def test_deassigning_manager_role(self): topic_services.assign_role( self.user_admin, self.user_a, topic_domain.ROLE_MANAGER, self.TOPIC_ID) topic_rights = topic_services.get_topic_rights(self.TOPIC_ID) self.assertTrue(topic_services.check_can_edit_topic( self.user_a, topic_rights)) self.assertFalse(topic_services.check_can_edit_topic( self.user_b, topic_rights)) topic_services.assign_role( self.user_admin, self.user_a, topic_domain.ROLE_NONE, self.TOPIC_ID) self.assertFalse(topic_services.check_can_edit_topic( self.user_a, topic_rights)) self.assertFalse(topic_services.check_can_edit_topic( self.user_b, topic_rights)) topic_services.assign_role( self.user_admin, self.user_a, topic_domain.ROLE_NONE, self.TOPIC_ID) self.assertFalse(topic_services.check_can_edit_topic( self.user_a, topic_rights)) self.assertFalse(topic_services.check_can_edit_topic( self.user_b, topic_rights))
def test_editable_subtopic_page_get(self): # Check that non-admins and non-topic managers cannot access the # editable subtopic data. with self.swap(constants, 'ENABLE_NEW_STRUCTURES', True): self.login(self.NEW_USER_EMAIL) response = self.testapp.get( '%s/%s/%s' % (feconf.SUBTOPIC_PAGE_EDITOR_DATA_URL_PREFIX, self.topic_id, 1), expect_errors=True) self.assertEqual(response.status_int, 401) self.logout() # Check that topic managers not assigned to this topic can # access its subtopic pages. self.login(self.TOPIC_MANAGER_EMAIL) json_response = self.get_json( '%s/%s/%s' % (feconf.SUBTOPIC_PAGE_EDITOR_DATA_URL_PREFIX, self.topic_id, 1)) self.assertEqual('', json_response['subtopic_page']['html_data']) self.logout() topic_services.assign_role(self.admin, self.topic_manager, topic_domain.ROLE_MANAGER, self.topic_id) # Check that topic managers can access the subtopic page. self.login(self.TOPIC_MANAGER_EMAIL) json_response = self.get_json( '%s/%s/%s' % (feconf.SUBTOPIC_PAGE_EDITOR_DATA_URL_PREFIX, self.topic_id, 1)) self.assertEqual('', json_response['subtopic_page']['html_data']) self.logout() # Check that admins can access the editable subtopic data. self.login(self.ADMIN_EMAIL) json_response = self.get_json( '%s/%s/%s' % (feconf.SUBTOPIC_PAGE_EDITOR_DATA_URL_PREFIX, self.topic_id, 1)) self.assertEqual('', json_response['subtopic_page']['html_data']) self.logout()
def test_update_topic(self): topic_services.assign_role(self.user_admin, self.user_a, topic_domain.ROLE_MANAGER, self.TOPIC_ID) # Test whether an admin can edit a topic. changelist = [ topic_domain.TopicChange({ 'cmd': topic_domain.CMD_UPDATE_TOPIC_PROPERTY, 'property_name': topic_domain.TOPIC_PROPERTY_DESCRIPTION, 'old_value': 'Description', 'new_value': 'New Description' }) ] topic_services.update_topic(self.user_id_admin, self.TOPIC_ID, changelist, 'Updated Description.') topic = topic_services.get_topic_by_id(self.TOPIC_ID) topic_summary = topic_services.get_topic_summary_by_id(self.TOPIC_ID) self.assertEqual(topic.description, 'New Description') self.assertEqual(topic.version, 2) self.assertEqual(topic_summary.version, 2) # Test whether a topic_manager can edit a topic. changelist = [ topic_domain.TopicChange({ 'cmd': topic_domain.CMD_UPDATE_TOPIC_PROPERTY, 'property_name': topic_domain.TOPIC_PROPERTY_NAME, 'old_value': 'Name', 'new_value': 'New Name' }) ] topic_services.update_topic(self.user_id_a, self.TOPIC_ID, changelist, 'Updated Name.') topic = topic_services.get_topic_by_id(self.TOPIC_ID) topic_summary = topic_services.get_topic_summary_by_id(self.TOPIC_ID) self.assertEqual(topic.name, 'New Name') self.assertEqual(topic.version, 3) self.assertEqual(topic_summary.name, 'New Name') self.assertEqual(topic_summary.version, 3)
