def test_has_permissions_put(self): """Tests POST permissions""" perm = IsResponseOwnerOrFaculty() p = ProjectFactory.create(course=self.sandbox_course) a = ActivityFactory.create(project=p) req = RequestFactory().put(reverse('api-response-list'), {'activity': a.pk}) req.user = AnonymousUser() # Patch the request object, as it doesn't seem to create the # data attribute as expected req.data = {'activity': a.pk} # Anon self.assertFalse(perm.has_permission(req, None)) # Faculty req.user = self.faculty self.assertFalse(perm.has_permission(req, None)) # Unrelated Student unrelated_student = UserFactory.create(first_name='Student', last_name='Two', email='*****@*****.**') self.registrar_course.group.user_set.add(unrelated_student) req.user = unrelated_student self.assertFalse(perm.has_permission(req, None)) # Related Student req.user = self.student self.assertTrue(perm.has_permission(req, None))
def test_has_object_permissions_patch(self): """Tests PATCH permissions""" perm = IsFeedbackFacultyOrStudentRecipient() p = ProjectFactory.create(course=self.sandbox_course) a = ActivityFactory.create(project=p) r = ResponseFactory.create(activity=a, owners=[self.student]) r.status = r.SUBMITTED r.save() f = FeedbackFactory(response=r) req = RequestFactory().patch( reverse('api-feedback-detail', args=[f.pk]), {'feedback': 'foo'}) # Anon req.user = AnonymousUser() self.assertFalse(perm.has_object_permission(req, None, r.feedback)) # Related Faculty req.user = self.faculty self.assertTrue(perm.has_object_permission(req, None, r.feedback)) # Unrelated Faculty # Checks that faculty in a different course can not # patch an object unrelated_faculty = UserFactory.create(first_name='Faculty', last_name='Two', email='*****@*****.**') self.registrar_course.faculty_group.user_set.add(unrelated_faculty) req.user = unrelated_faculty self.assertFalse(perm.has_object_permission(req, None, r.feedback)) # Student req.user = self.student self.assertFalse(perm.has_object_permission(req, None, r.feedback))
def test_has_permissions_put(self): """Tests POST permissions""" perm = IsFeedbackFacultyOrStudentRecipient() p = ProjectFactory.create(course=self.sandbox_course) a = ActivityFactory.create(project=p) r = ResponseFactory.create(activity=a, owners=[self.student]) req = RequestFactory().post(reverse('api-feedback-list'), { 'response': r.pk, 'body': 'foobar' }) req.query_params = dict() req.data = {'response': r.pk, 'body': 'foobar'} # Anon req.user = AnonymousUser() self.assertFalse(perm.has_permission(req, None)) # Faculty req.user = self.faculty self.assertTrue(perm.has_permission(req, None)) # Unrelated Student unrelated_student = UserFactory.create(first_name='Student', last_name='Two', email='*****@*****.**') self.registrar_course.group.user_set.add(unrelated_student) req.user = unrelated_student self.assertFalse(perm.has_permission(req, None)) # Related Student req.user = self.student self.assertFalse(perm.has_permission(req, None))
def test_create_student_response(self): self.assertTrue( self.client.login(username=self.student.username, password='******')) p = ProjectFactory.create(course=self.sandbox_course) a = ActivityFactory.create(project=p) response = self.client.post(reverse('api-response-list'), { 'activity': a.pk, }) self.assertEqual(response.status_code, 201)
def test_activity_delete_faculty(self): """ Test that faculty can delete an activity if there are no related responses """ self.assertTrue( self.client.login(username=self.faculty.username, password='******')) c = self.registrar_course p = ProjectFactory.create(course=c) ActivityFactory.create(project=p) response = self.client.post( reverse('activity-delete', args=[c.pk, p.pk])) self.assertEqual(response.status_code, 302) # Test that the model can not be deleted # from the front end if there are responses self.assertTrue( self.client.login(username=self.faculty.username, password='******')) c = self.registrar_course p = self.registrar_course_project response = self.client.post( reverse('activity-delete', args=[c.pk, p.pk])) self.assertEqual(response.status_code, 403)
def test_list_project_students(self): """Test that students and faculty can list projects""" # Make the first project an activity, the second not p1 = ProjectFactory(course=self.sandbox_course) ActivityFactory(project=p1) p2 = ProjectFactory(course=self.sandbox_course) self.assertTrue( self.client.login( username=self.student.username, password='******' ) ) response = self.client.get( reverse('course-detail-view', args=[self.sandbox_course.pk])) self.assertIn(p1, response.context['projects']) self.assertNotIn(p2, response.context['projects']) self.assertNotContains(response, 'Create New Project')
