def setUp(self): """ Setup common conditions for every test case. """ super().setUp() self.certificate = CertificateData( user=UserData( pii=UserPersonalData( username="******", email="*****@*****.**", name="Test Example", ), id=39, is_active=True, ), course=CourseData( course_key=CourseKey.from_string( "course-v1:edX+DemoX+Demo_Course"), display_name="Demonstration Course", ), mode="audit", current_status="notpassing", grade=100, download_url="https://downdloadurl.com", name="Certs", )
def setUp(self): """ Setup common conditions for test cases. """ enrollment = CourseEnrollmentData( user=UserData( pii=UserPersonalData( username="******", email="*****@*****.**", name="Test Example", ), id=39, is_active=True, ), course=CourseData( course_key=CourseKey.from_string("course-v1:edX+DemoX+Demo_Course"), display_name="Demonstration Course", ), mode="audit", is_active=True, creation_date=datetime.datetime.now(), ) self.kwargs = { "enrollment": enrollment, }
def _handle_successful_authentication_and_login(user, request): """ Handles clearing the failed login counter, login tracking, and setting session timeout. """ if LoginFailures.is_feature_enabled(): LoginFailures.clear_lockout_counter(user) _track_user_login(user, request) try: django_login(request, user) request.session.set_expiry(604800 * 4) log.debug("Setting user session expiry to 4 weeks") # .. event_implemented_name: SESSION_LOGIN_COMPLETED SESSION_LOGIN_COMPLETED.send_event(user=UserData( pii=UserPersonalData( username=user.username, email=user.email, name=user.profile.name, ), id=user.id, is_active=user.is_active, ), ) except Exception as exc: AUDIT_LOG.critical( "Login failed - Could not create session. Is memcached running?") log.critical( "Login failed - Could not create session. Is memcached running?") log.exception(exc) raise
def save(self, force_insert=False, force_update=False, using=None, update_fields=None): self.full_clean(validate_unique=False) # .. event_implemented_name: COHORT_MEMBERSHIP_CHANGED COHORT_MEMBERSHIP_CHANGED.send_event( cohort=CohortData( user=UserData( pii=UserPersonalData( username=self.user.username, email=self.user.email, name=self.user.profile.name, ), id=self.user.id, is_active=self.user.is_active, ), course=CourseData( course_key=self.course_id, ), name=self.course_user_group.name, ) ) log.info("Saving CohortMembership for user '%s' in '%s'", self.user.id, self.course_id) return super().save( force_insert=force_insert, force_update=force_update, using=using, update_fields=update_fields )
def test_send_registration_event(self): """ Test whether the student registration event is sent during the user's registration process. Expected result: - STUDENT_REGISTRATION_COMPLETED is sent and received by the mocked receiver. - The arguments that the receiver gets are the arguments sent by the event except the metadata generated on the fly. """ event_receiver = Mock(side_effect=self._event_receiver_side_effect) STUDENT_REGISTRATION_COMPLETED.connect(event_receiver) self.client.post(self.url, self.user_info) user = User.objects.get(username=self.user_info.get("username")) self.assertTrue(self.receiver_called) self.assertDictContainsSubset( { "signal": STUDENT_REGISTRATION_COMPLETED, "sender": None, "user": UserData( pii=UserPersonalData( username=user.username, email=user.email, name=user.profile.name, ), id=user.id, is_active=user.is_active, ), }, event_receiver.call_args.kwargs)
def setUp(self): """ Setup common conditions for every test case. """ super().setUp() self.user = UserData( pii=UserPersonalData( username="******", email="*****@*****.**", name="Test Example", ), id=39, is_active=True, )
def test_send_certificate_changed_event(self): """ Test whether the certificate changed event is sent at the end of the certificate update process. Expected result: - CERTIFICATE_CHANGED is sent and received by the mocked receiver. - The arguments that the receiver gets are the arguments sent by the event except the metadata generated on the fly. """ event_receiver = Mock(side_effect=self._event_receiver_side_effect) CERTIFICATE_CHANGED.connect(event_receiver) certificate = GeneratedCertificateFactory.create( status=CertificateStatuses.downloadable, user=self.user, course_id=self.course.id, mode=GeneratedCertificate.MODES.honor, name="Certificate", grade="100", download_url="https://certificate.pdf") certificate.grade = "50" certificate.save() self.assertTrue(self.receiver_called) self.assertDictContainsSubset( { "signal": CERTIFICATE_CHANGED, "sender": None, "certificate": CertificateData( user=UserData( pii=UserPersonalData( username=certificate.user.username, email=certificate.user.email, name=certificate.user.profile.name, ), id=certificate.user.id, is_active=certificate.user.is_active, ), course=CourseData(course_key=certificate.course_id, ), mode=certificate.mode, grade=certificate.grade, current_status=certificate.status, download_url=certificate.download_url, name=certificate.name, ), }, event_receiver.call_args.kwargs)
