def test_access_student_progress_ccx(self):
"""
Assert that only a coach can see progress of student.
"""
ccx_locator = self.make_ccx()
student = UserFactory()
# Enroll user
CourseEnrollment.enroll(student, ccx_locator)
# Test for access of a coach
request = self.request_factory.get(reverse('about_course', args=[unicode(ccx_locator)]))
request.user = self.coach
mako_middleware_process_request(request)
resp = views.progress(request, course_id=unicode(ccx_locator), student_id=student.id)
self.assertEqual(resp.status_code, 200)
# Assert access of a student
request = self.request_factory.get(reverse('about_course', args=[unicode(ccx_locator)]))
request.user = student
mako_middleware_process_request(request)
with self.assertRaises(Http404) as context:
views.progress(request, course_id=unicode(ccx_locator), student_id=self.coach.id)
self.assertIsNotNone(context.exception)
def test_view_certificate_link(self):
"""
If certificate web view is enabled then certificate web view button should appear for user who certificate is
available/generated
"""
certificate = GeneratedCertificateFactory.create(
user=self.user,
course_id=self.course.id,
status=CertificateStatuses.downloadable,
download_url="http://www.example.com/certificate.pdf",
mode='honor'
)
# Enable the feature, but do not enable it for this course
CertificateGenerationConfiguration(enabled=True).save()
# Enable certificate generation for this course
certs_api.set_cert_generation_enabled(self.course.id, True)
#course certificate configurations
certificates = [
{
'id': 1,
'name': 'Name 1',
'description': 'Description 1',
'course_title': 'course_title_1',
'org_logo_path': '/t4x/orgX/testX/asset/org-logo-1.png',
'signatories': [],
'version': 1,
'is_active': True
}
]
self.course.certificates = {'certificates': certificates}
self.course.cert_html_view_enabled = True
self.course.save()
self.store.update_item(self.course, self.user.id)
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertContains(resp, u"View Certificate")
self.assertContains(resp, u"You can now access your certificate")
cert_url = certs_api.get_certificate_url(
user_id=self.user.id,
course_id=self.course.id,
verify_uuid=certificate.verify_uuid
)
self.assertContains(resp, cert_url)
# when course certificate is not active
certificates[0]['is_active'] = False
self.store.update_item(self.course, self.user.id)
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertNotContains(resp, u"View Your Certificate")
self.assertNotContains(resp, u"You can now view your certificate")
self.assertContains(resp, u"We're creating your certificate.")
def test_view_certificate_link(self):
"""
If certificate web view is enabled then certificate web view button should appear for user who certificate is
available/generated
"""
certificate = GeneratedCertificateFactory.create(
user=self.user,
course_id=self.course.id,
status=CertificateStatuses.downloadable,
download_url="http://www.example.com/certificate.pdf",
mode='honor'
)
# Enable the feature, but do not enable it for this course
CertificateGenerationConfiguration(enabled=True).save()
# Enable certificate generation for this course
certs_api.set_cert_generation_enabled(self.course.id, True)
#course certificate configurations
certificates = [
{
'id': 1,
'name': 'Name 1',
'description': 'Description 1',
'course_title': 'course_title_1',
'signatories': [],
'version': 1,
'is_active': True
}
]
self.course.certificates = {'certificates': certificates}
self.course.cert_html_view_enabled = True
self.course.save()
self.store.update_item(self.course, self.user.id)
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertContains(resp, u"View Certificate")
self.assertContains(resp, u"You can keep working for a higher grade")
cert_url = certs_api.get_certificate_url(
user_id=self.user.id,
course_id=self.course.id
)
self.assertContains(resp, cert_url)
# when course certificate is not active
certificates[0]['is_active'] = False
self.store.update_item(self.course, self.user.id)
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertNotContains(resp, u"View Your Certificate")
self.assertNotContains(resp, u"You can now view your certificate")
self.assertContains(resp, u"We're creating your certificate.")
def test_generate_cert_config(self):
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertNotContains(resp, 'Request Certificate')
# Enable the feature, but do not enable it for this course
CertificateGenerationConfiguration(enabled=True).save()
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertNotContains(resp, 'Request Certificate')
# Enable certificate generation for this course
certs_api.set_cert_generation_enabled(self.course.id, True)
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertNotContains(resp, 'Request Certificate')
def test_generate_cert_config(self):
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertNotContains(resp, 'Request Certificate')
# Enable the feature, but do not enable it for this course
CertificateGenerationConfiguration(enabled=True).save()
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertNotContains(resp, 'Request Certificate')
# Enable certificate generation for this course
certs_api.set_cert_generation_enabled(self.course.id, True)
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertNotContains(resp, 'Request Certificate')
def test_student_progress_with_valid_and_invalid_id(self, default_store):
"""
Check that invalid 'student_id' raises Http404 for both old mongo and
split mongo courses.
