def test_filter_courses_based_on_org(self):
"""
Test course are filtered properly on current site organization.
"""
edx_org_1 = OrganizationFactory()
edx_org_2 = OrganizationFactory()
courses_of_org_1 = CourseFactory.create_batch(2,
org=edx_org_1.short_name)
CourseFactory.create(org=edx_org_2.short_name)
assert len(modulestore().get_courses()) == 3
EdlySubOrganizationFactory(edx_organization=edx_org_1,
lms_site=self.request.site,
studio_site=self.request.site)
create_user_link_with_edly_sub_organization(self.request,
self.request.user)
response = cookies_api.set_logged_in_edly_cookies(
self.request, HttpResponse(), self.user,
cookie_settings(self.request))
self._copy_cookies_to_request(response, self.request)
filtered_courses = filter_courses_based_on_org(self.request,
courses_of_org_1)
assert len(filtered_courses) == 2
edx_orgs_of_filterd_courses = [
course.org for course in filtered_courses
]
for org in edx_orgs_of_filterd_courses:
assert org == edx_org_1.short_name
def setUp(self):
super(_DispatchingViewTestCase, self).setUp()
self.dop_adapter = adapters.DOPAdapter()
self.dot_adapter = adapters.DOTAdapter()
self.user = UserFactory()
self.dot_app = self.dot_adapter.create_public_client(
name='test dot application',
user=self.user,
redirect_uri=DUMMY_REDIRECT_URL,
client_id='dot-app-client-id',
)
self.dop_app = self.dop_adapter.create_public_client(
name='test dop client',
user=self.user,
redirect_uri=DUMMY_REDIRECT_URL,
client_id='dop-app-client-id',
)
self.dot_app_access = models.ApplicationAccess.objects.create(
application=self.dot_app,
scopes=['grades:read'],
)
self.dot_app_org = models.ApplicationOrganization.objects.create(
application=self.dot_app, organization=OrganizationFactory())
# Create a "restricted" DOT Application which means any AccessToken/JWT
# generated for this application will be immediately expired
self.restricted_dot_app = self.dot_adapter.create_public_client(
name='test restricted dot application',
user=self.user,
redirect_uri=DUMMY_REDIRECT_URL,
client_id='dot-restricted-app-client-id',
)
models.RestrictedApplication.objects.create(
application=self.restricted_dot_app)
def test_jwt_access_token_scopes_and_filters(self, grant_type):
"""
Verify the JWT contains the expected scopes and filters.
"""
dot_app = self.dot_adapter.create_public_client(
name='test dot application',
user=self.user,
redirect_uri=DUMMY_REDIRECT_URL,
client_id='dot-app-client-id-{grant_type}'.format(
grant_type=grant_type),
grant_type=grant_type,
)
dot_app_access = models.ApplicationAccess.objects.create(
application=dot_app,
scopes=['grades:read'],
)
models.ApplicationOrganization.objects.create(
application=dot_app, organization=OrganizationFactory())
scopes = dot_app_access.scopes
filters = self.dot_adapter.get_authorization_filters(dot_app)
response = self._post_request(self.user,
dot_app,
token_type='jwt',
scope=scopes)
self.assertEqual(response.status_code, 200)
data = json.loads(response.content.decode('utf-8'))
self.assert_valid_jwt_access_token(
data['access_token'],
self.user,
scopes,
filters=filters,
)
def test_create_organization_already_exists(self):
organization = OrganizationFactory(name='GITRello')
payload = {
'name': organization.name,
}
user = UserFactory()
api_client = APIClient()
api_client.force_authenticate(user=user)
with patch.object(
OrganizationService,
'create_organization',
side_effect=OrganizationAlreadyExistsException) as mocked_create_organization:
response = api_client.post('/api/v1/organizations', data=payload, format='json')
self.assertEqual(response.status_code, 400)
mocked_create_organization.assert_called_with(
owner_id=user.id,
name=payload['name'],
)
expected_response = {
'error_code': OrganizationAlreadyExistsException.code,
'error_message': OrganizationAlreadyExistsException.message,
}
self.assertDictEqual(response.data, expected_response)
def setUp(self):
super(AMCAdminPermissionsTestCase, self).setUp()
self.user = UserFactory.create()
self.site = SiteFactory.create(domain='foo.dev', name='foo.dev')
factory = APIRequestFactory()
self.request = factory.get('/test/')
self.request.user = self.user
self.organization = OrganizationFactory()
def test_add_member_board_not_found(self):
organization = OrganizationFactory()
with self.assertRaises(BoardNotFoundException):
_ = BoardMembershipService.create_board_membership(