def setUp(self): """Set up class for post_to_webhook_url testing.""" self.user = UserData( pii=UserPersonalData( username="******", email="*****@*****.**", name="Tania Chernova", ), id=1, is_active=True, ) self.kwargs = { 'user': self.user, }
def test_unenrollment_completed_event_emitted(self): """ Test whether the student un-enrollment completed event is sent after the user's unenrollment process. Expected result: - COURSE_UNENROLLMENT_COMPLETED is sent and received by the mocked receiver. - The arguments that the receiver gets are the arguments sent by the event except the metadata generated on the fly. """ enrollment = CourseEnrollment.enroll(self.user, self.course.id) event_receiver = mock.Mock( side_effect=self._event_receiver_side_effect) COURSE_UNENROLLMENT_COMPLETED.connect(event_receiver) CourseEnrollment.unenroll(self.user, self.course.id) self.assertTrue(self.receiver_called) self.assertDictContainsSubset( { "signal": COURSE_UNENROLLMENT_COMPLETED, "sender": None, "enrollment": CourseEnrollmentData( user=UserData( pii=UserPersonalData( username=self.user.username, email=self.user.email, name=self.user.profile.name, ), id=self.user.id, is_active=self.user.is_active, ), course=CourseData( course_key=self.course.id, display_name=self.course.display_name, ), mode=enrollment.mode, is_active=False, creation_date=enrollment.created, ), }, event_receiver.call_args.kwargs)
def test_send_cohort_membership_changed_event(self): """ Test whether the COHORT_MEMBERSHIP_CHANGED event is sent when a cohort membership update ends. Expected result: - COHORT_MEMBERSHIP_CHANGED is sent and received by the mocked receiver. - The arguments that the receiver gets are the arguments sent by the event except the metadata generated on the fly. """ event_receiver = Mock(side_effect=self._event_receiver_side_effect) COHORT_MEMBERSHIP_CHANGED.connect(event_receiver) cohort_membership, _ = CohortMembership.assign( cohort=self.cohort, user=self.user, ) self.assertTrue(self.receiver_called) self.assertDictContainsSubset( { "signal": COHORT_MEMBERSHIP_CHANGED, "sender": None, "cohort": CohortData( user=UserData( pii=UserPersonalData( username=cohort_membership.user.username, email=cohort_membership.user.email, name=cohort_membership.user.profile.name, ), id=cohort_membership.user.id, is_active=cohort_membership.user.is_active, ), course=CourseData( course_key=cohort_membership.course_id, ), name=cohort_membership.course_user_group.name, ), }, event_receiver.call_args.kwargs )
def setUp(self): """ Setup common conditions for every test case. """ super().setUp() self.cohort = CohortData( user=UserData( pii=UserPersonalData( username="******", email="*****@*****.**", name="Test Example", ), id=39, is_active=True, ), course=CourseData( course_key=CourseKey.from_string( "course-v1:edX+DemoX+Demo_Course"), display_name="Demonstration Course", ), name="Uchiha", )
def test_send_login_event(self): """ Test whether the student login event is sent after the user's login process. Expected result: - SESSION_LOGIN_COMPLETED is sent and received by the mocked receiver. - The arguments that the receiver gets are the arguments sent by the event except the metadata generated on the fly. """ event_receiver = Mock(side_effect=self._event_receiver_side_effect) SESSION_LOGIN_COMPLETED.connect(event_receiver) data = { "email": "*****@*****.**", "password": "******", } self.client.post(self.url, data) user = User.objects.get(username=self.user.username) self.assertTrue(self.receiver_called) self.assertDictContainsSubset( { "signal": SESSION_LOGIN_COMPLETED, "sender": None, "user": UserData( pii=UserPersonalData( username=user.username, email=user.email, name=user.profile.name, ), id=user.id, is_active=user.is_active, ), }, event_receiver.call_args.kwargs)