"""
# Create new course with respect to 'default_store'
self.course = CourseFactory.create(default_store=default_store)
# Invalid Student Ids (Integer and Non-int)
invalid_student_ids = [
991021,
'azU3N_8$',
]
for invalid_id in invalid_student_ids:
self.assertRaises(
Http404, views.progress,
self.request,
course_id=unicode(self.course.id),
student_id=invalid_id
)
# Enroll student into course
CourseEnrollment.enroll(self.user, self.course.id, mode='honor')
resp = views.progress(self.request, course_id=self.course.id.to_deprecated_string(), student_id=self.user.id)
# Assert that valid 'student_id' returns 200 status
self.assertEqual(resp.status_code, 200)
def grade_course(self, course):
"""
Renders the progress page for the given course.
"""
return progress(self.request,
course_id=course.id.to_deprecated_string(),
student_id=self.student.id)
def get_text(self, course):
""" Returns the HTML for the progress page """
mako_middleware_process_request(self.request)
return views.progress(self.request,
course_id=course.id.to_deprecated_string(),
student_id=self.user.id).content
def test_pure_ungraded_xblock(self):
ItemFactory.create(category='acid',
parent_location=self.vertical.location)
resp = views.progress(self.request,
course_id=self.course.id.to_deprecated_string())
self.assertEqual(resp.status_code, 200)
def test_student_progress_with_valid_and_invalid_id(self, default_store):
"""
Check that invalid 'student_id' raises Http404 for both old mongo and
split mongo courses.
"""
# Create new course with respect to 'default_store'
self.course = CourseFactory.create(default_store=default_store)
# Invalid Student Ids (Integer and Non-int)
invalid_student_ids = [
991021,
'azU3N_8$',
]
for invalid_id in invalid_student_ids:
self.assertRaises(
Http404, views.progress,
self.request,
course_id=unicode(self.course.id),
student_id=invalid_id
)
# Enroll student into course
CourseEnrollment.enroll(self.user, self.course.id, mode='honor')
resp = views.progress(self.request, course_id=self.course.id.to_deprecated_string(), student_id=self.user.id)
# Assert that valid 'student_id' returns 200 status
self.assertEqual(resp.status_code, 200)
def test_progress_page_xss_prevent(self, malicious_code):
"""
Test that XSS attack is prevented
"""
resp = views.progress(self.request, course_id=unicode(self.course.id), student_id=self.user.id)
self.assertEqual(resp.status_code, 200)
# Test that malicious code does not appear in html
self.assertNotIn(malicious_code, resp.content)
def grade_course(self, course):
"""
Renders the progress page for the given course.
"""
return progress(
self.request,
course_id=course.id.to_deprecated_string(),
student_id=self.student.id
)
def grade_course(self, course, view_as_ccx):
"""
Renders the progress page for the given course.
"""
course_key = course.id
if view_as_ccx:
course_key = CCXLocator.from_course_locator(
course_key, self.ccx.id)
return progress(self.request,
course_id=unicode(course_key),
student_id=self.student.id)
def grade_course(self, course, view_as_ccx):
"""
Renders the progress page for the given course.
"""
course_key = course.id
if view_as_ccx:
course_key = CCXLocator.from_course_locator(course_key, self.ccx.id)
return progress(
self.request,
course_id=unicode(course_key),
student_id=self.student.id
)
def test_view_certificate_link_hidden(self):
"""
If certificate web view is disabled then certificate web view button should not appear for user who certificate
is available/generated
"""
GeneratedCertificateFactory.create(
user=self.user,
course_id=self.course.id,
status=CertificateStatuses.downloadable,
download_url="http://www.example.com/certificate.pdf",
mode='honor'
)
# Enable the feature, but do not enable it for this course
CertificateGenerationConfiguration(enabled=True).save()
# Enable certificate generation for this course
certs_api.set_cert_generation_enabled(self.course.id, True)
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertContains(resp, u"Download Your Certificate")
def test_view_certificate_link_hidden(self):
"""
If certificate web view is disabled then certificate web view button should not appear for user who certificate
is available/generated
"""
GeneratedCertificateFactory.create(
user=self.user,
course_id=self.course.id,
status=CertificateStatuses.downloadable,
download_url="http://www.example.com/certificate.pdf",
mode='honor'
)
# Enable the feature, but do not enable it for this course
CertificateGenerationConfiguration(enabled=True).save()
# Enable certificate generation for this course
certs_api.set_cert_generation_enabled(self.course.id, True)
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertContains(resp, u"Download Your Certificate")
class ProgressPageTests(ModuleStoreTestCase):
"""
Tests that verify that the progress page works correctly.
