def _has_access_to_course(user, access_level, course_key):
'''
Returns True if the given user has access_level (= staff or
instructor) access to the course with the given course_key.
This ensures the user is authenticated and checks if global staff or has
staff / instructor access.
access_level = string, either "staff" or "instructor"
'''
if user is None or (not user.is_authenticated()):
debug("Deny: no user or anon user")
return False
if is_masquerading_as_student(user):
return False
if GlobalStaff().has_user(user):
debug("Allow: user.is_staff")
return True
if access_level not in ('staff', 'instructor'):
log.debug("Error in access._has_access_to_course access_level=%s unknown", access_level)
debug("Deny: unknown access level")
return False
staff_access = (
CourseStaffRole(course_key).has_user(user) or
OrgStaffRole(course_key.org).has_user(user)
)
if staff_access and access_level == 'staff':
debug("Allow: user has course staff access")
return True
instructor_access = (
CourseInstructorRole(course_key).has_user(user) or
OrgInstructorRole(course_key.org).has_user(user)
)
if instructor_access and access_level in ('staff', 'instructor'):
debug("Allow: user has course instructor access")
return True
debug("Deny: user did not have correct access")
return False
def test_data(self, expected_pacing_type, self_paced):
start = datetime.datetime.now(pytz.UTC)
end = start + datetime.timedelta(days=30)
enrollment_start = start - datetime.timedelta(days=7)
enrollment_end = end - datetime.timedelta(days=14)
course = CourseFactory(
start=start,
end=end,
enrollment_start=enrollment_start,
enrollment_end=enrollment_end,
self_paced=self_paced
)
instructor = UserFactory()
CourseInstructorRole(course.id).add_users(instructor)
staff = UserFactory()
CourseStaffRole(course.id).add_users(staff)
request = RequestFactory().get('')
serializer = CourseRunSerializer(course, context={'request': request})
expected = {
'id': str(course.id),
'title': course.display_name,
'schedule': {
'start': serialize_datetime(start),
'end': serialize_datetime(end),
'enrollment_start': serialize_datetime(enrollment_start),
'enrollment_end': serialize_datetime(enrollment_end),
},
'team': [
{
'user': instructor.username,
'role': 'instructor',
},
{
'user': staff.username,
'role': 'staff',
},
],
'images': {
'card_image': request.build_absolute_uri(course_image_url(course)),
},
'pacing_type': expected_pacing_type,
}
assert serializer.data == expected
def _get_recipient_querysets(user_id, to_option, course_id):
"""
Returns a list of query sets of email recipients corresponding to the
requested `to_option` category.
`to_option` is either SEND_TO_MYSELF, SEND_TO_STAFF, or SEND_TO_ALL.
Recipients who are in more than one category (e.g. enrolled in the course
and are staff or self) will be properly deduped.
"""
if to_option not in TO_OPTIONS:
log.error("Unexpected bulk email TO_OPTION found: %s", to_option)
raise Exception(
"Unexpected bulk email TO_OPTION found: {0}".format(to_option))
if to_option == SEND_TO_MYSELF:
user = User.objects.filter(id=user_id)
return [use_read_replica_if_available(user)]
else:
staff_qset = CourseStaffRole(course_id).users_with_role()
instructor_qset = CourseInstructorRole(course_id).users_with_role()
staff_instructor_qset = (staff_qset | instructor_qset).distinct()
if to_option == SEND_TO_STAFF:
return [use_read_replica_if_available(staff_instructor_qset)]
if to_option == SEND_TO_ALL:
# We also require students to have activated their accounts to
# provide verification that the provided email address is valid.
enrollment_qset = User.objects.filter(
is_active=True,
courseenrollment__course_id=course_id,
courseenrollment__is_active=True)
# to avoid duplicates, we only want to email unenrolled course staff
# members here
unenrolled_staff_qset = staff_instructor_qset.exclude(
courseenrollment__course_id=course_id,
courseenrollment__is_active=True)
# use read_replica if available
recipient_qsets = [
use_read_replica_if_available(unenrolled_staff_qset),
use_read_replica_if_available(enrollment_qset),
]
return recipient_qsets
def manage_library_users(request, library_key_string):
"""
Studio UI for editing the users within a library.
Uses the /course_team/:library_key/:user_email/ REST API to make changes.