board_id=-1,
organization_membership_id=organization.id,
)
def test_send_invite_user_not_found(self):
organization = OrganizationFactory()
with self.assertRaises(UserNotFoundException):
_ = OrganizationInviteService.create_organization_invite(
organization_id=organization.id,
email='*****@*****.**',
message='message',
)
def test_create_organization_name_not_unique(self):
organization = OrganizationFactory()
user = UserFactory()
with self.assertRaises(OrganizationAlreadyExistsException):
_ = OrganizationService().create_organization(
owner_id=user.id,
name=organization.name,
)
def setUp(self):
super(ProgramEnrollmentsInspectorViewTests, self).setUp() # lint-amnesty, pylint: disable=super-with-arguments
self.url = reverse("support:program_enrollments_inspector")
SupportStaffRole().add_users(self.user)
self.program_uuid = str(uuid4())
self.external_user_key = 'abcaaa'
# Setup three orgs and their SAML providers
self.org_key_list = ['test_org', 'donut_org', 'tri_org']
for org_key in self.org_key_list:
lms_org = OrganizationFactory(short_name=org_key)
SAMLProviderConfigFactory(
organization=lms_org,
slug=org_key,
enabled=True,
)
self.no_saml_org_key = 'no_saml_org'
self.no_saml_lms_org = OrganizationFactory(
short_name=self.no_saml_org_key)
def setUp(self):
self.owner = UserFactory()
self.organization = OrganizationFactory(owner=self.owner)
self.discipline = DisciplineFactory()
self.team = TeamFactory(
organization=self.organization,
discipline=self.discipline,
)
self.tournament = TournamentWithTeamsFactory()
self.stage = StageFactory(tournament=self.tournament)
def test_add_member(self):
organization = OrganizationFactory()
user = UserFactory()
membership = OrganizationMembershipService.create_organization_membership(
organization_id=organization.id,
user_id=user.id,
role=OrganizationMemberRole.OWNER,
)
self.assertIsNotNone(membership)
self.assertEqual(membership.organization_id, organization.id)
self.assertEqual(membership.user_id, user.id)
self.assertEqual(membership.role, OrganizationMemberRole.OWNER)
def test_send_invite(self):
organization = OrganizationFactory()
user = UserFactory()
invite = OrganizationInviteService.create_organization_invite(
organization_id=organization.id,
email=user.email,
message='message',
)
self.assertIsNotNone(invite)
self.assertEqual(invite.organization.id, organization.id)
self.assertEqual(invite.user.id, user.id)
self.assertEqual(invite.message, 'message')
def test_update_organization(self):
""" Verify Organization can be updated via PUT endpoint. """
org = OrganizationFactory()
data = {
'name': 'changed-name',
'short_name': org.short_name,
}
url = reverse('v0:organization-detail', kwargs={'short_name': org.short_name})
response = self.client.put(url, json.dumps(data), content_type='application/json')
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data['name'], data['name'])
self.assertEqual(response.data['short_name'], org.short_name)
self.assertEqual(response.data['description'], org.description)
orgs = Organization.objects.all()
self.assertEqual(len(orgs), 2)
def setUp(self):
"""Make the user support staff"""
super().setUp()
SupportStaffRole().add_users(self.user)
self.student = UserFactory.create(username='******', email='*****@*****.**', password='******')
self.url = reverse("support:sso_records", kwargs={'username_or_email': self.student.username})
self.org_key_list = ['test_org']
for org_key in self.org_key_list:
lms_org = OrganizationFactory(
short_name=org_key
)
SAMLProviderConfigFactory(
organization=lms_org,
slug=org_key,
enabled=True,
)
def test_success(self):
""" The task should clone the OrganizationCourse and RestrictedCourse data. """
old_course_key = self.course.id
new_course_key = CourseLocator(org=old_course_key.org,
course=old_course_key.course,
run='rerun')
old_course_id = str(old_course_key)
new_course_id = str(new_course_key)
organization = OrganizationFactory(short_name=old_course_key.org)
OrganizationCourse.objects.create(course_id=old_course_id,
organization=organization)
restricted_course = RestrictedCourse.objects.create(
course_key=self.course.id)
restricted_country = Country.objects.create(country='US')
CountryAccessRule.objects.create(
rule_type=CountryAccessRule.BLACKLIST_RULE,
restricted_course=restricted_course,
country=restricted_country)
