def setUp(self): """Setup.""" self.u1 = factory.make_user("Zi", "pass", "*****@*****.**") self.jf1 = factory.make_format() self.jf2 = factory.make_format() self.a1 = factory.make_assignment('tcolloq', 'description', format=self.jf1) self.et1 = factory.make_entry_template('temp1') self.et2 = factory.make_entry_template('temp2') self.f1 = factory.make_field(self.et1, "test0", "1") self.f2 = factory.make_field(self.et1, "test2", "2") self.f3 = factory.make_field(self.et2, "test1", "1") self.j1 = factory.make_journal(self.a1, self.u1) self.e1 = factory.make_entry(self.et1) self.e2 = factory.make_entry(self.et2) self.c1 = factory.make_content(self.e1, "testcontent1", self.f1) self.c2 = factory.make_content(self.e1, "testcontent2", self.f2) self.c3 = factory.make_content(self.e2, "testcontent3", self.f3) self.jf1.available_templates.add() self.jf2.available_templates.add() self.usr = factory.make_user('teun', '1234', email='*****@*****.**', lti_id='a') self.crs = factory.make_course('test course please ignore', 'XXXX', startdate=datetime.date.today())
def test_is_supervisor(self): middle = factory.make_user('Username2', 'Password', email='*****@*****.**') student = factory.make_user('Username3', 'Password', email='*****@*****.**') role = factory.make_role_default_no_perms("TE", self.course1, can_view_course_users=True, can_view_all_journals=True) factory.make_participation(self.user, self.course1, role) role = factory.make_role_default_no_perms("MD", self.course1, can_view_course_users=True) factory.make_participation(middle, self.course1, role) role = factory.make_role_default_no_perms("SD", self.course1) factory.make_participation(student, self.course1, role) factory.make_journal(self.assignment, student) self.assertTrue(permissions.is_user_supervisor_of(self.user, student)) self.assertTrue(permissions.is_user_supervisor_of(self.user, middle)) self.assertTrue(permissions.is_user_supervisor_of(middle, self.user)) self.assertTrue(permissions.is_user_supervisor_of(middle, student)) self.assertFalse(permissions.is_user_supervisor_of(student, self.user)) self.assertFalse(permissions.is_user_supervisor_of(student, middle)) Participation.objects.get(course=self.course1, user=student).delete() self.assertTrue(permissions.is_user_supervisor_of(self.user, student)) self.assertFalse(permissions.is_user_supervisor_of(middle, student)) self.assertFalse(permissions.is_user_supervisor_of(student, self.user)) self.assertFalse(permissions.is_user_supervisor_of(student, middle))
def test_make_user(self): # Create test student test_student = creation_factory.make_user( username='******', password='', full_name=settings.LTI_TEST_STUDENT_FULL_NAME, is_test_student=True) assert test_student.is_test_student, 'Test student should be flagged accordingly' assert not test_student.has_usable_password( ), 'Test student should have no usable password' with pytest.raises(ValidationError): assert creation_factory.make_user( username='******', password='', full_name='Not test student', is_test_student=True), \ 'Test user\'s full name is expected to match Test student' test_student.email = '*****@*****.**' test_student.full_name = 'new full name' test_student.save() assert test_student.email == '*****@*****.**' and test_student.full_name == 'new full name', \ 'After creation a test student should be able to update their full name and email address' # A test student should remain a test student with pytest.raises(ValidationError): test_student.is_test_student = False test_student.save()
def test_is_supervisor(self): middle = factory.make_user('Username2', DEFAULT_PASSWORD, email='*****@*****.**', full_name='Test User') student = factory.make_user('Username3', DEFAULT_PASSWORD, email='*****@*****.**', full_name='Test User') role = factory.make_role_default_no_perms("TE", self.course1, can_view_course_users=True, can_view_all_journals=True) factory.make_participation(self.user, self.course1, role) role = factory.make_role_default_no_perms("MD", self.course1, can_view_course_users=True) factory.make_participation(middle, self.course1, role) role = factory.make_role_default_no_perms("SD", self.course1) factory.make_participation(student, self.course1, role) factory.make_journal(self.assignment, student) assert permissions.is_user_supervisor_of(self.user, student) assert permissions.is_user_supervisor_of(self.user, middle) assert permissions.is_user_supervisor_of(middle, self.user) assert permissions.is_user_supervisor_of(middle, student) assert not permissions.is_user_supervisor_of(student, self.user) assert not permissions.is_user_supervisor_of(student, middle) Participation.objects.get(course=self.course1, user=student).delete() assert permissions.is_user_supervisor_of(self.user, student) assert not permissions.is_user_supervisor_of(middle, student) assert not permissions.is_user_supervisor_of(student, self.user) assert not permissions.is_user_supervisor_of(student, middle)