"""
library_key = CourseKey.from_string(library_key_string)
if not isinstance(library_key, LibraryLocator):
raise Http404 # This is not a library
user_perms = get_user_permissions(request.user, library_key)
if not user_perms & STUDIO_VIEW_USERS:
raise PermissionDenied()
library = modulestore().get_library(library_key)
if library is None:
raise Http404
# Segment all the users explicitly associated with this library, ensuring each user only has one role listed:
instructors = set(CourseInstructorRole(library_key).users_with_role())
staff = set(CourseStaffRole(library_key).users_with_role()) - instructors
users = set(
LibraryUserRole(library_key).users_with_role()) - instructors - staff
formatted_users = []
for user in instructors:
formatted_users.append(user_with_role(user, 'instructor'))
for user in staff:
formatted_users.append(user_with_role(user, 'staff'))
for user in users:
formatted_users.append(user_with_role(user, 'library_user'))
return render_to_response(
'manage_users_lib.html', {
'context_library':
library,
'users':
formatted_users,
'allow_actions':
bool(user_perms & STUDIO_EDIT_ROLES),
'library_key':
unicode(library_key),
'lib_users_url':
reverse_library_url('manage_library_users', library_key_string),
'show_children_previews':
library.show_children_previews
})
def setUp(self):
clear_existing_modulestores()
self.toy = modulestore().get_course("edX/toy/2012_Fall")
# Create two accounts
self.student = '*****@*****.**'
self.instructor = '*****@*****.**'
self.password = '******'
self.create_account('u1', self.student, self.password)
self.create_account('u2', self.instructor, self.password)
self.activate_user(self.student)
self.activate_user(self.instructor)
CourseStaffRole(self.toy.location).add_users(User.objects.get(email=self.instructor))
self.logout()
self.login(self.instructor, self.password)
self.enroll(self.toy)
def setUp(self):
"""
Set up tests
"""
super(TestCoachDashboard, self).setUp()
# Login with the instructor account
self.client.login(username=self.coach.username, password="******")
# adding staff to master course.
staff = UserFactory()
allow_access(self.course, staff, 'staff')
self.assertTrue(CourseStaffRole(self.course.id).has_user(staff))
# adding instructor to master course.
instructor = UserFactory()
allow_access(self.course, instructor, 'instructor')
self.assertTrue(
CourseInstructorRole(self.course.id).has_user(instructor))
def test_authorization_no_oauth_staff(self):
"""
Check authorization for staff users logged in without oauth
"""
# create a staff user
staff_user = User.objects.create_user('test_staff_user',
'*****@*****.**',
'test')
# add staff role to the staff user
CourseStaffRole(self.master_course_key).add_users(staff_user)
data = {'display_name': 'CCX Title'}
# the staff user can perform the request
self.client.login(username=staff_user.username, password='******')
resp = self.client.get(self.detail_url)
self.assertEqual(resp.status_code, status.HTTP_200_OK)
resp = self.client.patch(self.detail_url, data, format='json')
self.assertEqual(resp.status_code, status.HTTP_204_NO_CONTENT)
def test_render_html_view_with_preview_mode_when_user_already_has_cert(
self):
"""
test certificate web view should render properly in
preview mode even if user who is previewing already has a certificate
generated with different mode.
"""
self._add_course_certificates(count=1, signatory_count=2)
CourseStaffRole(self.course.id).add_users(self.user)
test_url = get_certificate_url(user_id=self.user.id,
course_id=unicode(self.course.id))
# user has already has certificate generated for 'honor' mode
# so let's try to preview in 'verified' mode.
response = self.client.get(test_url + '?preview=verified')
self.assertNotIn(self.course.display_name, response.content)
self.assertIn('course_title_0', response.content)
self.assertIn('Signatory_Title 0', response.content)
def create_staff_context(self):
"""
Create staff user and course blocks accessible by that user
"""
# Create a staff user to be able to test visible_to_staff_only
staff_user = UserFactory.create()
CourseStaffRole(self.course.location.course_key).add_users(staff_user)
block_structure = get_course_blocks(
staff_user,
self.course.location,
self.transformers,
)
return {
'request': MagicMock(),
'block_structure': block_structure,
'requested_fields': ['type'],
}
def assign_staff_role_to_ccx(ccx_locator, user, master_course_id):
"""
Check if user has ccx_coach role on master course then assign him staff role on ccx only
if role is not already assigned. Because of this coach can open dashboard from master course
as well as ccx.