def put(self, topic_id, assignee_id): """Assign topic manager role to a user for a particular topic, if the user has general topic manager rights. """ topic_domain.Topic.require_valid_topic_id(topic_id) if assignee_id is None: raise self.InvalidInputException( Exception('Expected a valid assignee id to be provided.')) assignee_actions_info = user_services.UserActionsInfo(assignee_id) user_actions_info = user_services.UserActionsInfo(self.user_id) try: topic_services.assign_role( user_actions_info, assignee_actions_info, topic_domain.ROLE_MANAGER, topic_id) except Exception as e: raise self.UnauthorizedUserException(e) self.values.update({ 'role_updated': True }) self.render_json(self.values)
def test_editable_topic_handler_put_for_assigned_topic_manager(self): change_cmd = { 'version': 2, 'commit_message': 'Some changes and added a subtopic.', 'topic_and_subtopic_page_change_dicts': [{ 'change_affects_subtopic_page': False, 'cmd': 'update_topic_property', 'property_name': 'name', 'old_value': '', 'new_value': 'A new name' }, { 'change_affects_subtopic_page': True, 'cmd': 'update_subtopic_page_property', 'property_name': 'html_data', 'old_value': '', 'subtopic_id': 1, 'new_value': '<p>New Data</p>' }, { 'change_affects_subtopic_page': False, 'cmd': 'add_subtopic', 'subtopic_id': 2, 'title': 'Title2' }, { 'change_affects_subtopic_page': True, 'cmd': 'update_subtopic_page_property', 'property_name': 'html_data', 'old_value': '', 'new_value': '<p>New Value</p>', 'subtopic_id': 2 }] } # Assign the topic manager to the topic. topic_services.assign_role(self.admin, self.topic_manager, topic_domain.ROLE_MANAGER, self.topic_id) self.login(self.TOPIC_MANAGER_EMAIL) with self.swap(constants, 'ENABLE_NEW_STRUCTURES', True): response = self.testapp.get( '%s/%s' % (feconf.TOPIC_EDITOR_URL_PREFIX, self.topic_id)) csrf_token = self.get_csrf_token_from_response(response) # Check that the topic manager can edit the topic now. json_response = self.put_json( '%s/%s' % (feconf.TOPIC_EDITOR_DATA_URL_PREFIX, self.topic_id), change_cmd, csrf_token=csrf_token) self.assertEqual(self.topic_id, json_response['topic_dict']['id']) self.assertEqual('A new name', json_response['topic_dict']['name']) self.assertEqual(2, len(json_response['topic_dict']['subtopics'])) self.logout()
def test_editable_topic_handler_put_for_assigned_topic_manager(self): change_cmd = { 'version': 2, 'commit_message': 'Some changes and added a subtopic.', 'topic_and_subtopic_page_change_dicts': [{ 'change_affects_subtopic_page': False, 'cmd': 'update_topic_property', 'property_name': 'name', 'old_value': '', 'new_value': 'A new name' }, { 'change_affects_subtopic_page': True, 'cmd': 'update_subtopic_page_property', 'property_name': 'page_contents_html', 'old_value': { 'html': '', 'content_id': 'content' }, 'subtopic_id': 1, 'new_value': { 'html': '<p>New Data</p>', 'content_id': 'content' } }, { 'change_affects_subtopic_page': False, 'cmd': 'add_subtopic', 'subtopic_id': 2, 'title': 'Title2' }, { 'change_affects_subtopic_page': True, 'cmd': 'update_subtopic_page_property', 'property_name': 'page_contents_html', 'old_value': { 'html': '', 'content_id': 'content' }, 'new_value': { 'html': '<p>New Value</p>', 'content_id': 'content' }, 'subtopic_id': 2 }, { 'change_affects_subtopic_page': True, 'cmd': 'update_subtopic_page_property', 'property_name': 'page_contents_audio', 'old_value': { 'content': {} }, 'new_value': { 'content': { 'en': { 'filename': 