def test_check_user_access_with_permission(self): """ Verify the function returns True if the user has organization permission on given course, otherwise False. """ self.assertFalse( check_course_organization_permission( self.user, self.course, OrganizationExtension.VIEW_COURSE)) self.user.groups.add(self.organization_extension.group) assign_perm(OrganizationExtension.VIEW_COURSE, self.organization_extension.group, self.organization_extension) self.assertTrue( check_course_organization_permission( self.user, self.course, OrganizationExtension.VIEW_COURSE))
def test_check_user_access_with_permission(self): """ Verify the function returns a boolean indicating if the user has view permission on organization """ self.assertFalse( check_course_organization_permission( self.user, self.course, OrganizationExtension.VIEW_COURSE)) self.user.groups.add(self.organization_extension.group) assign_perm(OrganizationExtension.VIEW_COURSE, self.organization_extension.group, self.organization_extension) self.assertTrue( check_course_organization_permission( self.user, self.course, OrganizationExtension.VIEW_COURSE))
def get_context_data(self, **kwargs): context = super(CourseDetailView, self).get_context_data(**kwargs) user = self.request.user course = self.object context['can_edit'] = mixins.check_course_organization_permission( user, course, OrganizationExtension.EDIT_COURSE) context['breadcrumbs'] = make_bread_crumbs([ (reverse('publisher:publisher_courses'), 'Courses'), (None, course.title), ]) context['comment_object'] = course context['post_back_url'] = reverse('publisher:publisher_course_detail', kwargs={'pk': self.object.id}) context['publisher_hide_features_for_pilot'] = waffle.switch_is_active( 'publisher_hide_features_for_pilot') context['publisher_comment_widget_feature'] = waffle.switch_is_active( 'publisher_comment_widget_feature') context['publisher_history_widget_feature'] = waffle.switch_is_active( 'publisher_history_widget_feature') context['publisher_approval_widget_feature'] = waffle.switch_is_active( 'publisher_approval_widget_feature') context['role_widgets'] = get_course_role_widgets_data( user, course, course.course_state, 'publisher:api:change_course_state') return context
def can_edit_course(cls, course, user): try: return check_course_organization_permission( user, course, OrganizationExtension.EDIT_COURSE) and has_role_for_course( course, user) except ObjectDoesNotExist: return False
def get_context_data(self, **kwargs): context = super(CourseRunDetailView, self).get_context_data(**kwargs) user = self.request.user course_run = CourseRunWrapper(self.get_object()) context['object'] = course_run context['comment_object'] = course_run context['post_back_url'] = reverse( 'publisher:publisher_course_run_detail', kwargs={'pk': course_run.id}) context['can_edit'] = mixins.check_course_organization_permission( user, course_run.course, OrganizationExtension.EDIT_COURSE_RUN) context['role_widgets'] = get_course_role_widgets_data( user, course_run.course, course_run.course_run_state, 'publisher:api:change_course_run_state') course_run_state = course_run.course_run_state if course_run_state.preview_accepted: history_object = course_run_state.history.filter( preview_accepted=True).order_by('-modified').first() if history_object: context['preview_accepted_date'] = history_object.modified context['breadcrumbs'] = make_bread_crumbs([ (reverse('publisher:publisher_courses'), 'Courses'), (reverse('publisher:publisher_course_detail', kwargs={'pk': course_run.course.id}), course_run.course.title), (None, '{type}: {start}'.format( type=course_run.get_pacing_type_display(), start=course_run.start.strftime("%B %d, %Y"))) ]) context['can_view_all_tabs'] = mixins.check_roles_access(user) context['publisher_hide_features_for_pilot'] = waffle.switch_is_active( 'publisher_hide_features_for_pilot') context['publisher_comment_widget_feature'] = waffle.switch_is_active( 'publisher_comment_widget_feature') context['publisher_approval_widget_feature'] = waffle.switch_is_active( 'publisher_approval_widget_feature') return context
def has_object_permission(self, request, view, obj): user = request.user return ( check_roles_access(user) or check_course_organization_permission(user, obj.course, OrganizationExtension.VIEW_COURSE) )
def assert_user_can_view_course(self, user, course, permission): """ Asserts the user can view the course. """ self.assertTrue(check_course_organization_permission(user, course, permission))
def can_edit(course, user, permission): return check_course_organization_permission( user, course, permission) and has_role_for_course(course, user)