def setUpClass(cls):
super().setUpClass()
cls.admin_user = UserFactory()
assign_perm(perms.WRITE_ENROLLMENTS, cls.admin_user)
cls.org = OrganizationFactory(name='Test Organization')
cls.program = ProgramFactory(managing_organization=cls.org, )
cls.org_admin_group = OrganizationGroupFactory(
organization=cls.org, role=perms.ReadWriteEnrollmentsRole.name)
cls.org_admin = UserFactory()
cls.org_admin.groups.add(cls.org_admin_group) # pylint: disable=no-member
cls.no_perms_user = UserFactory()
def setUpTestData(cls):
super().setUpTestData()
cls.user = UserFactory()
cls.org = OrganizationFactory(name='Test Organization')
cls.program = ProgramFactory(
managing_organization=cls.org,
)
cls.program2 = ProgramFactory(
managing_organization=cls.org,
)
def test_debug_user_task_happy_path(self):
TEST_TEXT = "lorem ipsum"
user = UserFactory()
task = tasks.debug_user_task.apply_async((user.id, TEST_TEXT))
task.wait()
status = UserTaskStatus.objects.get(task_id=task.id)
self.assertEqual(status.state, UserTaskStatus.SUCCEEDED)
artifact = UserTaskArtifact.objects.get(status__user=user)
self.assertEqual(artifact.text, TEST_TEXT)
def setUpClass(cls):
super().setUpClass()
cls.edx_staff_user = UserFactory(is_staff=True)
def test_user_already_exists_username(self):
UserFactory.create(username=self.username)
with self.assertRaisesRegex(
CommandError, 'User {} already exists'.format(self.username)):
call_command(self.command, self.username, email=self.email)
def test_user_already_exists_email(self):
UserFactory.create(email=self.email)
call_command(self.command, self.username, email=self.email)
user = User.objects.get(username=self.username)
self.assert_user(user, expected_email=self.email)
def test_get_user_organizations(self, group_names, expected_org_keys):
groups = [Group.objects.get(name=name) for name in group_names]
user = UserFactory(groups=groups)
orgs = get_user_organizations(user)
org_keys = {org.key for org in orgs}
self.assertEqual(org_keys, expected_org_keys)
def setUpClass(cls):
super().setUpClass()
cls.user = UserFactory()
def setUpTestData(cls):
super().setUpTestData()
cls.user = UserFactory()
org = OrganizationFactory(name='STEM Institute')
cls.program = ProgramFactory(managing_organization=org)
def setUp(self):
super(OrganizationGroupTests, self).setUp()
self.organization = OrganizationFactory()
self.user = UserFactory()
class OrganizationGroupTests(TestCase):
""" Tests for OrganizationGroup model """
def setUp(self):
super(OrganizationGroupTests, self).setUp()
self.organization = OrganizationFactory()
self.user = UserFactory()
@ddt.data(
perm.ReadMetadataRole,
perm.ReadEnrollmentsRole,
perm.ReadWriteEnrollmentsRole,
)
def test_roles(self, role):
org_group = OrganizationGroup.objects.create(
role=role.name,
organization=self.organization,
)
permissions = get_perms(self.user, self.organization)
self.assertEqual([], permissions)
self.user.groups.add(org_group) # pylint: disable=no-member
permissions = get_perms(self.user, self.organization)
self.assertEqual(len(role.permissions), len(permissions))
for permission in Organization._meta.permissions:
self.assertEqual(
permission in role.permissions,
self.user.has_perm(permission, self.organization)
)
def test_global_permission_not_granted(self):
org_group = OrganizationGroup.objects.create(
role=perm.ReadMetadataRole.name,
organization=self.organization,
)
self.user.groups.add(org_group) # pylint: disable=no-member
permission = perm.ReadMetadataRole.permissions[0]
self.assertTrue(self.user.has_perm(permission, self.organization))
self.assertFalse(self.user.has_perm(permission))
def test_roles_are_org_specific(self):
organization2 = OrganizationFactory()
permission = perm.ReadMetadataRole.permissions[0]
self.assertFalse(self.user.has_perm(permission, self.organization))
self.assertFalse(self.user.has_perm(permission, organization2))
org_group = OrganizationGroup.objects.create(
role=perm.ReadMetadataRole.name,
organization=self.organization,
)
self.user.groups.add(org_group) # pylint: disable=no-member
self.assertTrue(self.user.has_perm(permission, self.organization))
self.assertFalse(self.user.has_perm(permission, organization2))
def test_org_group_recalculates_permissions(self):
org1 = self.organization
org2 = OrganizationFactory()
metdata_permission = perm.READ_METADATA
write_permission = perm.WRITE_ENROLLMENTS
# Scenario 1: read/write on org1
org_group = OrganizationGroup.objects.create(
role=perm.ReadWriteEnrollmentsRole.name,
organization=org1,
)
self.user.groups.add(org_group) # pylint: disable=no-member
self.assertTrue(self.user.has_perm(metdata_permission, org1))
self.assertTrue(self.user.has_perm(write_permission, org1))
self.assertFalse(self.user.has_perm(metdata_permission, org2))
self.assertFalse(self.user.has_perm(write_permission, org2))
# Scenario 2: metadata only on org1
org_group.role = perm.ReadEnrollmentsRole.name
org_group.save()
self.assertTrue(self.user.has_perm(metdata_permission, org1))
self.assertFalse(self.user.has_perm(write_permission, org1))
self.assertFalse(self.user.has_perm(metdata_permission, org2))
self.assertFalse(self.user.has_perm(write_permission, org2))
# Scenario 3: metadata only on org2
org_group.organization = org2
org_group.save()
self.assertFalse(self.user.has_perm(metdata_permission, org1))
self.assertFalse(self.user.has_perm(write_permission, org1))
self.assertTrue(self.user.has_perm(metdata_permission, org2))
self.assertFalse(self.user.has_perm(write_permission, org2))
# Scenario 4: read/write on org2
org_group.role = perm.ReadWriteEnrollmentsRole.name
org_group.save()
self.assertFalse(self.user.has_perm(metdata_permission, org1))
self.assertFalse(self.user.has_perm(write_permission, org1))
self.assertTrue(self.user.has_perm(metdata_permission, org2))
self.assertTrue(self.user.has_perm(write_permission, org2))