def __init__(self, request, response): # pylint: disable=super-init-not-called
# Set self.request, self.response and self.app.
self.initialize(request, response)
self.start_time = datetime.datetime.utcnow()
# Initializes the return dict for the handlers.
self.values = {}
self.user = current_user_services.get_current_user()
self.user_id = current_user_services.get_user_id(
self.user) if self.user else None
self.username = None
self.has_seen_editor_tutorial = False
self.partially_logged_in = False
self.values['profile_picture_data_url'] = None
self.preferred_site_language_code = None
if self.user_id:
email = current_user_services.get_user_email(self.user)
user_settings = user_services.get_or_create_user(
self.user_id, email)
self.values['user_email'] = user_settings.email
if (self.REDIRECT_UNFINISHED_SIGNUPS
and not user_services.has_fully_registered(self.user_id)):
_clear_login_cookies(self.response.headers)
self.partially_logged_in = True
self.user_id = None
else:
self.username = user_settings.username
self.preferred_site_language_code = (
user_settings.preferred_site_language_code)
self.values['username'] = self.username
self.values['profile_picture_data_url'] = (
user_settings.profile_picture_data_url)
if user_settings.last_started_state_editor_tutorial:
self.has_seen_editor_tutorial = True
# In order to avoid too many datastore writes, we do not bother
# recording a log-in if the current time is sufficiently close
# to the last log-in time.
if (user_settings.last_logged_in is None
or not utils.are_datetimes_close(
datetime.datetime.utcnow(),
user_settings.last_logged_in)):
user_services.record_user_logged_in(self.user_id)
self.is_moderator = rights_manager.Actor(self.user_id).is_moderator()
self.is_admin = rights_manager.Actor(self.user_id).is_admin()
self.is_super_admin = (
current_user_services.is_current_user_super_admin())
self.values['is_moderator'] = self.is_moderator
self.values['is_admin'] = self.is_admin
self.values['is_super_admin'] = self.is_super_admin
if self.request.get('payload'):
self.payload = json.loads(self.request.get('payload'))
else:
self.payload = None
def get(self, collection_id):
"""Handles GET requests."""
collection = collection_services.get_collection_by_id(collection_id,
strict=False)
if (collection is None
or not rights_manager.Actor(self.user_id).can_view(
rights_manager.ACTIVITY_TYPE_COLLECTION, collection_id)):
self.redirect('/')
return
can_edit = (
bool(self.user_id)
and self.username not in config_domain.BANNED_USERNAMES.value
and rights_manager.Actor(self.user_id).can_edit(
rights_manager.ACTIVITY_TYPE_COLLECTION, collection_id))
self.values.update({
'is_public':
rights_manager.is_collection_public(collection_id),
'can_edit':
can_edit,
'collection_id':
collection.id,
'title':
collection.title
})
self.render_template('collection_editor/collection_editor.html')
def __init__(self, request, response):
# Set self.request, self.response and self.app.
self.initialize(request, response)
self.start_time = datetime.datetime.utcnow()
# Initializes the return dict for the handlers.
self.values = {}
self.user = current_user_services.get_current_user(self.request)
self.user_id = current_user_services.get_user_id(
self.user) if self.user else None
if self.user_id:
email = current_user_services.get_user_email(self.user)
user_settings = user_services.get_or_create_user(
self.user_id, email)
self.username = user_settings.username
self.values['user_email'] = user_settings.email
self.values['username'] = self.username
self.is_moderator = rights_manager.Actor(self.user_id).is_moderator()
self.is_admin = rights_manager.Actor(self.user_id).is_admin()
self.is_super_admin = user_services.is_super_admin(
self.user_id, self.request)
self.values['is_moderator'] = self.is_moderator
self.values['is_admin'] = self.is_admin
self.values['is_super_admin'] = self.is_super_admin
if self.request.get('payload'):
self.payload = json.loads(self.request.get('payload'))
else:
self.payload = None
def test_newly_created_exploration(self):
exp = exp_domain.Exploration.create_default_exploration(
self.EXP_ID, 'A title', 'A category')
exp_services.save_new_exploration(self.user_id_a, exp)
self.assertTrue(
rights_manager.Actor(self.user_id_a).can_view(self.EXP_ID))
self.assertTrue(
rights_manager.Actor(self.user_id_a).can_edit(self.EXP_ID))
self.assertTrue(
rights_manager.Actor(self.user_id_a).can_delete(self.EXP_ID))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_view(self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_admin).can_edit(self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_admin).can_delete(self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_view(self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_edit(self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_delete(self.EXP_ID))
def test_can_publicize_collection(self):
self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a)
rights_manager.publish_collection(self.user_id_a, self.COLLECTION_ID)
self.assertFalse(
rights_manager.Actor(self.user_id_a).can_publicize(
rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_publicize(
rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
def test_can_publicize_exploration(self):
exp = exp_domain.Exploration.create_default_exploration(
self.EXP_ID, 'A title', 'A category')
exp_services.save_new_exploration(self.user_id_a, exp)
rights_manager.publish_exploration(self.user_id_a, self.EXP_ID)
self.assertFalse(
rights_manager.Actor(self.user_id_a).can_publicize(self.EXP_ID))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_publicize(
self.EXP_ID))
def test_demo_collection(self):
collection_services.load_demo('0')
rights_manager.release_ownership_of_collection(
feconf.SYSTEM_COMMITTER_ID, '0')
self.assertTrue(