:param ccx_locator: CCX key
:param user: User to whom we want to assign role.
:param master_course_id: Master course key
"""
coach_role_on_master_course = CourseCcxCoachRole(master_course_id)
# check if user has coach role on master course
if coach_role_on_master_course.has_user(user):
# Check if user has staff role on ccx.
role = CourseStaffRole(ccx_locator)
if not role.has_user(user):
# assign user the staff role on ccx
with ccx_course(ccx_locator) as course:
allow_access(course, user, "staff", send_email=False)
def get(self, request):
"""Displays course Enrollment and staffing course statistics"""
if not request.user.is_staff:
raise Http404
data = []
courses = self.get_courses()
for (cdir, course) in courses.items(): # pylint: disable=unused-variable
datum = [course.display_name, course.id]
datum += [
CourseEnrollment.objects.filter(course_id=course.id).count()
]
datum += [
CourseStaffRole(course.location).users_with_role().count()
]
datum += [
','.join([
x.username for x in CourseInstructorRole(
course.location).users_with_role()
])
]
data.append(datum)
datatable = dict(header=[
_('Course Name'),
_('course_id'),
_('# enrolled'),
_('# staff'),
_('instructors')
],
title=_('Enrollment information for all courses'),
data=data)
context = {
'datatable': datatable,
'msg': self.msg,
'djangopid': os.getpid(),
'modeflag': {
'staffing': 'active-section'
},
'mitx_version': getattr(settings, 'VERSION_STRING', ''),
}
return render_to_response(self.template_name, context)
def test_create_enrollments_and_assign_staff(self):
"""
Successfully creates both waiting and linked program course enrollments with the course staff role.
"""
course_staff_role = CourseStaffRole(self.course_id)
course_staff_role.add_users(self.student_1)
self.create_program_enrollment('learner-1', user=None)
self.create_program_enrollment('learner-2', user=self.student_1)
self.create_program_enrollment('learner-3', user=self.student_2)
course_enrollment_requests = [
self.course_enrollment_request('learner-1', CourseStatuses.ACTIVE,
True),
self.course_enrollment_request('learner-2', CourseStatuses.ACTIVE,
True),
self.course_enrollment_request('learner-3', CourseStatuses.ACTIVE,
True),
]
write_program_course_enrollments(
self.program_uuid,
self.course_id,
course_enrollment_requests,
True,
True,
)
self.assert_program_course_enrollment('learner-1',
CourseStatuses.ACTIVE, False)
self.assert_program_course_enrollment('learner-2',
CourseStatuses.ACTIVE, True)
self.assert_program_course_enrollment('learner-3',
CourseStatuses.ACTIVE, True)
# Users linked to either enrollment are given the course staff role
self.assertListEqual([self.student_1, self.student_2],
list(course_staff_role.users_with_role()))
# CourseAccessRoleAssignment objects are created for enrollments with no linked user
pending_role_assingments = CourseAccessRoleAssignment.objects.all()
assert pending_role_assingments.count() == 1
pending_role_assingments.get(
enrollment__program_enrollment__external_user_key='learner-1',
enrollment__course_key=self.course_id)
def delete_course_and_groups(course_id, user_id):
"""
This deletes the courseware associated with a course_id as well as cleaning update_item
the various user table stuff (groups, permissions, etc.)
"""
module_store = modulestore()
with module_store.bulk_write_operations(course_id):
module_store.delete_course(course_id, user_id)
print 'removing User permissions from course....'
# in the django layer, we need to remove all the user permissions groups associated with this course
try:
staff_role = CourseStaffRole(course_id)
staff_role.remove_users(*staff_role.users_with_role())
instructor_role = CourseInstructorRole(course_id)
instructor_role.remove_users(*instructor_role.users_with_role())
except Exception as err:
log.error("Error in deleting course groups for {0}: {1}".format(course_id, err))
def test_remove_master_course_staff_from_ccx_no_email(self):
"""
Test remove role of staff of master course on ccx course without
sending enrollment email.