def setUp(self): """ Setup common conditions for test cases. """ self.certificate = CertificateData( user=UserData( pii=UserPersonalData( username="******", email="*****@*****.**", name="Test Example", ), id=39, is_active=True, ), course=CourseData( course_key=CourseKey.from_string("course-v1:edX+DemoX+Demo_Course"), display_name="Demonstration Course", ), mode="audit", current_status="notpassing", grade=0.5, download_url="https://downdloadurl.com", name="Certs", ) self.kwargs = { "certificate": self.certificate, } self.course_key = CourseKey.from_string("course-v1:edx+DemoX+Demo_Course") self.grading_config = { "block_id": "467f8ab131634e52bb6c22b60940d857", "program_id": "course-v1:edx+DemoX+Demo_Course", } self.usage_key = self.course_key.make_usage_key( "staffgradedxblock", self.grading_config.get("block_id") )
def save(self, *args, **kwargs): # pylint: disable=signature-differs """ After the base save() method finishes, fire the COURSE_CERT_CHANGED signal. If the learner is currently passing the course we also fire the COURSE_CERT_AWARDED signal. The COURSE_CERT_CHANGED signal helps determine if a Course Certificate can be awarded to a learner in the Credentials IDA. The COURSE_CERT_AWARDED signal helps determine if a Program Certificate can be awarded to a learner in the Credentials IDA. """ super().save(*args, **kwargs) COURSE_CERT_CHANGED.send_robust( sender=self.__class__, user=self.user, course_key=self.course_id, mode=self.mode, status=self.status, ) # .. event_implemented_name: CERTIFICATE_CHANGED CERTIFICATE_CHANGED.send_event(certificate=CertificateData( user=UserData( pii=UserPersonalData( username=self.user.username, email=self.user.email, name=self.user.profile.name, ), id=self.user.id, is_active=self.user.is_active, ), course=CourseData(course_key=self.course_id, ), mode=self.mode, grade=self.grade, current_status=self.status, download_url=self.download_url, name=self.name, )) if CertificateStatuses.is_passing_status(self.status): COURSE_CERT_AWARDED.send_robust( sender=self.__class__, user=self.user, course_key=self.course_id, mode=self.mode, status=self.status, ) # .. event_implemented_name: CERTIFICATE_CREATED CERTIFICATE_CREATED.send_event(certificate=CertificateData( user=UserData( pii=UserPersonalData( username=self.user.username, email=self.user.email, name=self.user.profile.name, ), id=self.user.id, is_active=self.user.is_active, ), course=CourseData(course_key=self.course_id, ), mode=self.mode, grade=self.grade, current_status=self.status, download_url=self.download_url, name=self.name, ))
def _revoke_certificate(self, status, mode=None, grade=None, source=None): """ Revokes a course certificate from a learner, updating the certificate's status as specified by the value of the `status` argument. This will prevent the learner from being able to access their certificate in the associated course run. We remove the `download_uuid` and the `download_url` as well, but this is only important to PDF certificates. Invalidating a certificate fires the `COURSE_CERT_REVOKED` signal. This kicks off a task to determine if there are any program certificates that also need to be revoked from the learner. If the certificate had a status of `downloadable` before being revoked then we will also emit an `edx.certificate.revoked` event for tracking purposes. Args: status (CertificateStatus) - certificate status to set for the `GeneratedCertificate` record mode (String) - learner's current enrollment mode grade (float) - snapshot of the learner's current grade as a decimal source (String) - source requesting invalidation of the certificate for tracking purposes """ previous_certificate_status = self.status if not grade: grade = '' if not mode: mode = self.mode preferred_name = self._get_preferred_certificate_name(self.user) self.error_reason = '' self.download_uuid = '' self.download_url = '' self.grade = grade self.status = status self.mode = mode self.name = preferred_name self.save() COURSE_CERT_REVOKED.send_robust( sender=self.__class__, user=self.user, course_key=self.course_id, mode=self.mode, status=self.status, ) # .. event_implemented_name: CERTIFICATE_REVOKED CERTIFICATE_REVOKED.send_event(certificate=CertificateData( user=UserData( pii=UserPersonalData( username=self.user.username, email=self.user.email, name=self.user.profile.name, ), id=self.user.id, is_active=self.user.is_active, ), course=CourseData(course_key=self.course_id, ), mode=self.mode, grade=self.grade, current_status=self.status, download_url=self.download_url, name=self.name, )) if previous_certificate_status == CertificateStatuses.downloadable: # imported here to avoid a circular import issue from lms.djangoapps.certificates.utils import emit_certificate_event event_data = { 'user_id': self.user.id, 'course_id': str(self.course_id), 'certificate_id': self.verify_uuid, 'enrollment_mode': self.mode, 'source': source or '', } emit_certificate_event('revoked', self.user, str(self.course_id), event_data=event_data)