rights_manager.Actor(self.user_id_a).can_play(
rights_manager.ACTIVITY_TYPE_COLLECTION, '0'))
self.assertTrue(
rights_manager.Actor(self.user_id_a).can_view(
rights_manager.ACTIVITY_TYPE_COLLECTION, '0'))
self.assertTrue(
rights_manager.Actor(self.user_id_a).can_edit(
rights_manager.ACTIVITY_TYPE_COLLECTION, '0'))
self.assertFalse(
rights_manager.Actor(self.user_id_a).can_delete(
rights_manager.ACTIVITY_TYPE_COLLECTION, '0'))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_play(
rights_manager.ACTIVITY_TYPE_COLLECTION, '0'))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_view(
rights_manager.ACTIVITY_TYPE_COLLECTION, '0'))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_edit(
rights_manager.ACTIVITY_TYPE_COLLECTION, '0'))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_delete(
rights_manager.ACTIVITY_TYPE_COLLECTION, '0'))
def test_non_splash_page_demo_exploration(self):
# Note: there is no difference between permissions for demo
# explorations, whether or not they are on the splash page.
exp_services.load_demo('3')
rights_manager.release_ownership_of_exploration(
feconf.SYSTEM_COMMITTER_ID, '3')
self.assertTrue(
rights_manager.Actor(self.user_id_a).can_play(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '3'))
self.assertTrue(
rights_manager.Actor(self.user_id_a).can_view(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '3'))
self.assertTrue(rights_manager.Actor(
self.user_id_a).can_edit(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '3'))
self.assertFalse(rights_manager.Actor(
self.user_id_a).can_delete(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '3'))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_play(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '3'))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_view(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '3'))
self.assertTrue(rights_manager.Actor(
self.user_id_admin).can_edit(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '3'))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_delete(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '3'))
def test_inviting_collaborator(self):
exp = exp_domain.Exploration.create_default_exploration(
self.EXP_ID, 'A title', 'A category')
exp_services.save_new_exploration(self.user_id_a, exp)
rights_manager.assign_role(self.user_id_a, self.EXP_ID, self.user_id_b,
rights_manager.ROLE_EDITOR)
self.assertTrue(
rights_manager.Actor(self.user_id_b).can_view(self.EXP_ID))
self.assertTrue(
rights_manager.Actor(self.user_id_b).can_edit(self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_delete(self.EXP_ID))
def test_inviting_collaborator_to_exploration(self):
exp = exp_domain.Exploration.create_default_exploration(self.EXP_ID)
exp_services.save_new_exploration(self.user_id_a, exp)
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_play(
feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_view(
feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_edit(
feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_delete(
feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
rights_manager.assign_role_for_exploration(self.user_id_a, self.EXP_ID,
self.user_id_b,
rights_manager.ROLE_EDITOR)
self.assertTrue(
rights_manager.Actor(self.user_id_b).can_play(
feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertTrue(
rights_manager.Actor(self.user_id_b).can_view(
feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertTrue(
rights_manager.Actor(self.user_id_b).can_edit(
feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_delete(
feconf.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
def test_inviting_playtester_to_exploration(self):
exp = exp_domain.Exploration.create_default_exploration(
self.EXP_ID, 'A title', 'A category')
exp_services.save_new_exploration(self.user_id_a, exp)
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_play(
rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_view(
rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_edit(
rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_delete(
rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
rights_manager.assign_role_for_exploration(
self.user_id_a, self.EXP_ID, self.user_id_b,
rights_manager.ROLE_VIEWER)
self.assertTrue(
rights_manager.Actor(self.user_id_b).can_play(
rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertTrue(
rights_manager.Actor(self.user_id_b).can_view(
rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_edit(
rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).can_delete(
rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
def test_demo_exploration(self):
exp_services.load_demo('1')
rights_manager.release_ownership_of_exploration(
feconf.SYSTEM_COMMITTER_ID, '1')
self.assertTrue(
rights_manager.Actor(self.user_id_a).can_play(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '1'))
self.assertTrue(
rights_manager.Actor(self.user_id_a).can_view(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '1'))
self.assertTrue(
rights_manager.Actor(self.user_id_a).can_edit(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '1'))
self.assertFalse(
rights_manager.Actor(self.user_id_a).can_delete(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '1'))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_play(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '1'))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_view(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '1'))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_edit(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '1'))
self.assertTrue(
rights_manager.Actor(self.user_id_admin).can_delete(
rights_manager.ACTIVITY_TYPE_EXPLORATION, '1'))
def __init__(self, request, response):
