def test_get_ultimate_submission_most_recent_submission_doesnt_count_for_user(
self):
project = obj_build.make_project(visible_to_students=True,
hide_ultimate_submission_fdbk=False,
ultimate_submission_policy=ag_models.
UltimateSubmissionPolicy.most_recent)
course = project.course
counts_for_user = obj_build.make_student_user(course)
does_not_count_for_user = obj_build.make_student_user(course)
group = obj_build.make_group(
members=[counts_for_user, does_not_count_for_user],
project=project)
second_most_recent_submission = obj_build.make_finished_submission(
group=group)
most_recent_submission = obj_build.make_finished_submission(
group=group, does_not_count_for=[does_not_count_for_user.username])
self.client.force_authenticate(counts_for_user)
response = self.client.get(self.ultimate_submission_url(group))
self.assertEqual(status.HTTP_200_OK, response.status_code)
self.assertEqual(most_recent_submission.to_dict(), response.data)
self.client.force_authenticate(does_not_count_for_user)
response = self.client.get(self.ultimate_submission_url(group))
self.assertEqual(status.HTTP_200_OK, response.status_code)
self.assertEqual(second_most_recent_submission.to_dict(),
response.data)
def setUp(self):
super().setUp()
self.project = obj_build.make_project()
self.course = self.project.course
self.counts_for_user = obj_build.make_student_user(self.course)
self.does_not_count_for_user = obj_build.make_student_user(self.course)
self.group = obj_build.make_group(
members=[self.counts_for_user, self.does_not_count_for_user],
project=self.project)
def test_student_view_other_late_day_count_permission_denied(self):
student1 = obj_build.make_student_user(self.course)
student2 = obj_build.make_student_user(self.course)
self.client.force_authenticate(student1)
response = self.client.get(self.get_pk_url(student2, self.course))
self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)
response = self.client.get(self.get_username_url(
student2, self.course))
self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)
def test_staff_view_late_day_count_for_other_course_permission_denied(
self):
staff = obj_build.make_staff_user(self.course)
# Student for other course
other_course = obj_build.make_course()
other_course_student = obj_build.make_student_user(other_course)
self.assertFalse(other_course.is_staff(staff))
self.client.force_authenticate(staff)
response = self.client.get(
self.get_pk_url(other_course_student, other_course))
self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)
response = self.client.get(
self.get_username_url(other_course_student, other_course))
self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)
# Guest for other course
other_guest = obj_build.make_user()
response = self.client.get(self.get_pk_url(other_guest, other_course))
self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)
response = self.client.get(
self.get_username_url(other_guest, other_course))
self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)
def test_admin_change_late_day_count_for_other_course_permission_denied(
self):
admin = obj_build.make_admin_user(self.course)
# Student for other course
other_course = obj_build.make_course()
other_course_student = obj_build.make_student_user(other_course)
self.assertFalse(other_course.is_admin(admin))
self.client.force_authenticate(admin)
response = self.client.put(
self.get_pk_url(other_course_student, other_course),
{'late_days_remaining': 10})
self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)
response = self.client.put(
self.get_username_url(other_course_student, other_course),
{'late_days_remaining': 10})
self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)
# Guest for other course
other_guest = obj_build.make_user()
response = self.client.put(self.get_pk_url(other_guest, other_course),
{'late_days_remaining': 7})
self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)
other_guest = obj_build.make_user()
response = self.client.put(
self.get_username_url(other_guest, other_course),
{'late_days_remaining': 7})
self.assertEqual(status.HTTP_403_FORBIDDEN, response.status_code)
def test_student_get_visible_project(self):
self.project.validate_and_update(visible_to_students=True)
student = obj_build.make_student_user(self.course)
# closing_time is only shown to admins.
self.do_get_object_test(
self.client, student, self.url,
exclude_dict(self.project.to_dict(),
['closing_time', 'instructor_files']))
def test_missing_course_pk_query_param(self):
student = obj_build.make_student_user(self.course)
self.client.force_authenticate(student)
url = reverse('user-late-days', kwargs={'username_or_pk': student.pk})
response = self.client.get(url)
self.assertEqual(status.HTTP_400_BAD_REQUEST, response.status_code)
response = self.client.put(url, {})
self.assertEqual(status.HTTP_400_BAD_REQUEST, response.status_code)
def test_get_late_day_count_object_exists(self):
student = obj_build.make_student_user(self.course)
remaining: ag_models.LateDaysRemaining = (
ag_models.LateDaysRemaining.objects.validate_and_create(
user=student, course=self.course))
remaining.late_days_remaining -= 1
remaining.save()
self.do_get_late_days_test(student, student, self.course,
remaining.late_days_remaining)
def test_admin_change_late_day_count_by_username(self):
admin = obj_build.make_admin_user(self.course)
student = obj_build.make_student_user(self.course)
self.client.force_authenticate(admin)
response = self.client.put(self.get_username_url(student, self.course),
{'late_days_remaining': 42})
self.assertEqual(status.HTTP_200_OK, response.status_code)
self.assertEqual({'late_days_remaining': 42}, response.data)
remaining = ag_models.LateDaysRemaining.objects.get(user=student,
course=self.course)
self.assertEqual(42, remaining.late_days_remaining)
def test_other_add_project_permission_denied(self):
staff = obj_build.make_staff_user(self.course)
student = obj_build.make_student_user(self.course)
handgrader = obj_build.make_handgrader_user(self.course)
guest = obj_build.make_user()
project_name = 'project123'
for user in staff, student, handgrader, guest:
self.client.force_authenticate(user)
response = self.client.post(self.url, {'name': project_name})
self.assertEqual(403, response.status_code)
with self.assertRaises(exceptions.ObjectDoesNotExist):
ag_models.Project.objects.get(name=project_name)
def test_admin_change_late_day_count_by_username_object_exists(self):
admin = obj_build.make_admin_user(self.course)
student = obj_build.make_student_user(self.course)
ag_models.LateDaysRemaining.objects.validate_and_create(
user=student, course=self.course)
self.do_get_late_days_test(admin, student, self.course,
self.initial_num_late_days)
self.client.force_authenticate(admin)
response = self.client.put(self.get_username_url(student, self.course),
{'late_days_remaining': 27})
self.assertEqual(status.HTTP_200_OK, response.status_code)
self.assertEqual({'late_days_remaining': 27}, response.data)
remaining = ag_models.LateDaysRemaining.objects.get(user=student,
course=self.course)
self.assertEqual(27, remaining.late_days_remaining)
def test_student_list_projects_visible_only(self):
student = obj_build.make_student_user(self.course)
self.do_valid_list_projects_test(student, [self.visible_project])
def test_student_get_hidden_project_permission_denied(self):
student = obj_build.make_student_user(self.course)
self.do_permission_denied_get_test(self.client, student, self.url)
def test_get_late_days_course_has_no_late_days(self):
self.course.validate_and_update(num_late_days=0)
student = obj_build.make_student_user(self.course)
self.do_get_late_days_test(student, student, self.course, 0)
def test_staff_view_other_late_day_count(self):
staff = obj_build.make_staff_user(self.course)
student = obj_build.make_student_user(self.course)
self.do_get_late_days_test(staff, student, self.course,
self.initial_num_late_days)