'test.mp3', 'file_size_bytes': 100, 'needs_update': False } } }, 'subtopic_id': 2 }] } # Assign the topic manager to the topic. topic_services.assign_role(self.admin, self.topic_manager, topic_domain.ROLE_MANAGER, self.topic_id) self.login(self.TOPIC_MANAGER_EMAIL) response = self.get_html_response( '%s/%s' % (feconf.TOPIC_EDITOR_URL_PREFIX, self.topic_id)) csrf_token = self.get_csrf_token_from_response(response) # Check that the topic manager can edit the topic now. json_response = self.put_json( '%s/%s' % (feconf.TOPIC_EDITOR_DATA_URL_PREFIX, self.topic_id), change_cmd, csrf_token=csrf_token) self.assertEqual(self.topic_id, json_response['topic_dict']['id']) self.assertEqual('A new name', json_response['topic_dict']['name']) self.assertEqual(2, len(json_response['topic_dict']['subtopics'])) self.logout()
def test_editable_subtopic_page_get(self): # Check that non-admins and non-topic managers cannot access the # editable subtopic data. self.login(self.NEW_USER_EMAIL) self.get_json( '%s/%s/%s' % (feconf.SUBTOPIC_PAGE_EDITOR_DATA_URL_PREFIX, self.topic_id, 1), expected_status_int=401) self.logout() # Check that topic managers not assigned to this topic can # access its subtopic pages. self.login(self.TOPIC_MANAGER_EMAIL) json_response = self.get_json( '%s/%s/%s' % (feconf.SUBTOPIC_PAGE_EDITOR_DATA_URL_PREFIX, self.topic_id, 1)) self.assertEqual( { 'subtitled_html': { 'html': '', 'content_id': 'content' }, 'content_ids_to_audio_translations': { 'content': {} }, 'written_translations': { 'translations_mapping': { 'content': {} } } }, json_response['subtopic_page']['page_contents']) self.logout() topic_services.assign_role(self.admin, self.topic_manager, topic_domain.ROLE_MANAGER, self.topic_id) # Check that topic managers can access the subtopic page. self.login(self.TOPIC_MANAGER_EMAIL) json_response = self.get_json( '%s/%s/%s' % (feconf.SUBTOPIC_PAGE_EDITOR_DATA_URL_PREFIX, self.topic_id, 1)) self.assertEqual( { 'subtitled_html': { 'html': '', 'content_id': 'content' }, 'content_ids_to_audio_translations': { 'content': {} }, 'written_translations': { 'translations_mapping': { 'content': {} } }, }, json_response['subtopic_page']['page_contents']) self.logout() # Check that admins can access the editable subtopic data. self.login(self.ADMIN_EMAIL) json_response = self.get_json( '%s/%s/%s' % (feconf.SUBTOPIC_PAGE_EDITOR_DATA_URL_PREFIX, self.topic_id, 1)) self.assertEqual( { 'subtitled_html': { 'html': '', 'content_id': 'content' }, 'content_ids_to_audio_translations': { 'content': {} }, 'written_translations': { 'translations_mapping': { 'content': {} } } }, json_response['subtopic_page']['page_contents']) self.logout()
def test_get(self): # Create 5 questions linked to the same skill. for i in range(0, 3): #pylint: disable=unused-variable question_id = question_services.get_new_question_id() self.save_new_question( question_id, self.admin_id, self._create_valid_question_data('ABC')) question_services.create_new_question_skill_link( question_id, self.skill_id) with self.swap(feconf, 'ENABLE_NEW_STRUCTURES', True): self.login(self.ADMIN_EMAIL) with self.swap(feconf, 'NUM_QUESTIONS_PER_PAGE', 1): json_response = self.get_json( '%s/%s?cursor=' % ( feconf.TOPIC_EDITOR_QUESTION_URL, self.topic_id )) question_summary_dicts = json_response['question_summary_dicts'] self.assertEqual(len(question_summary_dicts), 1) next_start_cursor = json_response['next_start_cursor'] json_response = self.get_json( '%s/%s?cursor=%s' % ( feconf.TOPIC_EDITOR_QUESTION_URL, self.topic_id, next_start_cursor )) question_summary_dicts_2 = ( json_response['question_summary_dicts']) self.assertEqual(len(question_summary_dicts_2), 1) self.assertNotEqual( question_summary_dicts[0]['id'], question_summary_dicts_2[0]['id']) self.logout() self.login(self.TOPIC_MANAGER_EMAIL) response = self.testapp.get( '%s/%s?cursor=' % ( feconf.TOPIC_EDITOR_QUESTION_URL, self.topic_id ), expect_errors=True) self.assertEqual(response.status_int, 401) self.logout() topic_services.assign_role( self.admin, self.topic_manager, topic_domain.ROLE_MANAGER, self.topic_id) self.login(self.TOPIC_MANAGER_EMAIL) json_response = self.get_json( '%s/%s' % ( feconf.TOPIC_EDITOR_QUESTION_URL, self.topic_id )) question_summary_dicts = json_response['question_summary_dicts'] self.assertEqual(len(question_summary_dicts), 3) self.logout() self.login(self.NEW_USER_EMAIL) response = self.testapp.get( '%s/%s?cursor=' % ( feconf.TOPIC_EDITOR_QUESTION_URL, self.topic_id ), expect_errors=True) self.assertEqual(response.status_int, 401) self.logout()
def test_access_topic_editor_page(self): """Test access to editor pages for the sample topic.""" with self.swap(feconf, 'ENABLE_NEW_STRUCTURES', True): # Check that non-admin and topic_manager cannot access the editor # page. self.login(self.NEW_USER_EMAIL) response = self.testapp.get( '%s/%s' % (feconf.TOPIC_EDITOR_URL_PREFIX, self.topic_id), expect_errors=True) self.assertEqual(response.status_int, 401) self.logout() # Check that admins can access and edit in the editor page. self.login(self.ADMIN_EMAIL) response = self.testapp.get( '%s/%s' % (feconf.TOPIC_EDITOR_URL_PREFIX, self.topic_id)) self.assertEqual(response.status_int, 200) self.logout() # Assign TOPIC_MANAGER_USERNAME as a topic_manager for topic_id. topic_services.assign_role(self.admin, self.topic_manager, topic_domain.ROLE_MANAGER, self.topic_id) # Check that a topic manager for a topic can access and edit in the # editor page. self.login(self.TOPIC_MANAGER_EMAIL) response = self.testapp.get( '%s/%s' % (feconf.TOPIC_EDITOR_URL_PREFIX, self.topic_id)) self.assertEqual(response.status_int, 200) self.logout() # Create a new topic, and assign another user as its topic manager. topic_id_2 = topic_services.get_new_topic_id() self.save_new_topic(topic_id_2, self.admin_id, 'Name', 'Description', [], [], [], []) self.signup('*****@*****.**', 'topicmanager2') topic_manager_id_2 = self.get_user_id_from_email( '*****@*****.**') self.set_topic_managers(['topicmanager2']) topic_manager_2 = user_services.UserActionsInfo(topic_manager_id_2) topic_services.assign_role(self.admin, topic_manager_2, topic_domain.ROLE_MANAGER, topic_id_2) # Verify that the second topic manager can edit their # assigned topic. self.login('*****@*****.**') response = self.testapp.get( '%s/%s' % (feconf.TOPIC_EDITOR_URL_PREFIX, topic_id_2)) self.assertEqual(response.status_int, 200) self.logout() # Check that a topic manager for one topic cannot edit the other # one and vice-versa. self.login(self.TOPIC_MANAGER_EMAIL) response = self.testapp.get( '%s/%s' % (feconf.TOPIC_EDITOR_URL_PREFIX, topic_id_2), expect_errors=True) self.assertEqual(response.status_int, 401) self.logout() self.login('*****@*****.**') response = self.testapp.get( '%s/%s' % (feconf.TOPIC_EDITOR_URL_PREFIX, self.topic_id), expect_errors=True) self.assertEqual(response.status_int, 401) self.logout()
def test_cannot_assign_role_with_invalid_role(self): with self.assertRaisesRegexp(Exception, 'Invalid role'): topic_services.assign_role( self.user_admin, self.user_a, 'invalid_role', self.TOPIC_ID)