# Set self.request, self.response and self.app.
self.initialize(request, response)
self.start_time = datetime.datetime.utcnow()
# Initializes the return dict for the handlers.
self.values = {}
self.user = current_user_services.get_current_user(self.request)
self.user_id = current_user_services.get_user_id(
self.user) if self.user else None
self.username = None
self.user_has_started_state_editor_tutorial = False
self.partially_logged_in = False
self.values['profile_picture_data_url'] = None
if self.user_id:
email = current_user_services.get_user_email(self.user)
user_settings = user_services.get_or_create_user(
self.user_id, email)
self.values['user_email'] = user_settings.email
if self.REDIRECT_UNFINISHED_SIGNUPS and not user_settings.username:
_clear_login_cookies(self.response.headers)
self.partially_logged_in = True
self.user_id = None
else:
self.username = user_settings.username
self.last_agreed_to_terms = user_settings.last_agreed_to_terms
self.values['username'] = self.username
self.values['profile_picture_data_url'] = (
user_settings.profile_picture_data_url)
if user_settings.last_started_state_editor_tutorial:
self.user_has_started_state_editor_tutorial = True
self.is_moderator = rights_manager.Actor(self.user_id).is_moderator()
self.is_admin = rights_manager.Actor(self.user_id).is_admin()
self.is_super_admin = user_services.is_super_admin(
self.user_id, self.request)
self.values['is_moderator'] = self.is_moderator
self.values['is_admin'] = self.is_admin
self.values['is_super_admin'] = self.is_super_admin
if self.request.get('payload'):
self.payload = json.loads(self.request.get('payload'))
else:
self.payload = None
def test_ownership(self):
exp = exp_domain.Exploration.create_default_exploration(
self.EXP_ID, 'A title', 'A category')
exp_services.save_new_exploration(self.user_id_a, exp)
rights_manager.assign_role(self.user_id_a, self.EXP_ID, self.user_id_b,
rights_manager.ROLE_EDITOR)
self.assertTrue(
rights_manager.Actor(self.user_id_a).is_owner(self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).is_owner(self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_admin).is_owner(self.EXP_ID))
def get(self, exploration_id):
"""Gets the data for the exploration overview page."""
if not rights_manager.Actor(self.user_id).can_view(exploration_id):
raise self.PageNotFoundException
self.values.update(self._get_exploration_data(exploration_id))
self.render_json(self.values)
def get(self, collection_id):
"""Populates the data on the individual collection page."""
allow_invalid_explorations = bool(
self.request.get('allow_invalid_explorations'))
try:
collection_dict = (
collection_services.get_learner_collection_dict_by_id(
collection_id,
self.user_id,
allow_invalid_explorations=allow_invalid_explorations))
except Exception as e:
raise self.PageNotFoundException(e)
self.values.update({
'can_edit':
(self.user_id and rights_manager.Actor(self.user_id).can_edit(
rights_manager.ACTIVITY_TYPE_COLLECTION, collection_id)),
'collection':
collection_dict,
'info_card_image_url':
utils.get_info_card_url_for_category(collection_dict['category']),
'is_logged_in':
bool(self.user_id),
'session_id':
utils.generate_new_session_id(),
})
self.render_json(self.values)
def get(self, exploration_id):
"""Populates the data on the individual exploration page."""
