From 4f50874fd070ea4adb36a22e16e01272ad37c873 Mon Sep 17 00:00:00 2001 From: jagonzalr Date: Wed, 14 Dec 2016 12:24:10 +0200 Subject: [PATCH] update tests --- cms/djangoapps/contentstore/views/course.py | 21 ++--------- cms/djangoapps/contentstore/views/library.py | 17 ++++++++- .../contentstore/views/tests/test_library.py | 35 ++++++++++++++++--- 3 files changed, 48 insertions(+), 25 deletions(-) diff --git a/cms/djangoapps/contentstore/views/course.py b/cms/djangoapps/contentstore/views/course.py index b5895a3bb1..d67e2f9703 100644 --- a/cms/djangoapps/contentstore/views/course.py +++ b/cms/djangoapps/contentstore/views/course.py @@ -26,7 +26,7 @@ from .component import ( ADVANCED_COMPONENT_TYPES, ) from .item import create_xblock_info -from .library import LIBRARIES_ENABLED +from .library import LIBRARIES_ENABLED, _get_library_creator_status from ccx_keys.locator import CCXLocator from contentstore.course_group_config import ( COHORT_SCHEME, @@ -1634,7 +1634,7 @@ def _get_course_creator_status(user): If the user passed in has not previously visited the index page, it will be added with status 'unrequested' if the course creator group is in use. """ - + if user.is_staff: course_creator_status = 'granted' elif settings.FEATURES.get('DISABLE_COURSE_CREATION', False): @@ -1650,20 +1650,3 @@ def _get_course_creator_status(user): course_creator_status = 'granted' return course_creator_status - - -def _get_library_creator_status(user): - """ - Helper method for returning the library creation status for a particular user, - taking into account the value LIBRARIES_ENABLED. - - """ - - if not LIBRARIES_ENABLED: - return False - elif user.is_staff: - return True - elif settings.FEATURES.get('ENABLE_CREATOR_GROUP', False): - return CourseCreatorRole().has_user(user) - else: - return False diff --git a/cms/djangoapps/contentstore/views/library.py b/cms/djangoapps/contentstore/views/library.py index 8bae2df764..62f2bff17a 100644 --- a/cms/djangoapps/contentstore/views/library.py +++ b/cms/djangoapps/contentstore/views/library.py @@ -38,6 +38,21 @@ log = logging.getLogger(__name__) LIBRARIES_ENABLED = settings.FEATURES.get('ENABLE_CONTENT_LIBRARIES', False) +def _get_library_creator_status(user): + """ + Helper method for returning the library creation status for a particular user, + taking into account the value LIBRARIES_ENABLED. + + """ + + if not LIBRARIES_ENABLED: + return False + elif user.is_staff: + return True + elif settings.FEATURES.get('ENABLE_CREATOR_GROUP', False): + return CourseCreatorRole().has_user(user) + else: + return True @login_required @ensure_csrf_cookie @@ -50,7 +65,7 @@ def library_handler(request, library_key_string=None): log.exception("Attempted to use the content library API when the libraries feature is disabled.") raise Http404 # Should never happen because we test the feature in urls.py also - if not CourseCreatorRole().has_user(request.user): + if not _get_library_creator_status(request.user): if not request.user.is_staff: return HttpResponseForbidden() diff --git a/cms/djangoapps/contentstore/views/tests/test_library.py b/cms/djangoapps/contentstore/views/tests/test_library.py index f8c96df9a9..785ad3ffb7 100644 --- a/cms/djangoapps/contentstore/views/tests/test_library.py +++ b/cms/djangoapps/contentstore/views/tests/test_library.py @@ -46,7 +46,7 @@ class UnitTestLibraries(CourseTestCase): def test_library_creator_status_libraries_not_enabled(self): _, nostaff_user = self.create_non_staff_authed_user_client() self.assertEqual(_get_library_creator_status(nostaff_user), False) - + @mock.patch("contentstore.views.library.LIBRARIES_ENABLED", True) def test_library_creator_status_with_is_staff_user(self): @@ -61,8 +61,8 @@ class UnitTestLibraries(CourseTestCase): @mock.patch("contentstore.views.library.LIBRARIES_ENABLED", True) def test_library_creator_status_with_no_course_creator_role(self): - _, nostaff_user = self.create_non_staff_authed_user_client() - self.assertEqual(_get_library_creator_status(nostaff_user), False) + _, nostaff_user = self.create_non_staff_authed_user_client() + self.assertEqual(_get_library_creator_status(nostaff_user), True) @patch("contentstore.views.library.LIBRARIES_ENABLED", False) def test_with_libraries_disabled(self): @@ -113,8 +113,7 @@ class UnitTestLibraries(CourseTestCase): @patch.dict('django.conf.settings.FEATURES', {'ENABLE_CREATOR_GROUP': True}) def test_lib_create_permission(self): """ - Users who are not given course creator roles should still be able to - create libraries. + Users who are given course creator roles should be able to create libraries. """ self.client.logout() ns_user, password = self.create_non_staff_user() @@ -125,6 +124,32 @@ class UnitTestLibraries(CourseTestCase): }) self.assertEqual(response.status_code, 200) + @patch.dict('django.conf.settings.FEATURES', {'ENABLE_CREATOR_GROUP': False}) + def test_lib_create_permission_no_course_creator_role_and_no_course_creator_group(self): + """ + Users who are not given course creator roles should still be able to create libraries if COURSE_CREATOR_GROUP is not enabled + """ + self.client.logout() + ns_user, password = self.create_non_staff_user() + self.client.login(username=ns_user.username, password=password) + response = self.client.ajax_post(LIBRARY_REST_URL, { + 'org': 'org', 'library': 'lib', 'display_name': "New Library", + }) + self.assertEqual(response.status_code, 200) + + @patch.dict('django.conf.settings.FEATURES', {'ENABLE_CREATOR_GROUP': True}) + def test_lib_create_permission_no_course_creator_role_and_course_creator_group(self): + """ + Users who are not given course creator roles should not be able to create libraries if COURSE_CREATOR_GROUP is enabled. + """ + self.client.logout() + ns_user, password = self.create_non_staff_user() + self.client.login(username=ns_user.username, password=password) + response = self.client.ajax_post(LIBRARY_REST_URL, { + 'org': 'org', 'library': 'lib', 'display_name': "New Library", + }) + self.assertEqual(response.status_code, 403) + @ddt.data( {}, {'org': 'org'},