def setUp(self): """Set up the test file.""" self.username, self.password, self.user = test.set_up_user_and_auth( 'test123', 'test123', '*****@*****.**') self.rein_user, self.rein_pass, self.rein = test.set_up_user_and_auth( "Rein", "123", '*****@*****.**') self.no_perm_user, self.no_perm_pass, self.no_permission_user = test.set_up_user_and_auth( "no_perm", "123", '*****@*****.**') self.course = factory.make_course("Beeldbewerken", "BB") self.lars = factory.make_user("Lars", "123", "*****@*****.**") self.student1 = factory.make_user("Student1", "123", "Student1.com") self.student2 = factory.make_user("Student2", "123", "Student2.com") self.not_found_pk = 9999
def set_up_user_and_auth(username, password, email, first_name=None, last_name=None, is_superuser=False, is_teacher=False): """Set up a user with the possibility of global permissions. Arguments: username -- username for the user password -- password for the user first_name -- first name last_name -- last name Returns the user and its credentials """ user = factory.make_user(username, password, email, is_superuser=is_superuser, is_teacher=is_teacher, first_name=first_name, last_name=last_name) return username, password, user
def test_update_user_role_course(self): """Test user role update in a course.""" login = test.logging_in(self, self.rein_user, self.rein_pass) course = factory.make_course("Portfolio Academische Vaardigheden", "PAV", author=self.rein) ta_role = Role.objects.get(name='TA', course=course) student_role = factory.make_role_student(name='SD', course=course) self.user_role = factory.make_user("test123", "test", "*****@*****.**") factory.make_participation(self.user_role, course, ta_role) factory.make_participation(self.user, course, student_role) user_role = Participation.objects.get(user=self.user_role, course=course).role.name self.assertEquals(user_role, 'TA') test.api_patch_call(self, '/participations/' + str(course.pk) + '/', { 'user_id': self.user_role.pk, 'role': 'SD' }, login) user_role = Participation.objects.get(user=self.user_role, course=course.pk).role.name self.assertEquals(user_role, 'SD')
def test_teacher_permissions(self): """Test if the teacher has the right general permissions.""" user = factory.make_user('teacher', 'password', email='some@other', is_teacher=True) self.assertTrue(user.has_permission('can_add_course')) self.assertFalse(user.has_permission('can_edit_institute_details')) self.assertRaises(VLEParticipationError, user.has_permission, 'can_delete_course', self.course_independent) self.assertRaises(VLEParticipationError, user.has_permission, 'can_have_journal', self.assignment_independent)
def test_teacher_permissions(self): """Test if the teacher has the right general permissions.""" user = factory.make_user( 'teacher', DEFAULT_PASSWORD, email='*****@*****.**', is_teacher=True, full_name='Test User') assert user.has_permission('can_add_course') assert not user.has_permission('can_edit_institute_details') self.assertRaises(VLEParticipationError, user.has_permission, 'can_delete_course', self.course_independent) self.assertRaises(VLEParticipationError, user.has_permission, 'can_have_journal', self.assignment_independent)
def test_admin_permissions(self): """Test if the admin has all permissions.""" user = factory.make_user('superuser', 'password', email='some@other', is_superuser=True) self.assertTrue(user.has_permission('can_edit_institute_details')) self.assertTrue(user.has_permission('can_add_course')) self.assertTrue(user.has_permission('can_delete_course', self.course_independent)) self.assertTrue(user.has_permission('can_edit_assignment', self.assignment_independent)) self.assertFalse(user.has_permission('can_have_journal', self.assignment_independent))
def test_admin_permissions(self): """Test if the admin has all permissions.""" user = factory.make_user( 'superuser', DEFAULT_PASSWORD, email='*****@*****.**', is_superuser=True, full_name='Test User') assert user.has_permission('can_edit_institute_details') assert user.has_permission('can_add_course') assert user.has_permission('can_delete_course', self.course_independent) assert user.has_permission('can_edit_assignment', self.assignment_independent) assert not user.has_permission('can_have_journal', self.assignment_independent)
def setUp(self): self.user = factory.make_user('Username', DEFAULT_PASSWORD, email='*****@*****.**', full_name='Test User') self.course1 = factory.make_course('Course', 'crs', startdate=datetime.date.today()) self.course2 = factory.make_course('Course2', 'crs2', startdate=datetime.date.today()) self.course_independent = factory.make_course('Independent Course', 'crs3', startdate=datetime.date.today()) self.assignment = factory.make_assignment('Assignment', 'Assignment linked to multiple courses.', courses=[self.course1, self.course2]) self.assignment_independent = factory.make_assignment('Assignment2', 'Assignment linked to separate course.', courses=[self.course_independent])