version = self.request.get('v')
version = int(version) if version else None
try:
exploration = exp_services.get_exploration_by_id(
exploration_id, version=version)
except Exception as e:
raise self.PageNotFoundException(e)
info_card_color = (
feconf.CATEGORIES_TO_COLORS[exploration.category] if
exploration.category in feconf.CATEGORIES_TO_COLORS else
feconf.DEFAULT_COLOR)
self.values.update({
'can_edit': (
self.user_id and
rights_manager.Actor(self.user_id).can_edit(exploration_id)),
'exploration': exploration.to_player_dict(),
'info_card_image_url': (
'/images/gallery/exploration_background_%s_large.png' %
info_card_color),
'is_logged_in': bool(self.user_id),
'session_id': utils.generate_random_string(24),
'version': exploration.version,
})
self.render_json(self.values)
def get(self, collection_id):
"""Handles GET requests."""
collection = collection_services.get_collection_by_id(collection_id,
strict=False)
self.values.update({
'can_edit':
True,
'can_unpublish':
rights_manager.Actor(self.user_id).can_unpublish(
feconf.ACTIVITY_TYPE_COLLECTION, collection_id),
'collection_id':
collection.id,
'is_private':
rights_manager.is_collection_private(collection_id),
'nav_mode':
feconf.NAV_MODE_CREATE,
'title':
collection.title,
'SHOW_COLLECTION_NAVIGATION_TAB_HISTORY':
(feconf.SHOW_COLLECTION_NAVIGATION_TAB_HISTORY),
'SHOW_COLLECTION_NAVIGATION_TAB_STATS':
(feconf.SHOW_COLLECTION_NAVIGATION_TAB_STATS),
'TAG_REGEX':
feconf.TAG_REGEX,
})
self.render_template('pages/collection_editor/collection_editor.html')
def get(self, exploration_id):
"""Handles GET requests."""
version_str = self.request.get('v')
version = int(version_str) if version_str else None
if self.request.get('iframed'):
redirect_url = '/embed/exploration/%s' % exploration_id
if version_str:
redirect_url += '?v=%s' % version_str
self.redirect(redirect_url)
return
# Note: this is an optional argument and will be None when the
# exploration is being played outside the context of a collection.
collection_id = self.request.get('collection_id')
can_edit = (bool(self.username) and self.username
not in config_domain.BANNED_USERNAMES.value
and rights_manager.Actor(self.user_id).can_edit(
feconf.ACTIVITY_TYPE_EXPLORATION, exploration_id))
try:
# If the exploration does not exist, a 404 error is raised.
exploration_data_values = _get_exploration_player_data(
exploration_id, version, collection_id, can_edit)
except Exception:
raise self.PageNotFoundException
self.values.update(exploration_data_values)
self.values['iframed'] = False
self.render_template(
'pages/exploration_player/exploration_player.html')
def get(self, exploration_id):
"""Handles GET requests."""
try:
exploration = exp_services.get_exploration_by_id(exploration_id)
except:
raise self.PageNotFoundException
if not rights_manager.Actor(self.user_id).can_view(
rights_manager.ACTIVITY_TYPE_EXPLORATION, exploration_id):
raise self.PageNotFoundException
version = self.request.get('v', default_value=exploration.version)
output_format = self.request.get('output_format', default_value='zip')
width = int(self.request.get('width', default_value=80))
# If the title of the exploration has changed, we use the new title
filename = 'oppia-%s-v%s' % (utils.to_ascii(
exploration.title.replace(' ', '')), version)
if output_format == feconf.OUTPUT_FORMAT_ZIP:
self.response.headers['Content-Type'] = 'text/plain'
self.response.headers['Content-Disposition'] = (
'attachment; filename=%s.zip' % str(filename))
self.response.write(
exp_services.export_to_zip_file(exploration_id, version))
elif output_format == feconf.OUTPUT_FORMAT_JSON:
self.render_json(
exp_services.export_states_to_yaml(exploration_id,
version=version,
width=width))
else:
raise self.InvalidInputException('Unrecognized output format %s' %
output_format)
def get(self, exploration_id):
"""Handles GET requests."""
try:
exploration = exp_services.get_exploration_by_id(exploration_id)
except:
raise self.PageNotFoundException
if not rights_manager.Actor(self.user_id).can_view(
rights_manager.ACTIVITY_TYPE_EXPLORATION, exploration_id):
raise self.PageNotFoundException
version = self.request.get('v', default_value=exploration.version)
width = int(self.request.get('width', default_value=80))
try:
state = self.request.get('state')
except:
raise self.InvalidInputException('State not found')
exploration_dict = exp_services.export_states_to_yaml(exploration_id,
version=version,
width=width)
if state not in exploration_dict:
raise self.PageNotFoundException
self.response.write(exploration_dict[state])
def get(self, exploration_id):
"""Populates the data on the individual exploration page."""