"""
staff = self.make_staff()
self.assertTrue(CourseStaffRole(self.course.id).has_user(staff))
# adding instructor to master course.
instructor = self.make_instructor()
self.assertTrue(
CourseInstructorRole(self.course.id).has_user(instructor))
outbox = self.get_outbox()
self.assertEqual(len(outbox), 0)
remove_master_course_staff_from_ccx(self.course,
self.ccx_locator,
self.ccx.display_name,
send_email=False)
self.assertEqual(len(outbox), 0)
def setUp(self):
super(TestStaffOnCCX, self).setUp()
# Create instructor account
self.client.login(username=self.coach.username, password="******")
# create an instance of modulestore
self.mstore = modulestore()
# adding staff to master course.
staff = UserFactory()
allow_access(self.course, staff, 'staff')
self.assertTrue(CourseStaffRole(self.course.id).has_user(staff))
# adding instructor to master course.
instructor = UserFactory()
allow_access(self.course, instructor, 'instructor')
self.assertTrue(
CourseInstructorRole(self.course.id).has_user(instructor))
def test_add_master_course_staff_to_ccx_idempotent(self):
"""
Test add staff of master course to ccx course multiple time will
not result in multiple enrollments.
"""
staff = self.make_staff()
self.assertTrue(CourseStaffRole(self.course.id).has_user(staff))
# adding instructor to master course.
instructor = self.make_instructor()
self.assertTrue(CourseInstructorRole(self.course.id).has_user(instructor))
outbox = self.get_outbox()
list_staff_master_course = list_with_level(self.course, 'staff')
list_instructor_master_course = list_with_level(self.course, 'instructor')
self.assertEqual(len(outbox), 0)
# run the assignment the first time
add_master_course_staff_to_ccx(self.course, self.ccx_locator, self.ccx.display_name)
self.assertEqual(len(outbox), len(list_staff_master_course) + len(list_instructor_master_course))
with ccx_course(self.ccx_locator) as course_ccx:
list_staff_ccx_course = list_with_level(course_ccx, 'staff')
list_instructor_ccx_course = list_with_level(course_ccx, 'instructor')
self.assertEqual(len(list_staff_master_course), len(list_staff_ccx_course))
for user in list_staff_master_course:
self.assertIn(user, list_staff_ccx_course)
self.assertEqual(len(list_instructor_master_course), len(list_instructor_ccx_course))
for user in list_instructor_master_course:
self.assertIn(user, list_instructor_ccx_course)
# run the assignment again
add_master_course_staff_to_ccx(self.course, self.ccx_locator, self.ccx.display_name)
# there are no new duplicated email
self.assertEqual(len(outbox), len(list_staff_master_course) + len(list_instructor_master_course))
# there are no duplicated staffs
with ccx_course(self.ccx_locator) as course_ccx:
list_staff_ccx_course = list_with_level(course_ccx, 'staff')
list_instructor_ccx_course = list_with_level(course_ccx, 'instructor')
self.assertEqual(len(list_staff_master_course), len(list_staff_ccx_course))
for user in list_staff_master_course:
self.assertIn(user, list_staff_ccx_course)
self.assertEqual(len(list_instructor_master_course), len(list_instructor_ccx_course))
for user in list_instructor_master_course:
self.assertIn(user, list_instructor_ccx_course)
def _get_recipient_queryset(user_id, to_option, course_id):
"""
Returns a query set of email recipients corresponding to the requested to_option category.
`to_option` is either SEND_TO_MYSELF, SEND_TO_STAFF, or SEND_TO_ALL.
Recipients who are in more than one category (e.g. enrolled in the course and are staff or self)
will be properly deduped.
"""
if to_option not in TO_OPTIONS:
log.error("Unexpected bulk email TO_OPTION found: %s", to_option)
raise Exception(
"Unexpected bulk email TO_OPTION found: {0}".format(to_option))
if to_option == SEND_TO_MYSELF:
recipient_qset = User.objects.filter(id=user_id)
else:
staff_qset = CourseStaffRole(course_id).users_with_role()
instructor_qset = CourseInstructorRole(course_id).users_with_role()
recipient_qset = (staff_qset | instructor_qset).distinct()
if to_option == SEND_TO_ALL:
