Exemplo n.º 1
0
    def test_add_user_to_group_requires_staff_access(self):
        with pytest.raises(PermissionDenied):
            self.admin.is_staff = False
            add_users(self.admin, CourseCreatorRole(), self.user)

        with pytest.raises(PermissionDenied):
            add_users(self.user, CourseCreatorRole(), self.user)
Exemplo n.º 2
0
 def test_update_creator_group(self):
     with mock.patch.dict('django.conf.settings.FEATURES', {"ENABLE_CREATOR_GROUP": True}):
         self.assertFalse(auth.user_has_role(self.user, CourseCreatorRole()))
         update_course_creator_group(self.admin, self.user, True)
         self.assertTrue(auth.user_has_role(self.user, CourseCreatorRole()))
         update_course_creator_group(self.admin, self.user, False)
         self.assertFalse(auth.user_has_role(self.user, CourseCreatorRole()))
Exemplo n.º 3
0
    def test_creator_group_enabled_but_empty(self):
        """ Tests creator group feature on, but group empty. """
        with mock.patch.dict('django.conf.settings.FEATURES', {"ENABLE_CREATOR_GROUP": True}):
            self.assertFalse(user_has_role(self.user, CourseCreatorRole()))

            # Make user staff. This will cause CourseCreatorRole().has_user to return True.
            self.user.is_staff = True
            self.assertTrue(user_has_role(self.user, CourseCreatorRole()))
Exemplo n.º 4
0
def update_course_creator_group(caller, user, add):
    """
    Method for adding and removing users from the creator group.

    Caller must have staff permissions.
    """
    if add:
        auth.add_users(caller, CourseCreatorRole(), user)
    else:
        auth.remove_users(caller, CourseCreatorRole(), user)
Exemplo n.º 5
0
 def test_add_user_not_active(self):
     """
     Tests that adding to creator group fails if user is not active
     """
     with mock.patch.dict('django.conf.settings.FEATURES', {
             'DISABLE_COURSE_CREATION': False,
             "ENABLE_CREATOR_GROUP": True
     }):
         self.user.is_active = False
         add_users(self.admin, CourseCreatorRole(), self.user)
         assert not user_has_role(self.user, CourseCreatorRole())
Exemplo n.º 6
0
    def test_creator_group_enabled_nonempty(self):
        """ Tests creator group feature on, user added. """
        with mock.patch.dict('django.conf.settings.FEATURES', {"ENABLE_CREATOR_GROUP": True}):
            add_users(self.admin, CourseCreatorRole(), self.user)
            self.assertTrue(user_has_role(self.user, CourseCreatorRole()))

            # check that a user who has not been added to the group still returns false
            user_not_added = User.objects.create_user('testuser2', '*****@*****.**', 'foo2')
            self.assertFalse(user_has_role(user_not_added, CourseCreatorRole()))

            # remove first user from the group and verify that CourseCreatorRole().has_user now returns false
            remove_users(self.admin, CourseCreatorRole(), self.user)
            self.assertFalse(user_has_role(self.user, CourseCreatorRole()))
Exemplo n.º 7
0
    def test_add_granted(self):
        with mock.patch.dict('django.conf.settings.FEATURES', {"ENABLE_CREATOR_GROUP": True}):
            # Calling add_user_with_status_granted impacts is_user_in_course_group_role.
            self.assertFalse(auth.user_has_role(self.user, CourseCreatorRole()))

            add_user_with_status_granted(self.admin, self.user)
            self.assertEqual('granted', get_course_creator_status(self.user))

            # Calling add again will be a no-op (even if state is different).
            add_user_with_status_unrequested(self.user)
            self.assertEqual('granted', get_course_creator_status(self.user))

            self.assertTrue(auth.user_has_role(self.user, CourseCreatorRole()))
Exemplo n.º 8
0
 def test_remove_user_from_group_requires_authenticated(self):
     with self.assertRaises(PermissionDenied):
         with mock.patch(
             'django.contrib.auth.models.User.is_authenticated',
             new_callable=mock.PropertyMock
         ) as mock_is_auth:
             mock_is_auth.return_value = False
             remove_users(self.admin, CourseCreatorRole(), self.user)
Exemplo n.º 9
0
    def test_course_creation_disabled(self):
        """ Tests that the COURSE_CREATION_DISABLED flag overrides course creator group settings. """
        with mock.patch.dict('django.conf.settings.FEATURES',
                             {'DISABLE_COURSE_CREATION': True, "ENABLE_CREATOR_GROUP": True}):
            # Add user to creator group.
            add_users(self.admin, CourseCreatorRole(), self.user)

            # DISABLE_COURSE_CREATION overrides (user is not marked as staff).
            self.assertFalse(user_has_role(self.user, CourseCreatorRole()))

            # Mark as staff. Now CourseCreatorRole().has_user returns true.
            self.user.is_staff = True
            self.assertTrue(user_has_role(self.user, CourseCreatorRole()))

            # Remove user from creator group. CourseCreatorRole().has_user still returns true because is_staff=True
            remove_users(self.admin, CourseCreatorRole(), self.user)
            self.assertTrue(user_has_role(self.user, CourseCreatorRole()))
Exemplo n.º 10
0
def is_content_creator(user, org):
    """
    Check if the user has the role to create content.