version = self.request.get('v')
version = int(version) if version else None
try:
exploration = exp_services.get_exploration_by_id(exploration_id,
version=version)
except Exception as e:
raise self.PageNotFoundException(e)
self.values.update({
'can_edit':
(self.user_id and rights_manager.Actor(self.user_id).can_edit(
feconf.ACTIVITY_TYPE_EXPLORATION, exploration_id)),
'exploration':
exploration.to_player_dict(),
'is_logged_in':
bool(self.user_id),
'session_id':
utils.generate_new_session_id(),
'version':
exploration.version,
})
self.render_json(self.values)
def get_displayable_exp_summary_dicts_matching_ids(exploration_ids,
editor_user_id=None):
"""Given a list of exploration ids, optionally filters the list for
explorations that are currently non-private and not deleted, and returns a
list of dicts of the corresponding exploration summaries. This function can
also filter based on a user ID who has edit access to the corresponding
exploration, where the editor ID is for private explorations. Please use
this function when needing summary information to display on exploration
summary tiles in the frontend.
"""
exploration_summaries = (
exp_services.get_exploration_summaries_matching_ids(exploration_ids))
filtered_exploration_summaries = []
for exploration_summary in exploration_summaries:
if exploration_summary is None:
continue
if exploration_summary.status == (
rights_manager.ACTIVITY_STATUS_PRIVATE):
if editor_user_id is None:
continue
if not rights_manager.Actor(editor_user_id).can_edit(
feconf.ACTIVITY_TYPE_EXPLORATION, exploration_summary.id):
continue
filtered_exploration_summaries.append(exploration_summary)
return get_displayable_exp_summary_dicts(filtered_exploration_summaries)
def get(self, collection_id):
"""Handles GET requests."""
try:
collection = collection_services.get_collection_by_id(
collection_id)
except Exception as e:
raise self.PageNotFoundException(e)
self.values.update({
'can_edit':
(bool(self.username)
and self.username not in config_domain.BANNED_USERNAMES.value
and rights_manager.Actor(self.user_id).can_edit(
rights_manager.ACTIVITY_TYPE_COLLECTION, collection_id)),
'is_logged_in':
bool(self.user_id),
'collection_id':
collection_id,
'collection_title':
collection.title,
'is_private':
rights_manager.is_collection_private(collection_id),
'meta_name':
collection.title,
'meta_description':
utils.capitalize_string(collection.objective)
})
self.render_template('collection_player/collection_player.html')
def put(self, collection_id):
"""Updates the editing rights for the given collection."""
collection = collection_services.get_collection_by_id(collection_id)
version = self.payload.get('version')
_require_valid_version(version, collection.version)
# TODO(bhenning): Implement other rights changes here.
is_public = self.payload.get('is_public')
if is_public is not None:
if is_public:
try:
collection.validate(strict=True)
collection_services.validate_exps_in_collection_are_public(
collection)
except utils.ValidationError as e:
raise self.InvalidInputException(e)
collection_services.publish_collection_and_update_user_profiles(
self.user_id, collection_id)
collection_services.index_collections_given_ids([
collection_id])
elif rights_manager.Actor(self.user_id).can_unpublish(
feconf.ACTIVITY_TYPE_COLLECTION, collection_id):
rights_manager.unpublish_collection(self.user_id, collection_id)
collection_services.delete_documents_from_search_index([
collection_id])
else:
raise self.InvalidInputException(
'Cannot unpublish a collection.')
self.render_json({
'rights': rights_manager.get_collection_rights(
collection_id).to_dict()
})
def test_ownership_of_collection(self):
self.save_new_default_collection(self.COLLECTION_ID, self.user_id_a)
rights_manager.assign_role_for_collection(
self.user_id_a, self.COLLECTION_ID, self.user_id_b,
rights_manager.ROLE_EDITOR)
self.assertTrue(
rights_manager.Actor(self.user_id_a).is_owner(
rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).is_owner(
rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_admin).is_owner(
rights_manager.ACTIVITY_TYPE_COLLECTION, self.COLLECTION_ID))
def get_displayable_exp_summary_dicts_matching_ids(
exploration_ids, editor_user_id=None):
"""Gets a summary of explorations in human readable form from
exploration ids.