# We also require students to have activated their accounts to
# provide verification that the provided email address is valid.
enrollment_qset = User.objects.filter(
is_active=True,
courseenrollment__course_id=course_id,
courseenrollment__is_active=True)
# Now we do some queryset sidestepping to avoid doing a DISTINCT
# query across the course staff and the enrolled students, which
# forces the creation of a temporary table in the db.
unenrolled_staff_qset = recipient_qset.exclude(
courseenrollment__course_id=course_id,
courseenrollment__is_active=True)
# use read_replica if available:
unenrolled_staff_qset = use_read_replica_if_available(
unenrolled_staff_qset)
unenrolled_staff_ids = [user.id for user in unenrolled_staff_qset]
recipient_qset = enrollment_qset | User.objects.filter(
id__in=unenrolled_staff_ids)
# again, use read_replica if available to lighten the load for large queries
return use_read_replica_if_available(recipient_qset)
def setUpClass(cls):
super(TeamAccessTests, cls).setUpClass()
cls.user_audit = UserFactory.create(username='******')
cls.user_staff = UserFactory.create(username='******')
cls.user_masters = UserFactory.create(username='******')
cls.user_unenrolled = UserFactory.create(username='******')
cls.users = {
'user_audit': cls.user_audit,
'user_staff': cls.user_staff,
'user_masters': cls.user_masters,
'user_unenrolled': cls.user_unenrolled,
}
for user in (cls.user_audit, cls.user_staff):
CourseEnrollmentFactory.create(user=user, course_id=COURSE_KEY1)
CourseEnrollmentFactory.create(user=cls.user_masters,
course_id=COURSE_KEY1,
mode=CourseMode.MASTERS)
CourseStaffRole(COURSE_KEY1).add_users(cls.user_staff)
cls.topic_id = 'RANDOM TOPIC'
cls.team_unprotected_1 = CourseTeamFactory(
course_id=COURSE_KEY1,
topic_id=cls.topic_id,
team_id='team_unprotected_1')
cls.team_unprotected_2 = CourseTeamFactory(
course_id=COURSE_KEY1,
topic_id=cls.topic_id,
team_id='team_unprotected_2')
cls.team_unprotected_3 = CourseTeamFactory(
course_id=COURSE_KEY1,
topic_id=cls.topic_id,
team_id='team_unprotected_3')
cls.team_protected_1 = CourseTeamFactory(course_id=COURSE_KEY1,
team_id='team_protected_1',
topic_id=cls.topic_id,
organization_protected=True)
cls.team_protected_2 = CourseTeamFactory(course_id=COURSE_KEY1,
team_id='team_protected_2',
topic_id=cls.topic_id,
organization_protected=True)
def setUp(self):
super(TestEolCourseEmailView, self).setUp()
# create a course
self.course = CourseFactory.create(org='mss',
course='999',
display_name='eol course email')
# Create users, enroll
self.users = [UserFactory.create() for _ in range(USER_COUNT)]
for user in self.users:
CourseEnrollmentFactory.create(user=user, course_id=self.course.id)
# Patch the comment client user save method so it does not try
# to create a new cc user when creating a django user
with patch('student.models.cc.User.save'):
# Create the student
self.student = UserFactory(username='******',
password='******',
email='*****@*****.**')
# Enroll the student in the course
CourseEnrollmentFactory(user=self.student,
course_id=self.course.id)
# Create and Enroll staff user
self.staff_user = UserFactory(username='******',
password='******',
email='*****@*****.**',
is_staff=True)
CourseEnrollmentFactory(user=self.staff_user,
course_id=self.course.id)
CourseStaffRole(self.course.id).add_users(self.staff_user)
# Log the student in
self.client = Client()
self.assertTrue(
self.client.login(username='******', password='******'))
# Log the user staff in
self.staff_client = Client()
self.assertTrue(
self.staff_client.login(username='******',
password='******'))
def setUp(self):
"""
Add courses with the end date set to various values
"""
super(TestCourseIndexArchived, self).setUp()
# Base course has no end date (so is active)
self.course.end = None
self.course.display_name = 'Active Course 1'
self.ORG = self.course.location.org
self.save_course()
# Active course has end date set to tomorrow
self.active_course = CourseFactory.create(
display_name='Active Course 2',
org=self.ORG,
end=self.TOMORROW,
)
# Archived course has end date set to yesterday
self.archived_course = CourseFactory.create(
display_name='Archived Course',
org=self.ORG,
end=self.YESTERDAY,
)
# Base user has global staff access
self.assertTrue(GlobalStaff().has_user(self.user))
# Staff user just has course staff access
self.staff, self.staff_password = self.create_non_staff_user()
for course in (self.course, self.active_course, self.archived_course):
CourseStaffRole(course.id).add_users(self.staff)