"""
def setUp(self):
super(ProgressPageTests, self).setUp()
self.request_factory = RequestFactory()
self.user = UserFactory.create()
self.request = self.request_factory.get("foo")
self.request.user = self.user
mako_middleware_process_request(self.request)
self.setup_course()
def setup_course(self, **options):
"""Create the test course."""
course = CourseFactory.create(
start=datetime(2013, 9, 16, 7, 17, 28),
grade_cutoffs={u'çü†øƒƒ': 0.75, 'Pass': 0.5},
**options
)
# pylint: disable=attribute-defined-outside-init
self.course = modulestore().get_course(course.id)
CourseEnrollmentFactory(user=self.user, course_id=self.course.id)
self.chapter = ItemFactory.create(category='chapter', parent_location=self.course.location)
self.section = ItemFactory.create(category='sequential', parent_location=self.chapter.location)
self.vertical = ItemFactory.create(category='vertical', parent_location=self.section.location)
@ddt.data('"><script>alert(1)</script>', '<script>alert(1)</script>', '</script><script>alert(1)</script>')
def test_progress_page_xss_prevent(self, malicious_code):
"""
Test that XSS attack is prevented
"""
resp = views.progress(self.request, course_id=unicode(self.course.id), student_id=self.user.id)
self.assertEqual(resp.status_code, 200)
# Test that malicious code does not appear in html
self.assertNotIn(malicious_code, resp.content)
def test_pure_ungraded_xblock(self):
ItemFactory.create(category='acid', parent_location=self.vertical.location)
resp = views.progress(self.request, course_id=self.course.id.to_deprecated_string())
self.assertEqual(resp.status_code, 200)
@ddt.data(ModuleStoreEnum.Type.mongo, ModuleStoreEnum.Type.split)
def test_student_progress_with_valid_and_invalid_id(self, default_store):
"""
Check that invalid 'student_id' raises Http404 for both old mongo and
split mongo courses.
"""
# Create new course with respect to 'default_store'
self.course = CourseFactory.create(default_store=default_store)
# Invalid Student Ids (Integer and Non-int)
invalid_student_ids = [
991021,
'azU3N_8$',
]
for invalid_id in invalid_student_ids:
self.assertRaises(
Http404, views.progress,
self.request,
course_id=unicode(self.course.id),
student_id=invalid_id
)
# Enroll student into course
CourseEnrollment.enroll(self.user, self.course.id, mode='honor')
resp = views.progress(self.request, course_id=self.course.id.to_deprecated_string(), student_id=self.user.id)
# Assert that valid 'student_id' returns 200 status
self.assertEqual(resp.status_code, 200)
def test_non_asci_grade_cutoffs(self):
resp = views.progress(self.request, course_id=self.course.id.to_deprecated_string())
self.assertEqual(resp.status_code, 200)
def test_generate_cert_config(self):
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertNotContains(resp, 'Request Certificate')
# Enable the feature, but do not enable it for this course
CertificateGenerationConfiguration(enabled=True).save()
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertNotContains(resp, 'Request Certificate')
# Enable certificate generation for this course
certs_api.set_cert_generation_enabled(self.course.id, True)
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertNotContains(resp, 'Request Certificate')
@patch.dict('django.conf.settings.FEATURES', {'CERTIFICATES_HTML_VIEW': True})
@patch('courseware.grades.grade', Mock(return_value={'grade': 'Pass', 'percent': 0.75, 'section_breakdown': [],
'grade_breakdown': []}))
def test_view_certificate_link(self):
"""
If certificate web view is enabled then certificate web view button should appear for user who certificate is
available/generated
"""
certificate = GeneratedCertificateFactory.create(
user=self.user,
course_id=self.course.id,
status=CertificateStatuses.downloadable,
download_url="http://www.example.com/certificate.pdf",
mode='honor'
)
# Enable the feature, but do not enable it for this course
CertificateGenerationConfiguration(enabled=True).save()
# Enable certificate generation for this course
certs_api.set_cert_generation_enabled(self.course.id, True)
#course certificate configurations
certificates = [
{
'id': 1,
'name': 'Name 1',
'description': 'Description 1',
'course_title': 'course_title_1',
'signatories': [],
'version': 1,
'is_active': True
}
]
self.course.certificates = {'certificates': certificates}
self.course.cert_html_view_enabled = True
self.course.save()
self.store.update_item(self.course, self.user.id)
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertContains(resp, u"View Certificate")
self.assertContains(resp, u"You can keep working for a higher grade")
cert_url = certs_api.get_certificate_url(
user_id=self.user.id,
course_id=self.course.id
)
self.assertContains(resp, cert_url)
# when course certificate is not active
certificates[0]['is_active'] = False
self.store.update_item(self.course, self.user.id)
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertNotContains(resp, u"View Your Certificate")
self.assertNotContains(resp, u"You can now view your certificate")
self.assertContains(resp, u"We're creating your certificate.")