    This function checks if the User has role to create content
    or if the org is supplied, it checks for Org level course content
    creator.
    """
    return (auth.user_has_role(user, CourseCreatorRole()) or
            auth.user_has_role(user, OrgContentCreatorRole(org=org)))
Exemplo n.º 11
0
 def test_add_user_not_authenticated(self):
     """
     Tests that adding to creator group fails if user is not authenticated
     """
     with mock.patch.dict('django.conf.settings.FEATURES', {
             'DISABLE_COURSE_CREATION': False,
             "ENABLE_CREATOR_GROUP": True
     }):
         anonymous_user = AnonymousUser()
         role = CourseCreatorRole()
         add_users(self.admin, role, anonymous_user)
         assert not user_has_role(anonymous_user, role)
Exemplo n.º 12
0
        def change_state_and_verify_email(state, is_creator):
            """ Changes user state, verifies creator status, and verifies e-mail is sent based on transition """
            self._change_state(state)
            self.assertEqual(is_creator, auth.user_has_role(self.user, CourseCreatorRole()))

            context = {'studio_request_email': self.studio_request_email}
            if state == CourseCreator.GRANTED:
                template = 'emails/course_creator_granted.txt'
            elif state == CourseCreator.DENIED:
                template = 'emails/course_creator_denied.txt'
            else:
                template = 'emails/course_creator_revoked.txt'
            email_user.assert_called_with(
                mock_render_to_string('emails/course_creator_subject.txt', context),
                mock_render_to_string(template, context),
                self.studio_request_email
            )
Exemplo n.º 13
0
    def test_change_status(self, email_user):
        """
        Tests that updates to state impact the creator group maintained in authz.py and that e-mails are sent.
        """
        def change_state_and_verify_email(state, is_creator):
            """ Changes user state, verifies creator status, and verifies e-mail is sent based on transition """
            self._change_state(state)
            self.assertEqual(
                is_creator, auth.user_has_role(self.user, CourseCreatorRole()))

            context = {'studio_request_email': self.studio_request_email}
            if state == CourseCreator.GRANTED:
                template = 'emails/course_creator_granted.txt'
            elif state == CourseCreator.DENIED:
                template = 'emails/course_creator_denied.txt'
            else:
                template = 'emails/course_creator_revoked.txt'
            email_user.assert_called_with(
                mock_render_to_string('emails/course_creator_subject.txt',
                                      context),
                mock_render_to_string(template, context),
                self.studio_request_email)

        with mock.patch.dict('django.conf.settings.FEATURES',
                             self.enable_creator_group_patch):

            # User is initially unrequested.
            self.assertFalse(auth.user_has_role(self.user,
                                                CourseCreatorRole()))

            change_state_and_verify_email(CourseCreator.GRANTED, True)

            change_state_and_verify_email(CourseCreator.DENIED, False)

            change_state_and_verify_email(CourseCreator.GRANTED, True)

            change_state_and_verify_email(CourseCreator.PENDING, False)

            change_state_and_verify_email(CourseCreator.GRANTED, True)

            change_state_and_verify_email(CourseCreator.UNREQUESTED, False)

            change_state_and_verify_email(CourseCreator.DENIED, False)
Exemplo n.º 14
0
 def test_add_user_to_group_requires_active(self):
     with self.assertRaises(PermissionDenied):
         self.admin.is_active = False
         add_users(self.admin, CourseCreatorRole(), self.user)
Exemplo n.º 15
0
 def test_creator_group_not_enabled(self):
     """
     Tests that CourseCreatorRole().has_user always returns True if ENABLE_CREATOR_GROUP
     and DISABLE_COURSE_CREATION are both not turned on.
     """
     assert user_has_role(self.user, CourseCreatorRole())
Exemplo n.º 16
0
 def test_remove_user_from_group_requires_active(self):
     with pytest.raises(PermissionDenied):
         self.admin.is_active = False
         remove_users(self.admin, CourseCreatorRole(), self.user)
Exemplo n.º 17
0
 def test_remove_user_from_group_requires_staff_access(self):
     with self.assertRaises(PermissionDenied):
         self.admin.is_staff = False
         remove_users(self.admin, CourseCreatorRole(), self.user)