def create_account_with_params(request, params): """ Given a request and a dict of parameters (which may or may not have come from the request), create an account for the requesting user, including creating a comments service user object and sending an activation email. This also takes external/third-party auth into account, updates that as necessary, and authenticates the user for the request's session. Does not return anything. Raises AccountValidationError if an account with the username or email specified by params already exists, or ValidationError if any of the given parameters is invalid for any other reason. Issues with this code: * It is non-transactional except where explicitly wrapped in atomic to alleviate deadlocks and improve performance. This means failures at different places in registration can leave users in inconsistent states. * Third-party auth passwords are not verified. There is a comment that they are unused, but it would be helpful to have a sanity check that they are sane. * The user-facing text is rather unfriendly (e.g. "Username must be a minimum of two characters long" rather than "Please use a username of at least two characters"). * Duplicate email raises a ValidationError (rather than the expected AccountValidationError). Duplicate username returns an inconsistent user message (i.e. "An account with the Public Username '{username}' already exists." rather than "It looks like {username} belongs to an existing account. Try again with a different username.") The two checks occur at different places in the code; as a result, registering with both a duplicate username and email raises only a ValidationError for email only. """ # Copy params so we can modify it; we can't just do dict(params) because if # params is request.POST, that results in a dict containing lists of values params = dict(list(params.items())) # allow to define custom set of required/optional/hidden fields via configuration extra_fields = configuration_helpers.get_value( 'REGISTRATION_EXTRA_FIELDS', getattr(settings, 'REGISTRATION_EXTRA_FIELDS', {}) ) if is_registration_api_v1(request): if 'confirm_email' in extra_fields: del extra_fields['confirm_email'] # registration via third party (Google, Facebook) using mobile application # doesn't use social auth pipeline (no redirect uri(s) etc involved). # In this case all related info (required for account linking) # is sent in params. # `third_party_auth_credentials_in_api` essentially means 'request # is made from mobile application' third_party_auth_credentials_in_api = 'provider' in params is_third_party_auth_enabled = third_party_auth.is_enabled() if is_third_party_auth_enabled and (pipeline.running(request) or third_party_auth_credentials_in_api): params["password"] = generate_password() # in case user is registering via third party (Google, Facebook) and pipeline has expired, show appropriate # error message if is_third_party_auth_enabled and ('social_auth_provider' in params and not pipeline.running(request)): raise ValidationError( { 'session_expired': [ _("Registration using {provider} has timed out.").format( provider=params.get('social_auth_provider')) ], 'error_code': 'tpa-session-expired', } ) if is_third_party_auth_enabled: set_custom_attribute('register_user_tpa', pipeline.running(request)) extended_profile_fields = configuration_helpers.get_value('extended_profile_fields', []) # Can't have terms of service for certain SHIB users, like at Stanford registration_fields = getattr(settings, 'REGISTRATION_EXTRA_FIELDS', {}) tos_required = ( registration_fields.get('terms_of_service') != 'hidden' or registration_fields.get('honor_code') != 'hidden' ) form = AccountCreationForm( data=params, extra_fields=extra_fields, extended_profile_fields=extended_profile_fields, do_third_party_auth=False, tos_required=tos_required, ) custom_form = get_registration_extension_form(data=params) # Perform operations within a transaction that are critical to account creation with outer_atomic(): # first, create the account (user, profile, registration) = do_create_account(form, custom_form) third_party_provider, running_pipeline = _link_user_to_third_party_provider( is_third_party_auth_enabled, third_party_auth_credentials_in_api, user, request, params, ) new_user = authenticate_new_user(request, user.username, form.cleaned_data['password']) django_login(request, new_user) request.session.set_expiry(0) # Sites