Given a list of exploration ids, optionally filters the list for
explorations that are currently non-private and not deleted, and returns a
list of dicts of the corresponding exploration summaries. This function can
also filter based on a user ID who has edit access to the corresponding
exploration, where the editor ID is for private explorations. Please use
this function when needing summary information to display on exploration
summary tiles in the frontend.
Args:
exploration_ids: list(str). List of exploration ids.
editor_user_id: str or None. If provided, the returned value is
filtered based on a user ID who has edit access to the
corresponding explorations. Otherwise, the returned list is not
filtered.
Return:
list(dict). A list of exploration summary dicts in human readable form.
Example:
[ {
'category': u'A category',
'community_owned': False,
'id': 'eid2',
'language_code': 'en',
'num_views': 0,
'objective': u'An objective',
'status': 'public',
'tags': [],
'thumbnail_bg_color': '#a33f40',
'thumbnail_icon_url': self.get_static_asset_url(
'/images/subjects/Lightbulb.svg'),
'title': u'Exploration 2 Albert title',
}, ]
"""
exploration_summaries = (
exp_services.get_exploration_summaries_matching_ids(exploration_ids))
filtered_exploration_summaries = []
for exploration_summary in exploration_summaries:
if exploration_summary is None:
continue
if exploration_summary.status == (
rights_manager.ACTIVITY_STATUS_PRIVATE):
if editor_user_id is None:
continue
if not rights_manager.Actor(editor_user_id).can_edit(
feconf.ACTIVITY_TYPE_EXPLORATION,
exploration_summary.id):
continue
filtered_exploration_summaries.append(exploration_summary)
return get_displayable_exp_summary_dicts(filtered_exploration_summaries)
def get(self, exploration_id):
"""Handles GET requests."""
version = self.request.get('v')
if not version:
# The default value for a missing parameter seems to be ''.
version = None
else:
version = int(version)
try:
exploration = exp_services.get_exploration_by_id(exploration_id,
version=version)
except Exception as e:
raise self.PageNotFoundException(e)
if not rights_manager.Actor(self.user_id).can_view(exploration_id):
raise self.PageNotFoundException
is_iframed = (self.request.get('iframed') == 'true')
# TODO(sll): Cache these computations.
interactive_widget_ids = exploration.get_interactive_widget_ids()
widget_dependency_ids = (
widget_registry.Registry.get_deduplicated_dependency_ids(
interactive_widget_ids))
widget_dependencies_html, additional_angular_modules = (
dependency_registry.Registry.get_deps_html_and_angular_modules(
widget_dependency_ids))
widget_js_directives = (
widget_registry.Registry.get_noninteractive_widget_js() +
widget_registry.Registry.get_interactive_widget_js(
interactive_widget_ids))
self.values.update({
'additional_angular_modules':
additional_angular_modules,
'exploration_version':
version,
'iframed':
is_iframed,
'is_private':
rights_manager.is_exploration_private(exploration_id),
'nav_mode':
feconf.NAV_MODE_EXPLORE,
'skin_html':
skins_services.Registry.get_skin_html(exploration.default_skin),
'widget_dependencies_html':
jinja2.utils.Markup(widget_dependencies_html),
'widget_js_directives':
jinja2.utils.Markup(widget_js_directives),
})
if is_iframed:
self.render_template('player/exploration_player.html',
iframe_restriction=None)
else:
self.render_template('player/exploration_player.html')
def test_ownership_of_exploration(self):
exp = exp_domain.Exploration.create_default_exploration(self.EXP_ID)
exp_services.save_new_exploration(self.user_id_a, exp)
rights_manager.assign_role_for_exploration(self.user_id_a, self.EXP_ID,
self.user_id_b,
rights_manager.ROLE_EDITOR)
self.assertTrue(
rights_manager.Actor(self.user_id_a).is_owner(
rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_b).is_owner(
rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
self.assertFalse(
rights_manager.Actor(self.user_id_admin).is_owner(
rights_manager.ACTIVITY_TYPE_EXPLORATION, self.EXP_ID))
def get(self, exploration_id):
"""Gets the data for the exploration overview page."""
if not rights_manager.Actor(self.user_id).can_view(exploration_id):
raise self.PageNotFoundException
version = self.request.get('v', default_value=None)
self.values.update(
self._get_exploration_data(exploration_id, version=version))
self.render_json(self.values)