def setUp(self): """Setup.""" self.u_rick = factory.make_user("Rick", DEFAULT_PASSWORD, "*****@*****.**", full_name='Test User') self.u_lars = factory.make_user("Lars", DEFAULT_PASSWORD, "*****@*****.**", full_name='Test User') f_colloq = factory.make_default_format() self.deadlineentry = factory.make_entrydeadline_node( f_colloq, due_date=datetime.datetime.now() - datetime.timedelta(days=10), template=f_colloq.template_set.first()) self.progressnode = factory.make_progress_node( f_colloq, datetime.datetime.now() + datetime.timedelta(days=10), 10) f_log = factory.make_default_format() self.template = f_colloq.template_set.first() course = factory.make_course("Some Course", "c") student_role = Role.objects.get(name='Student', course=course) factory.make_participation(self.u_rick, course, student_role) a_colloq = factory.make_assignment("Colloq", "In de opdracht...1", author=self.u_rick, format=f_colloq, courses=[course]) a_log = factory.make_assignment("Logboek", "In de opdracht...2", author=self.u_rick, format=f_log, courses=[course]) self.j_rick_colloq = factory.make_journal(a_colloq, self.u_rick) self.j_lars_colloq = factory.make_journal(a_colloq, self.u_lars) self.j_rick_log = factory.make_journal(a_log, self.u_rick)
def setUp(self): """Setup.""" self.u_rick = factory.make_user("Rick", "pass", "*****@*****.**") self.u_lars = factory.make_user("Lars", "pass", "*****@*****.**") self.template = Template(name="some_template") self.template.save() f_colloq = factory.make_format() self.deadlineentry = factory.make_entrydeadline_node( f_colloq, datetime.datetime.now() - datetime.timedelta(days=10), self.template) self.progressnode = factory.make_progress_node( f_colloq, datetime.datetime.now() + datetime.timedelta(days=10), 10) f_log = factory.make_format() f_colloq.available_templates.add(self.template) course = factory.make_course("Some Course", "c") student_role = Role.objects.get(name='Student', course=course) factory.make_participation(self.u_rick, course, student_role) a_colloq = factory.make_assignment("Colloq", "In de opdracht...1", author=self.u_rick, format=f_colloq, courses=[course]) a_log = factory.make_assignment("Logboek", "In de opdracht...2", author=self.u_rick, format=f_log, courses=[course]) self.j_rick_colloq = factory.make_journal(a_colloq, self.u_rick) self.j_lars_colloq = factory.make_journal(a_colloq, self.u_lars) self.j_rick_log = factory.make_journal(a_log, self.u_rick)
def set_up_users(name, n): """Set up some students. Arguments: name -- the base for the incremental names for the users n -- number of students to be made Returns a list of users with incremental naming. """ users = [] for i in range(n): users.append( factory.make_user(name + str(i), 'pass', '*****@*****.**' + str(i))) return users
def setUp(self): """Setup.""" self.course = factory.make_course('TestCourse', 'aaaa', lti_id='asdf') self.user = factory.make_user('TestUser', 'Pass', '*****@*****.**') factory.make_participation( self.user, self.course, Role.objects.get(name='Student', course=self.course)) self.assignment = factory.make_assignment("TestAss", "TestDescr", points_possible=100, courses=[self.course]) self.journal = factory.make_journal(self.assignment, self.user) self.journal.sourcedid = 'f6d552' self.journal.grade_url = 'http://127.0.0.1:8000/grade_passback'
def delete_user_from_course(self): """Test delete_user_from_course""" login = test.logging_in(self, self.username, self.password) course = factory.make_course("Beeldbewerken", "BB") rein = factory.make_user("Rein", "123", "*****@*****.**") lars = factory.make_user("Lars", "123", "*****@*****.**") role = factory.make_role_default_no_perms("test", course) factory.make_participation(rein, course, role=role) factory.make_participation(lars, course, role=role) test.api_del_call(self, '/participations/' + str(course.pk) + '/', {'user_id': rein.user_role.pk}, login) participations = course.participation_set.all() participations = [ serialize.participation_to_dict(participation) for participation in participations ] self.assertEquals(participations.count(), 1) self.assertEquals(participations[0]['name'], 'Lars')
def test_delete_course_role(self): """Test delete course roles""" teacher_user = '******' teacher_pass = '******' teacher = factory.make_user(teacher_user, teacher_pass, "*****@*****.**") teacher_role = factory.make_role_teacher("TE", self.course) factory.make_participation(teacher, self.course, teacher_role) factory.make_role_ta('TA2', self.course) login = test.logging_in(self, teacher_user, teacher_pass) test.api_del_call(self, '/roles/' + str(self.course.pk) + '/?name=TA2', login) self.assertEquals( Role.objects.filter( name='TA2', course=Course.objects.get(pk=self.course.pk)).count(), 0)