using multiple languages need to record the language used during registration. # If not, compose_and_send_activation_email will be sent in site's default language only. create_or_set_user_attribute_created_on_site(user, request.site) # Only add a default user preference if user does not already has one. if not preferences_api.has_user_preference(user, LANGUAGE_KEY): preferences_api.set_user_preference(user, LANGUAGE_KEY, get_language()) # Check if system is configured to skip activation email for the current user. skip_email = _skip_activation_email( user, running_pipeline, third_party_provider, ) if skip_email: registration.activate() else: redirect_to, root_url = get_next_url_for_login_page(request, include_host=True) redirect_url = get_redirect_url_with_host(root_url, redirect_to) compose_and_send_activation_email(user, profile, registration, redirect_url) if settings.FEATURES.get('ENABLE_DISCUSSION_EMAIL_DIGEST'): try: enable_notifications(user) except Exception: # pylint: disable=broad-except log.exception(f"Enable discussion notifications failed for user {user.id}.") _track_user_registration(user, profile, params, third_party_provider, registration) # Announce registration REGISTER_USER.send(sender=None, user=user, registration=registration) STUDENT_REGISTRATION_COMPLETED.send_event( user=UserData( pii=UserPersonalData( username=user.username, email=user.email, name=user.profile.name, ), id=user.id, is_active=user.is_active, ), ) create_comments_service_user(user) try: _record_registration_attributions(request, new_user) _record_marketing_emails_opt_in_attribute(params.get('marketing_emails_opt_in'), new_user) # Don't prevent a user from registering due to attribution errors. except Exception: # pylint: disable=broad-except log.exception('Error while attributing cookies to user registration.') # TODO: there is no error checking here to see that the user actually logged in successfully, # and is not yet an active user. is_new_user(request, new_user) return new_user
def create_edxapp_user(*args, **kwargs): """ Creates a user on the open edx django site using calls to functions defined in the edx-platform codebase Example call: data = { 'email': "*****@*****.**", 'username': "******", 'password': "******", 'fullname': "Full Name", 'activate': True, 'site': request.site, 'language_preference': 'es-419', } user = create_edxapp_user(**data) """ errors = [] extra_fields = getattr(settings, "REGISTRATION_EXTRA_FIELDS", {}) extended_profile_fields = getattr(settings, "extended_profile_fields", []) kwargs["name"] = kwargs.pop("fullname", None) email = kwargs.get("email") username = kwargs.get("username") conflicts = check_edxapp_account_conflicts(email=email, username=username) if conflicts: return None, [ "Fatal: account collition with the provided: {}".format( ", ".join(conflicts)) ] # Go ahead and create the new user with transaction.atomic(): # In theory is possible to extend the registration form with a custom app # An example form app for this can be found at http://github.com/open-craft/custom-form-app # form = get_registration_extension_form(data=params) # if not form: form = EdnxAccountCreationForm( data=kwargs, tos_required=False, extra_fields=extra_fields, extended_profile_fields=extended_profile_fields, # enforce_password_policy=enforce_password_policy, ) (user, profile, registration) = do_create_account(form) # pylint: disable=unused-variable site = kwargs.pop("site", False) if site: create_or_set_user_attribute_created_on_site(user, site) else: errors.append("The user was not assigned to any site") try: create_comments_service_user(user) except Exception: # pylint: disable=broad-except errors.append("No comments_service_user was created") # TODO: link account with third party auth # Announce registration through API call post_register.send_robust(sender=None, user=user) # pylint: disable=no-member STUDENT_REGISTRATION_COMPLETED.send_event( user=UserData( pii=UserPersonalData( username=user.username, email=user.email, name=user.profile.name, # pylint: disable=no-member ), id=user.id, is_active=user.is_active, ), ) lang_pref = kwargs.pop("language_preference", False) if lang_pref: try: preferences_api.set_user_preference(user, LANGUAGE_KEY, lang_pref) except Exception: # pylint: disable=broad-except errors.append( "Could not set lang preference '{} for user '{}'".format( lang_pref, user.username, )) if kwargs.pop("activate_user", False): user.is_active = True user.save() # TODO: run conditional email sequence return user, errors