def test_models_organization_create_page_role(self, *_):
"""
If the CMS_PERMISSIONS settings is True, a page role should be created when saving
an organization.
"""
role_dict = {
"django_permissions": ["cms.change_page"],
"organization_page_permissions": {
"can_change": random.choice([True, False]),
"can_add": random.choice([True, False]),
"can_delete": random.choice([True, False]),
"can_change_advanced_settings": random.choice([True, False]),
"can_publish": random.choice([True, False]),
"can_change_permissions": random.choice([True, False]),
"can_move_page": random.choice([True, False]),
"can_view":
False, # can_view = True would make it a view restriction...
"grant_on": random.randint(1, 5),
},
"organization_folder_permissions": {
"can_read": random.choice([True, False]),
"can_edit": random.choice([True, False]),
"can_add_children": random.choice([True, False]),
"type": random.randint(0, 2),
},
}
page = PageFactory(title__title="My title")
organization = OrganizationFactory(extended_object=page)
self.assertFalse(page.roles.exists())
with mock.patch.dict(defaults.ORGANIZATION_ADMIN_ROLE, role_dict):
organization.create_page_role()
# A page role should have been created
self.assertEqual(page.roles.count(), 1)
role = page.roles.get(role="ADMIN")
self.assertEqual(role.group.name, "Admin | My title")
self.assertEqual(role.group.permissions.count(), 1)
self.assertEqual(role.folder.name, "Admin | My title")
# All expected permissions should have been assigned to the group:
# - Django permissions
self.assertEqual(role.group.permissions.first().codename,
"change_page")
# - DjangoCMS page permissions
self.assertEqual(
PagePermission.objects.filter(group=role.group).count(), 1)
page_permission = PagePermission.objects.get(group=role.group)
for key, value in role_dict["organization_page_permissions"].items():
self.assertEqual(getattr(page_permission, key), value)
# The Django Filer folder permissions
self.assertEqual(
FolderPermission.objects.filter(group_id=role.group_id).count(), 1)
folder_permission = FolderPermission.objects.get(
group_id=role.group_id)
for key, value in role_dict["organization_folder_permissions"].items():
self.assertEqual(getattr(folder_permission, key), value)
def test_models_organization_create_page_role_public_page(self, *_):
"""
A page role should not be created for the public version of an organization.
"""
organization = OrganizationFactory(
should_publish=True).public_extension
self.assertIsNone(organization.create_page_role())
self.assertFalse(organization.extended_object.roles.exists())
def test_models_organization_create_page_role_cms_permissions_off(
self, *_):
"""
A page role should not be created for organizations when the CMS_PERMISSIONS setting is set
to False.
"""
organization = OrganizationFactory()
self.assertIsNone(organization.create_page_role())
self.assertFalse(organization.extended_object.roles.exists())
def test_cms_wizards_course_submit_form_from_organization_page(self):
"""
A user with the required permissions submitting a valid CourseWizardForm when visiting
an organization page, should be able to create a course and its related page
automatically related to the organization via a plugin.
"""
# A parent page should pre-exist
create_page(
"Courses",
"richie/single_column.html",
"en",
reverse_id=Course.PAGE["reverse_id"],
published=True,
)
organization = OrganizationFactory()
organization_page_role = organization.create_page_role()
# Create a user with just the required permissions
user = UserFactory(
is_staff=True,
permissions=[
"courses.add_course", "cms.add_page", "cms.change_page"
],
)
PagePermission.objects.create(
page=organization.extended_object,
user=user,
can_add=True,
can_change=True,
can_delete=False,
can_publish=False,
can_move_page=False,
)
# We can submit a form omitting the slug
form = CourseWizardForm(
data={"title": "My title"},
wizard_language="en",
wizard_user=user,
wizard_page=organization.extended_object,
)
self.assertTrue(form.is_valid())
course_role_dict = {
"django_permissions": ["cms.change_page"],
"course_page_permissions": {
"can_change": random.choice([True, False]),
"can_add": random.choice([True, False]),
"can_delete": random.choice([True, False]),
"can_change_advanced_settings": random.choice([True, False]),
"can_publish": random.choice([True, False]),
"can_change_permissions": random.choice([True, False]),
"can_move_page": random.choice([True, False]),
"can_view":
False, # can_view = True would make it a view restriction...