# Run the task!
self._rerun_course(old_course_key, new_course_key)
# Verify the new course run exists
course = modulestore().get_course(new_course_key)
self.assertIsNotNone(course)
# Verify the OrganizationCourse is cloned
self.assertEqual(OrganizationCourse.objects.count(), 2)
# This will raise an error if the OrganizationCourse object was not cloned
OrganizationCourse.objects.get(course_id=new_course_id,
organization=organization)
# Verify the RestrictedCourse and related objects are cloned
self.assertEqual(RestrictedCourse.objects.count(), 2)
restricted_course = RestrictedCourse.objects.get(
course_key=new_course_key)
self.assertEqual(CountryAccessRule.objects.count(), 2)
CountryAccessRule.objects.get(
rule_type=CountryAccessRule.BLACKLIST_RULE,
restricted_course=restricted_course,
country=restricted_country)
def test_create_organization(self):
payload = {
'name': 'GITrello',
}
user = UserFactory()
api_client = APIClient()
api_client.force_authenticate(user=user)
organization = OrganizationFactory()
with patch.object(
OrganizationService, 'create_organization', return_value=organization) as mocked_create_organization:
response = api_client.post('/api/v1/organizations', data=payload, format='json')
self.assertEqual(response.status_code, 201)
mocked_create_organization.assert_called_with(
owner_id=user.id,
name=payload['name'],
)
self.assertDictEqual(response.data, {'id': str(organization.id), 'name': organization.name})
def setUp(self):
super(TestAuthorizationView, self).setUp()
self.dop_adapter = adapters.DOPAdapter()
self.user = UserFactory()
self.dot_app = self.dot_adapter.create_confidential_client(
name='test dot application',
user=self.user,
redirect_uri=DUMMY_REDIRECT_URL,
client_id='confidential-dot-app-client-id',
)
models.ApplicationAccess.objects.create(
application=self.dot_app,
scopes=['grades:read'],
)
self.dot_app_org = models.ApplicationOrganization.objects.create(
application=self.dot_app, organization=OrganizationFactory())
self.dop_app = self.dop_adapter.create_confidential_client(
name='test dop client',
user=self.user,
redirect_uri=DUMMY_REDIRECT_URL,
client_id='confidential-dop-app-client-id',
)
def test_new_organization_no_permissions():
user, organization, client = setup()
assert login(client, user)
assert len(user.get_organizations()) == 0
response = client.post(
path=reverse('organizations:new_organization'),
data={
},
)
assert response.status_code == HTTP_403_FORBIDDEN
organization = OrganizationFactory()
organization.add_manage(user)
assert len(user.get_organizations()) == 1
response = client.post(
path=reverse('organizations:new_organization'),
data={
'name': 'Test organization',
},
)
assert response.status_code == HTTP_403_FORBIDDEN
assert len(user.get_organizations()) == 1
def test_inactive_organization(self):
""" Verify inactive organization are filtered out."""
organization = OrganizationFactory(active=False)
url = self._get_organization_url(organization)
response = self.client.get(url)
self.assertEqual(response.status_code, 404)
def setUp(self):
self.owner = UserFactory()
self.organization = OrganizationFactory(owner=self.owner)
self.team = TeamWithPlayersFactory(organization=self.organization)
self.discipline = DisciplineFactory()
def test_transfer_ownership():
user, organization, project, client = setup()
project.add_manage(user)
assert login(client, user)
# Test that the user does not have permissions yet.
new_organization = OrganizationFactory()
# Valid case
assert project.organization.pk == organization.pk
response = client.post(path=reverse('projects:transfer_ownership',
args=[project.pk]),
data={
'organization': new_organization.pk,
},
follow=True)
assert response.status_code == HTTP_200_OK
project.refresh_from_db()
assert project.organization.pk != new_organization.pk
# Test that if the user does not have enough permissions, that things do not work.
new_organization.add_create(user)
# Valid case
assert project.organization.pk == organization.pk
response = client.post(path=reverse('projects:transfer_ownership',
args=[project.pk]),
data={
'organization': new_organization.pk,
},
follow=True)
assert response.status_code == HTTP_200_OK
project.refresh_from_db()
assert project.organization.pk == organization.pk
new_organization.delete_create(user)
# Test that if the user does not have enough permissions, that things do not work.
new_organization.add_invite(user)
# Valid case
assert project.organization.pk == organization.pk
response = client.post(path=reverse('projects:transfer_ownership',
args=[project.pk]),
data={
'organization': new_organization.pk,
},
follow=True)
assert response.status_code == HTTP_200_OK
project.refresh_from_db()
assert project.organization.pk == organization.pk
new_organization.delete_invite(user)
# Now test that they do.
new_organization.add_manage(user)
# Valid case
assert project.organization.pk == organization.pk
response = client.post(path=reverse('projects:transfer_ownership',
args=[project.pk]),
data={
'organization': new_organization.pk,
},
follow=True)
assert response.redirect_chain[0][0] == reverse(
'projects:transfer_ownership', args=[project.pk])
assert response.redirect_chain[0][1] == HTTP_302_FOUND
project.refresh_from_db()
assert project.organization.pk == new_organization.pk
def test_organization_permissions_for_a_random_user(self):
permissions = PermissionsService.get_organization_permissions(
organization_id=OrganizationFactory().id,
user_id=UserFactory().id,
)
self._assert_has_no_permissions(permissions)
