.submitted_at, None)
def reset_test_models():
call_command('flush', verbosity=0, interactive=False)
# Create some models
UserFactory.create(username='******',
first_name='Super',
last_name='User',
email='*****@*****.**',
is_superuser=True)
# Sandbox Course
c1: Course = SandboxCourseFactory.create()
s1: User = UserFactory.create(username='******',
first_name='Student',
last_name='One',
email='*****@*****.**')
c1.group.user_set.add(s1)
f1: User = UserFactory.create(username='******',
first_name='Faculty',
last_name='One',
email='*****@*****.**')
c1.group.user_set.add(f1)
c1.faculty_group.user_set.add(f1)
project = ProjectFactory.create(course=c1)
activity = ActivityFactory.create(project=project)
ResponseFactory.create(activity=activity, owners=[s1])
# Registrar Course
c2: Course = RegistrarCourseFactory.create()
s2: User = UserFactory.create(username='******',
first_name='Student',
last_name='Two',
email='*****@*****.**')
c2.group.user_set.add(s2)
f2: User = UserFactory.create(username='******',
first_name='Faculty',
last_name='Two',
email='*****@*****.**')
c2.group.user_set.add(f2)
c2.faculty_group.user_set.add(f2)
def test_activity_delete_faculty(self):
"""
Test that faculty can delete an activity if
there are no related responses
"""
self.assertTrue(
self.client.login(username=self.faculty.username, password='******'))
c = self.registrar_course
p = ProjectFactory.create(course=c)
ActivityFactory.create(project=p)
response = self.client.post(
reverse('activity-delete', args=[c.pk, p.pk]))
self.assertEqual(response.status_code, 302)
# Test that the model can not be deleted
# from the front end if there are responses
self.assertTrue(
self.client.login(username=self.faculty.username, password='******'))
c = self.registrar_course
p = self.registrar_course_project
response = self.client.post(
reverse('activity-delete', args=[c.pk, p.pk]))
self.assertEqual(response.status_code, 403)
def reset_test_models():
call_command('flush', verbosity=0, interactive=False)
# Enable some flags
Flag.objects.create(name='share_response_layers', everyone=True)
# Create some models
UserFactory.create(username='******',
first_name='Super',
last_name='User',
email='*****@*****.**',
is_superuser=True,
is_staff=True)
# Sandbox Course
c1: Course = SandboxCourseFactory.create(title='Sandbox Workspace')
s1: User = UserFactory.create(username='******',
first_name='Student',
last_name='One',
email='*****@*****.**')
c1.group.user_set.add(s1)
s1: User = UserFactory.create(username='******',
first_name='Student',
last_name='Three',
email='*****@*****.**')
c1.group.user_set.add(s1)
f1: User = UserFactory.create(username='******',
first_name='Faculty',
last_name='One',
email='*****@*****.**')
c1.group.user_set.add(f1)
c1.faculty_group.user_set.add(f1)
a1: User = UserFactory.create(username='******',
first_name='Author',
last_name='One',
email='*****@*****.**')
c1.group.user_set.add(a1)
c1.faculty_group.user_set.add(a1)
project = ProjectFactory.create(course=c1, title='Activity One')
activity = ActivityFactory.create(project=project)
ResponseFactory.create(activity=activity, owners=[s1])
# Registrar Course - generates a project too
c2: Course = RegistrarCourseFactory.create()
s2: User = UserFactory.create(username='******',
first_name='Student',
last_name='Two',
email='*****@*****.**')
c2.group.user_set.add(s2)
f2: User = UserFactory.create(username='******',
first_name='Faculty',
last_name='Two',
email='*****@*****.**')
c2.group.user_set.add(f2)
c2.faculty_group.user_set.add(f2)
# No affiliations
UserFactory.create(username='******',
first_name='Faculty',
last_name='Three',
email='*****@*****.**')