"grant_on": random.randint(1, 5),
},
"course_folder_permissions": {
"can_read": random.choice([True, False]),
"can_edit": random.choice([True, False]),
"can_add_children": random.choice([True, False]),
"type": random.randint(0, 2),
},
}
organization_role_dict = {
"courses_page_permissions": {
"can_change": random.choice([True, False]),
"can_add": random.choice([True, False]),
"can_delete": random.choice([True, False]),
"can_change_advanced_settings": random.choice([True, False]),
"can_publish": random.choice([True, False]),
"can_change_permissions": random.choice([True, False]),
"can_move_page": random.choice([True, False]),
"can_view":
False, # can_view = True would make it a view restriction...
"grant_on": random.randint(1, 5),
},
"courses_folder_permissions": {
"can_read": random.choice([True, False]),
"can_edit": random.choice([True, False]),
"can_add_children": random.choice([True, False]),
"type": random.randint(0, 2),
},
}
with mock.patch.dict(defaults.ORGANIZATION_ADMIN_ROLE,
organization_role_dict):
with mock.patch.dict(defaults.COURSE_ADMIN_ROLE, course_role_dict):
page = form.save()
# The course and its related page should have been created as draft
Page.objects.drafts().get(id=page.id, course__isnull=False)
self.assertEqual(page.get_title(), "My title")
# The slug should have been automatically set
self.assertEqual(page.get_slug(), "my-title")
# The course should have a plugin with the organization
self.assertEqual(OrganizationPluginModel.objects.count(), 1)
plugin = OrganizationPluginModel.objects.first()
self.assertEqual(plugin.page_id, organization.extended_object_id)
# A page role should have been created for the course page
self.assertEqual(page.roles.count(), 1)
course_role = page.roles.get(role="ADMIN")
self.assertEqual(course_role.group.name, "Admin | My title")
self.assertEqual(course_role.group.permissions.count(), 1)
self.assertEqual(course_role.folder.name, "Admin | My title")
# All expected permissions should have been assigned to the group:
# - Django permissions
self.assertEqual(course_role.group.permissions.first().codename,
"change_page")
# - DjangoCMS page permissions
self.assertEqual(
PagePermission.objects.filter(
group_id=course_role.group_id).count(), 1)
page_permission = PagePermission.objects.get(
group_id=course_role.group_id)
for key, value in course_role_dict["course_page_permissions"].items():
self.assertEqual(getattr(page_permission, key), value)
# The Django Filer folder permissions
self.assertEqual(
FolderPermission.objects.filter(
group_id=course_role.group_id).count(), 1)
folder_permission = FolderPermission.objects.get(
group_id=course_role.group_id, folder_id=course_role.folder_id)
for key, value in course_role_dict["course_folder_permissions"].items(
):
self.assertEqual(getattr(folder_permission, key), value)
# A page permission should have been created for the organization admin role
permission_query = PagePermission.objects.filter(
group_id=organization_page_role.group_id, page=page)
self.assertEqual(permission_query.count(), 1)
page_permission = permission_query.get()
for key, value in organization_role_dict[
"courses_page_permissions"].items():
self.assertEqual(getattr(page_permission, key), value)
# A Filer folder permission should have been created for the organization admin role
folder_query = FolderPermission.objects.filter(
group_id=organization_page_role.group_id,
folder_id=course_role.folder_id)
self.assertEqual(folder_query.count(), 1)
folder_permission = folder_query.get()
for key, value in organization_role_dict[
"courses_folder_permissions"].items():
self.assertEqual(getattr(folder_permission, key), value)
# The page should be public
page.publish("en")
response = self.client.get(page.get_absolute_url())
self.assertEqual(response.status_code, 200)