def test_foreignkeys(self): """Test the foreign keys in the database.""" user_test = factory.make_user('lers', 'lers123', '*****@*****.**', '123456') course_test = factory.make_course('tname', 'XXXX', datetime.date.today()) factory.make_format() template = factory.make_entry_template("some_template") entr_test = factory.make_entry(template) field = factory.make_field(template, "test1", "1") factory.make_content(entr_test, "data", field) course_test.author = user_test ass_test = factory.make_assignment(name='tcolloq', description='description') ass_test.courses.add(course_test) journ_test = factory.make_journal(user=user_test, assignment=ass_test) self.assertEquals(entr_test.template.pk, template.pk) self.assertEquals(journ_test.user.pk, user_test.pk) self.assertEquals(journ_test.assignment.pk, ass_test.pk) self.assertEquals(course_test.author.pk, user_test.pk)
def handle_test_student(user, params): """Creates a test user if no user is proved and the params contain a blank email adress.""" if not user \ and 'custom_user_email' in params and params['custom_user_email'] == '' \ and 'custom_user_full_name' in params and params['custom_user_full_name'] == settings.LTI_TEST_STUDENT_FULL_NAME: lti_id, username, full_name, email, course_id = utils.required_params( params, 'user_id', 'custom_username', 'custom_user_full_name', 'custom_user_email', 'custom_course_id') profile_picture = '/unknown-profile.png' if 'custom_user_image' not in params else params[ 'custom_user_image'] is_teacher = settings.ROLES['Teacher'] in lti.roles_to_list(params) return factory.make_user(username, email=email, lti_id=lti_id, profile_picture=profile_picture, is_teacher=is_teacher, full_name=full_name, is_test_student=True) return user
def test_update_course_with_student(self): """Test update_course_with_student""" login = test.logging_in(self, self.username, self.password) course = factory.make_course("Portfolio Academische Vaardigheden", "PAV") teacher_role = Role.objects.get(name='Teacher', course=course) factory.make_participation(self.user, course, teacher_role) student = factory.make_user("Rick", "pass", "*****@*****.**") test.api_post_call(self, '/participations/', { 'user_id': student.pk, 'course_id': course.pk }, login) course = Course.objects.get(pk=course.pk) self.assertEquals(len(course.users.all()), 2) self.assertTrue( User.objects.filter(participation__course=course, username='******').exists())
def test_get_course_roles(self): """Test the get delete assignment function.""" teacher_user = '******' teacher_pass = '******' teacher = factory.make_user(teacher_user, teacher_pass, "*****@*****.**") factory.make_role_student("SD", self.course) factory.make_role_default_no_perms("HE", self.course) teacher_role = factory.make_role_teacher("TE", self.course) factory.make_participation(teacher, self.course, teacher_role) login = test.logging_in(self, teacher_user, teacher_pass) result = test.api_get_call(self, '/roles/', login, params={'course_id': self.course.pk}) self.assertEquals(len(result.json()['roles']), 6) # permissions and authorization check for the api call. login = test.logging_in(self, self.no_perm_user, self.no_perm_pass) test.test_unauthorized_api_get_call(self, '/roles/', params={'course_id': 1}) test.api_get_call(self, '/roles/', login, params={'course_id': self.course.pk}, status=403) test.api_get_call(self, '/roles/', login, params={'course_id': self.not_found_pk}, status=404) test.set_up_participation(self.no_permission_user, self.course, 'Student') test.api_get_call(self, '/roles/', login, params={'course_id': self.course.pk}, status=403)
def create(self, request): """Create a new user. Arguments: request -- request data username -- username password -- password full_name -- full name email -- (optinal) email jwt_params -- (optinal) jwt params to get the lti information from user_id -- id of the user user_image -- user image roles -- role of the user Returns: On failure: unauthorized -- when the user is not logged in bad request -- when email/username/lti id already exists bad request -- when email/password is invalid On success: success -- with the newly created user data """ lti_id, user_image, full_name, email, is_teacher = get_lti_params( request, 'user_id', 'custom_user_image', 'custom_user_full_name', 'custom_user_email') is_test_student = bool(lti_id) and not bool( email) and full_name == settings.LTI_TEST_STUDENT_FULL_NAME if lti_id is None: # Check if instance allows standalone registration if user did not register through some LTI instance try: instance = Instance.objects.get(pk=1) if not instance.allow_standalone_registration: return response.bad_request(( '{} does not allow you to register through the website,' + ' please use an LTI instance.').format( instance.name)) except Instance.DoesNotExist: pass full_name, email = utils.required_params(request.data, 'full_name', 'email') username, password = utils.required_params(request.data, 'username', 'password') if email and User.objects.filter(email=email).exists(): return response.bad_request('User with this email already exists.') if User.objects.filter(username=username).exists(): return response.bad_request( 'User with this username already exists.') if lti_id is not None and User.objects.filter(lti_id=lti_id).exists(): return response.bad_request( 'User with this lti id already exists.') user = factory.make_user(username=username, email=email, lti_id=lti_id, full_name=full_name, is_teacher=is_teacher, verified_email=bool(lti_id) and bool(email), password=password, profile_picture=user_image if user_image else '/unknown-profile.png', is_test_student=is_test_student) if lti_id is None: send_email_verification_link.delay(user.pk) return response.created({'user': UserSerializer(user).data})
def gen_users(self): """Generate users with password 'pass'.""" users_examples = [ { "username": "******", "first_name": "Lars", "last_name": "van Hijfte", "verified_email": False, "pass": "******", "is_superuser": False, "is_teacher": False }, { "username": "******", "first_name": "Rick", "last_name": "Watertor", "pass": "******", "is_superuser": False, "is_teacher": False }, { "username": "******", "first_name": "Dennis", "last_name": "Wind", "pass": "******", "is_superuser": False, "is_teacher": False }, { "username": "******", "first_name": "Maarten", "last_name": "Keulen", "pass": "******", "is_superuser": False, "is_teacher": False }, { "username": "******", "first_name": "Zi Long", "last_name": "Zhu", "pass": "******", "is_superuser": False, "is_teacher": False }, { "username": "******", "first_name": "Xavier", "last_name": "van Dommelen", "pass": "******", "is_superuser": False, "is_teacher": True }, { "username": "******", "first_name": "Super", "last_name": "User", "pass": "******", "is_superuser": True, "is_teacher": True } ] self.users = [] for u in users_examples: self.users.append(factory.make_user( u['username'], u['pass'], u['email'] if 'email' in u else u['first_name'] + '@eJourn.al', is_superuser=u['is_superuser'], is_teacher=u['is_teacher'], first_name=u['first_name'], last_name=u['last_name'], verified_email=u['verified_email'] if 'verified_email' in u else False) )
def create(self, request): """Create a new user. Arguments: request -- request data username -- username password -- password first_name -- (optinal) first name last_name -- (optinal) last name email -- (optinal) email jwt_params -- (optinal) jwt params to get the lti information from user_id -- id of the user user_image -- user image roles -- role of the user Returns: On failure: unauthorized -- when the user is not logged in bad request -- when email/username/lti id already exists bad request -- when email/password is invalid On succes: success -- with the newly created user data """ lti_id, user_image, full_name, email, is_teacher = get_lti_params( request, 'user_id', 'custom_user_image', 'custom_user_full_name', 'custom_user_email') if full_name: first_name, last_name = lti.split_fullname(full_name) if lti_id is None: # Check if instance allows standalone registration if user did not register through some LTI instance try: instance = Instance.objects.get(pk=1) if not instance.allow_standalone_registration: return response.bad_request(('{} does not allow you to register through the website,' + ' please use an LTI instance.').format(instance.name)) except Instance.DoesNotExist: pass first_name, last_name, email = utils.optional_params(request.data, 'first_name', 'last_name', 'email') username, password = utils.required_params(request.data, 'username', 'password') if email and User.objects.filter(email=email).exists(): return response.bad_request('User with this email already exists.') validate_email(email) if User.objects.filter(username=username).exists(): return response.bad_request('User with this username already exists.') if lti_id is not None and User.objects.filter(lti_id=lti_id).exists(): return response.bad_request('User with this lti id already exists.') validators.validate_password(password) user = factory.make_user(username, password, email=email, lti_id=lti_id, is_teacher=is_teacher, first_name=first_name, last_name=last_name, profile_picture=user_image, verified_email=True if lti_id else False) if lti_id is None: try: email_handling.send_email_verification_link(user) except SMTPAuthenticationError as err: user.delete() raise err return response.created({'user': UserSerializer(user).data})