# Make sure we've cached data which could change the query counts
# depending on test execution order
WaffleSwitchNamespace(name=COURSE_WAFFLE_NAMESPACE).is_enabled(
u'enable_global_staff_optimization')
WaffleSwitchNamespace(
name=STUDIO_WAFFLE_NAMESPACE).is_enabled(u'enable_policy_page')
WaffleSwitchNamespace(name=DJANGO_UTILS_NAMESPACE).is_enabled(
u'enable_memory_middleware')
def test_course_staff_courses_with_claims(self):
CourseStaffRole(self.course_key).add_users(self.user)
course_id = unicode(self.course_key)
nonexistent_course_id = 'some/other/course'
claims = {
'staff_courses': {
'values': [course_id, nonexistent_course_id],
'essential': True,
}
}
scopes, claims = self.get_id_token_values(scope='openid course_staff', claims=claims)
self.assertIn('course_staff', scopes)
self.assertIn('staff_courses', claims)
self.assertEqual(len(claims['staff_courses']), 1)
self.assertIn(course_id, claims['staff_courses'])
self.assertNotIn(nonexistent_course_id, claims['staff_courses'])
def test_access_course_team_users(self):
"""
Test that members of the course team do not lose access to graded content
"""
# There are two types of course team members: instructor and staff
# they have different privileges, but for the purpose of this test the important thing is that they should both
# have access to all graded content
instructor = UserFactory.create()
CourseInstructorRole(self.course.id).add_users(instructor)
staff = UserFactory.create()
CourseStaffRole(self.course.id).add_users(staff)
# assert that all course team members have access to graded content
for course_team_member in [instructor, staff]:
self._assert_block_is_gated(
block=self.blocks_dict['problem'],
user_id=course_team_member.id,
course=self.course,
is_gated=False
)
def _manage_users(request, locator):
"""
This view will return all CMS users who are editors for the specified course
"""
old_location = loc_mapper().translate_locator_to_location(locator)
# check that logged in user has permissions to this item
if not has_course_access(request.user, locator):
raise PermissionDenied()
course_module = modulestore().get_item(old_location)
instructors = CourseInstructorRole(locator).users_with_role()
# the page only lists staff and assumes they're a superset of instructors. Do a union to ensure.
staff = set(CourseStaffRole(locator).users_with_role()).union(instructors)
return render_to_response('manage_users.html', {
'context_course': course_module,
'staff': staff,
'instructors': instructors,
'allow_actions': has_course_access(request.user, locator, role=CourseInstructorRole),
})
def setUp(self):
self.toy = CourseFactory.create(org='edX',
course='toy',
display_name='2012_Fall')
# Create two accounts
self.student = '*****@*****.**'
self.instructor = '*****@*****.**'
self.password = '******'
self.create_account('u1', self.student, self.password)
self.create_account('u2', self.instructor, self.password)
self.activate_user(self.student)
self.activate_user(self.instructor)
CourseStaffRole(self.toy.id).add_users(
User.objects.get(email=self.instructor))
self.logout()
self.login(self.instructor, self.password)
self.enroll(self.toy)
def has_team_api_access(user, course_key, access_username=None):
"""Returns True if the user has access to the Team API for the course
given by `course_key`. The user must either be enrolled in the course,
be course staff, or be global staff.
Args:
user (User): The user to check access for.
course_key (CourseKey): The key to the course which we are checking access to.
access_username (string): If provided, access_username must match user.username for non staff access.
Returns:
bool: True if the user has access, False otherwise.
"""
if user.is_staff:
return True
if CourseStaffRole(course_key).has_user(user):
return True
if not access_username or access_username == user.username:
return CourseEnrollment.is_enrolled(user, course_key)
return False
def test_staff_csv(self):
"""Download and validate staff CSV"""
self._setstaff_login()
self._add_edx4edx()
def_ms = modulestore()
course = def_ms.get_course(SlashSeparatedCourseKey('MITx', 'edx4edx', 'edx4edx'))
CourseStaffRole(course.id).add_users(self.user)
response = self.client.post(reverse('sysadmin_staffing'),
{'action': 'get_staff_csv', })
self.assertIn('attachment', response['Content-Disposition'])
self.assertEqual('text/csv', response['Content-Type'])
columns = [_('course_id'), _('role'), _('username'),
_('email'), _('full_name'), ]
self.assertIn(','.join('"' + c + '"' for c in columns),
response.content)
self._rm_edx4edx()
def setUp(self):
"""
Set up a simple course for testing basic grading functionality.