def test_unique_owner_per_activity(self): """ Test that a user can not be added as an owner to multiple responses for a single activity. """ # Add a new activity response to an existing activity student: User = UserFactory.create(first_name='Student', last_name='One', email='*****@*****.**') course = RegistrarCourseFactory.create() project = ProjectFactory.create(course=course) activity = ActivityFactory.create(project=project) ResponseFactory.create(activity=activity, owners=[student]) # Try adding self.student to this new response with self.assertRaises(IntegrityError): ResponseFactory.create(activity=activity, owners=[student])
def test_unique_owner_per_response(self): """ Test that a user can not be added as an owner to response multiple times. Noting that Django's default behavior is to prevent multiple instances of many to many relation. """ student: User = UserFactory.create(first_name='Student', last_name='One', email='*****@*****.**') course = RegistrarCourseFactory.create() project = ProjectFactory.create(course=course) activity = ActivityFactory.create(project=project) response = ResponseFactory.create(activity=activity, owners=[student]) self.assertEqual(response.owners.count(), 1) response.owners.add(student) self.assertEqual(response.owners.count(), 1)
def test_submitted_by_on(self): student: User = UserFactory.create( first_name='Student', last_name='One', email='*****@*****.**' ) course = RegistrarCourseFactory.create() project = ProjectFactory.create(course=course) activity = ActivityFactory.create(project=project) response = ResponseFactory.create( activity=activity, owners=[student]) # Assert that submitted_* are null self.assertIsNone(response.submitted_at) # Then submit the assignment response.status = response.SUBMITTED response.save() # Check that the fields have updated self.assertIsNot(response.submitted_at, None)
def reset_test_models(): call_command('flush', verbosity=0, interactive=False) # Create some models UserFactory.create(username='******', first_name='Super', last_name='User', email='*****@*****.**', is_superuser=True) # Sandbox Course c1: Course = SandboxCourseFactory.create() s1: User = UserFactory.create(username='******', first_name='Student', last_name='One', email='*****@*****.**') c1.group.user_set.add(s1) f1: User = UserFactory.create(username='******', first_name='Faculty', last_name='One', email='*****@*****.**') c1.group.user_set.add(f1) c1.faculty_group.user_set.add(f1) project = ProjectFactory.create(course=c1) activity = ActivityFactory.create(project=project) ResponseFactory.create(activity=activity, owners=[s1]) # Registrar Course c2: Course = RegistrarCourseFactory.create() s2: User = UserFactory.create(username='******', first_name='Student', last_name='Two', email='*****@*****.**') c2.group.user_set.add(s2) f2: User = UserFactory.create(username='******', first_name='Faculty', last_name='Two', email='*****@*****.**') c2.group.user_set.add(f2) c2.faculty_group.user_set.add(f2)
def reset_test_models(): call_command('flush', verbosity=0, interactive=False) # Enable some flags Flag.objects.create(name='share_response_layers', everyone=True) # Create some models UserFactory.create(username='******', first_name='Super', last_name='User', email='*****@*****.**', is_superuser=True, is_staff=True) # Sandbox Course c1: Course = SandboxCourseFactory.create(title='Sandbox Workspace') s1: User = UserFactory.create(username='******', first_name='Student', last_name='One', email='*****@*****.**') c1.group.user_set.add(s1) s1: User = UserFactory.create(username='******', first_name='Student', last_name='Three', email='*****@*****.**') c1.group.user_set.add(s1) f1: User = UserFactory.create(username='******', first_name='Faculty', last_name='One', email='*****@*****.**') c1.group.user_set.add(f1) c1.faculty_group.user_set.add(f1) a1: User = UserFactory.create(username='******', first_name='Author', last_name='One', email='*****@*****.**') c1.group.user_set.add(a1) c1.faculty_group.user_set.add(a1) project = ProjectFactory.create(course=c1, title='Activity One') activity = ActivityFactory.create(project=project) ResponseFactory.create(activity=activity, owners=[s1]) # Registrar Course - generates a project too c2: Course = RegistrarCourseFactory.create() s2: User = UserFactory.create(username='******', first_name='Student', last_name='Two', email='*****@*****.**') c2.group.user_set.add(s2) f2: User = UserFactory.create(username='******', first_name='Faculty', last_name='Two', email='*****@*****.**') c2.group.user_set.add(f2) c2.faculty_group.user_set.add(f2) # No affiliations UserFactory.create(username='******', first_name='Faculty', last_name='Three', email='*****@*****.**')