@patch.dict('django.conf.settings.FEATURES', {'CERTIFICATES_HTML_VIEW': False})
@patch('courseware.grades.grade', Mock(return_value={'grade': 'Pass', 'percent': 0.75, 'section_breakdown': [],
'grade_breakdown': []}))
def test_view_certificate_link_hidden(self):
"""
If certificate web view is disabled then certificate web view button should not appear for user who certificate
is available/generated
"""
GeneratedCertificateFactory.create(
user=self.user,
course_id=self.course.id,
status=CertificateStatuses.downloadable,
download_url="http://www.example.com/certificate.pdf",
mode='honor'
)
# Enable the feature, but do not enable it for this course
CertificateGenerationConfiguration(enabled=True).save()
# Enable certificate generation for this course
certs_api.set_cert_generation_enabled(self.course.id, True)
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertContains(resp, u"Download Your Certificate")
@ddt.data(
*itertools.product(((18, 4, True), (18, 4, False)), (True, False))
)
@ddt.unpack
def test_query_counts(self, (sql_calls, mongo_calls, self_paced), self_paced_enabled):
"""Test that query counts remain the same for self-paced and instructor-led courses."""
SelfPacedConfiguration(enabled=self_paced_enabled).save()
self.setup_course(self_paced=self_paced)
with self.assertNumQueries(sql_calls), check_mongo_calls(mongo_calls):
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertEqual(resp.status_code, 200)
def test_pure_ungraded_xblock(self):
ItemFactory.create(category='acid', parent_location=self.vertical.location)
resp = views.progress(self.request, course_id=self.course.id.to_deprecated_string())
self.assertEqual(resp.status_code, 200)
def get_text(self, course):
""" Returns the HTML for the progress page """
mako_middleware_process_request(self.request)
return views.progress(self.request, course_id=course.id.to_deprecated_string(), student_id=self.user.id).content
def get_text(self, course):
""" Returns the HTML for the progress page """
return views.progress(self.request, course.id.to_deprecated_string(), self.user.id).content
def get_progress():
""" Returns the HTML for the progress page """
return views.progress(request, "edX/due_date/2013_fall",
self.user.id).content
def get_text(self, course):
""" Returns the HTML for the progress page """
return views.progress(self.request, course.id, self.user.id).content
def get_progress():
""" Returns the HTML for the progress page """
return views.progress(request, "edX/due_date/2013_fall", self.user.id).content
def test_non_asci_grade_cutoffs(self):
resp = views.progress(self.request,
course_id=self.course.id.to_deprecated_string())
self.assertEqual(resp.status_code, 200)
def test_pure_ungraded_xblock(self):
ItemFactory(category="acid", parent_location=self.vertical.location)
resp = views.progress(self.request, self.course.id)
self.assertEqual(resp.status_code, 200)
def test_non_asci_grade_cutoffs(self):
resp = views.progress(self.request, self.course.id)
self.assertEqual(resp.status_code, 200)
def get_text(self, course):
""" Returns the HTML for the progress page """
return views.progress(self.request, course.id.to_deprecated_string(),
self.user.id).content
def get_text(self, course):
""" Returns the HTML for the progress page """
return views.progress(self.request, course.id, self.user.id).content
def test_pure_ungraded_xblock(self):
ItemFactory(category='acid', parent_location=self.vertical.location)
resp = views.progress(self.request, self.course.id)
self.assertEqual(resp.status_code, 200)
def test_non_asci_grade_cutoffs(self):
resp = views.progress(self.request, course_id=self.course.id.to_deprecated_string())
self.assertEqual(resp.status_code, 200)
def test_resp_with_generate_cert_config_enabled(self):
CertificateGenerationConfiguration(enabled=True).save()
resp = views.progress(self.request, course_id=unicode(self.course.id))
self.assertEqual(resp.status_code, 200)
def test_nonregistered_progress_404(self):
with self.assertRaises(Http404):
req = self.request_factory.get(reverse('progress', args=[self.course_id]))
req.user = self.user
views.progress(req, self.course_id)
def test_non_asci_grade_cutoffs(self):
resp = views.progress(self.request, self.course.id)
self.assertEqual(resp.status_code, 200)