"""
super(TestRawGradeCSV, self).setUp()
self.instructor = '*****@*****.**'
self.student_user2 = self.create_account('u2', self.instructor, self.password)
self.activate_user(self.instructor)
CourseStaffRole(self.course.id).add_users(User.objects.get(email=self.instructor))
self.logout()
self.login(self.instructor, self.password)
self.enroll(self.course)
# set up a simple course with four problems
self.homework = self.add_graded_section_to_course('homework', late=False, reset=False, showanswer=False)
self.add_dropdown_to_section(self.homework.location, 'p1', 1)
self.add_dropdown_to_section(self.homework.location, 'p2', 1)
self.add_dropdown_to_section(self.homework.location, 'p3', 1)
self.refresh_course()
def test_enrollment_limit(self):
"""
Assert that in a course with max student limit set to 1, we can enroll staff and instructor along with
student. To make sure course full check excludes staff and instructors.
"""
self.assertEqual(self.course_limited.max_student_enrollments_allowed, 1)
user1 = UserFactory.create(username="******", email="*****@*****.**", password="******")
user2 = UserFactory.create(username="******", email="*****@*****.**", password="******")
# create staff on course.
staff = UserFactory.create(username="******", email="*****@*****.**", password="******")
role = CourseStaffRole(self.course_limited.id)
role.add_users(staff)
# create instructor on course.
instructor = UserFactory.create(username="******", email="*****@*****.**", password="******")
role = CourseInstructorRole(self.course_limited.id)
role.add_users(instructor)
CourseEnrollment.enroll(staff, self.course_limited.id, check_access=True)
CourseEnrollment.enroll(instructor, self.course_limited.id, check_access=True)
self.assertTrue(
CourseEnrollment.objects.filter(course_id=self.course_limited.id, user=staff).exists()
)
self.assertTrue(
CourseEnrollment.objects.filter(course_id=self.course_limited.id, user=instructor).exists()
)
CourseEnrollment.enroll(user1, self.course_limited.id, check_access=True)
self.assertTrue(
CourseEnrollment.objects.filter(course_id=self.course_limited.id, user=user1).exists()
)
with self.assertRaises(CourseFullError):
CourseEnrollment.enroll(user2, self.course_limited.id, check_access=True)
self.assertFalse(
CourseEnrollment.objects.filter(course_id=self.course_limited.id, user=user2).exists()
)
def has_permission(self, request, view):
"""
This method is assuming that a `master_course_id` parameter
is available in the request as a GET parameter, a POST parameter
or it is in the JSON payload included in the request.
The reason is because this permission class is going
to check if the user making the request is an instructor
for the specified course.
"""
master_course_id = (request.GET.get('master_course_id')
or request.POST.get('master_course_id')
or request.data.get('master_course_id'))
if master_course_id is not None:
try:
course_key = CourseKey.from_string(master_course_id)
except InvalidKeyError:
raise Http404()
return (hasattr(request, 'user') and
(CourseInstructorRole(course_key).has_user(request.user)
or CourseStaffRole(course_key).has_user(request.user)))
return False
def get_num_enrolled_in_exclude_admins(course_id, date_for):
"""
Copied over from CourseEnrollmentManager.num_enrolled_in_exclude_admins method
and modified to filter on date LT
"""
course_locator = course_id
if getattr(course_id, 'ccx', None):
course_locator = course_id.to_course_locator()
staff = CourseStaffRole(course_locator).users_with_role()
admins = CourseInstructorRole(course_locator).users_with_role()
coaches = CourseCcxCoachRole(course_locator).users_with_role()
return CourseEnrollment.objects.filter(
course_id=course_id,
is_active=1,
created__lt=as_datetime(next_day(date_for)),
).exclude(user__in=staff).exclude(user__in=admins).exclude(
user__in=coaches).count()
