Tests for course creator status as returned in index page.

2013-07-12 11:25:12 -04:00
parent 4ecceb292e
commit d417a78c74
2 changed files with 217 additions and 19 deletions
--- a/cms/djangoapps/contentstore/tests/test_users.py
+++ b/cms/djangoapps/contentstore/tests/test_users.py
@@ -1,6 +1,18 @@
+"""
+Tests for user.py.
+"""
 import json
+import mock
 from .utils import CourseTestCase
 from django.core.urlresolvers import reverse
+from contentstore.views.user import _get_course_creator_status
+from course_creators.views import add_user_with_status_granted
+from course_creators.admin import CourseCreatorAdmin
+from course_creators.models import CourseCreator
+
+from django.http import HttpRequest
+from django.contrib.auth.models import User
+from django.contrib.admin.sites import AdminSite


 class UsersTestCase(CourseTestCase):
@@ -13,3 +25,177 @@ class UsersTestCase(CourseTestCase):
        self.assertEqual(resp.status_code, 400)
        content = json.loads(resp.content)
        self.assertEqual(content["Status"], "Failed")
+
+
+class IndexCourseCreatorTests(CourseTestCase):
+    """
+    Tests the various permutations of course creator status.
+    """
+    def setUp(self):
+        super(IndexCourseCreatorTests, self).setUp()
+
+        self.index_url = reverse("index")
+        self.request_access_url = reverse("request_course_creator")
+
+        # Disable course creation takes precedence over enable creator group. I have enabled the
+        # latter to make this clear.
+        self.disable_course_creation = {
+            "DISABLE_COURSE_CREATION": True,
+            "ENABLE_CREATOR_GROUP": True,
+            'STAFF_EMAIL': 'mark@marky.mark',
+        }
+
+        self.enable_creator_group = {"ENABLE_CREATOR_GROUP": True}
+
+    def test_get_course_creator_status_disable_creation(self):
+        # DISABLE_COURSE_CREATION is True (this is the case on edx, where we have a marketing site).
+        # Only edx staff can create courses.
+        with mock.patch.dict('django.conf.settings.MITX_FEATURES', self.disable_course_creation):
+            self.assertTrue(self.user.is_staff)
+            self.assertEquals('granted', _get_course_creator_status(self.user))
+            self._set_user_non_staff()
+            self.assertFalse(self.user.is_staff)
+            self.assertEquals('disallowed_for_this_site', _get_course_creator_status(self.user))
+
+    def test_get_course_creator_status_default_cause(self):
+        # Neither ENABLE_CREATOR_GROUP nor DISABLE_COURSE_CREATION are enabled. Anyone can create a course.
+        self.assertEquals('granted', _get_course_creator_status(self.user))
+        self._set_user_non_staff()
+        self.assertEquals('granted', _get_course_creator_status(self.user))
+
+    def test_get_course_creator_status_creator_group(self):
+        # ENABLE_CREATOR_GROUP is True. This is the case on edge.
+        # Only staff members and users who have been granted access can create courses.
+        with mock.patch.dict('django.conf.settings.MITX_FEATURES', self.enable_creator_group):
+            # Staff members can always create courses.
+            self.assertEquals('granted', _get_course_creator_status(self.user))
+            # Non-staff must request access.
+            self._set_user_non_staff()
+            self.assertEquals('unrequested', _get_course_creator_status(self.user))
+            # Staff user requests access.
+            self.client.post(self.request_access_url)
+            self.assertEquals('pending', _get_course_creator_status(self.user))
+
+    def test_get_course_creator_status_creator_group_granted(self):
+        # ENABLE_CREATOR_GROUP is True. This is the case on edge.
+        # Check return value for a non-staff user who has been granted access.
+        with mock.patch.dict('django.conf.settings.MITX_FEATURES', self.enable_creator_group):
+            # self.user has staff permissions, can call this method.
+            add_user_with_status_granted(self.user, self.user)
+            # now make self.user non-staff
+            self._set_user_non_staff()
+            self.assertEquals('granted', _get_course_creator_status(self.user))
+
+    def test_get_course_creator_status_creator_group_denied(self):
+        # ENABLE_CREATOR_GROUP is True. This is the case on edge.
+        # Check return value for a non-staff user who has been denied access.
+        with mock.patch.dict('django.conf.settings.MITX_FEATURES', self.enable_creator_group):
+            # make self.user non-staff
+            self._set_user_non_staff()
+            self._set_user_denied()
+            self.assertEquals('denied', _get_course_creator_status(self.user))
+
+    def test_disable_course_creation_enabled_non_staff(self):
+        # Test index page content when DISABLE_COURSE_CREATION is True, non-staff member.
+        with mock.patch.dict('django.conf.settings.MITX_FEATURES', self.disable_course_creation):
+            self._set_user_non_staff()
+            self._assert_cannot_create()
+
+    def test_disable_course_creation_enabled_staff(self):
+        # Test index page content when DISABLE_COURSE_CREATION is True, staff member.
+        with mock.patch.dict('django.conf.settings.MITX_FEATURES', self.disable_course_creation):
+            resp = self._assert_can_create()
+            self.assertFalse('Email staff to create course' in resp.content)
+
+    def test_can_create_by_default(self):
+        # Test index page content with neither ENABLE_CREATOR_GROUP nor DISABLE_COURSE_CREATION enabled.
+        # Anyone can create a course.
+        self._assert_can_create()
+        self._set_user_non_staff()
+        self._assert_can_create()
+
+    def test_course_creator_group_enabled(self):
+        # Test index page content with ENABLE_CREATOR_GROUP True.
+        # Staff can always create a course, others must request access.
+        with mock.patch.dict('django.conf.settings.MITX_FEATURES', self.enable_creator_group):
+            # Staff members can always create courses.
+            self._assert_can_create()
+
+            # Non-staff case.
+            self._set_user_non_staff()
+            resp = self._assert_cannot_create()
+            self.assertTrue(self.request_access_url in resp.content)
+
+            # Now request access.
+            self.client.post(self.request_access_url)
+
+            # Still cannot create a course, but the "request access button" is no longer there.
+            resp = self._assert_cannot_create()
+            self.assertFalse(self.request_access_url in resp.content)
+            self.assertTrue('has-status is-pending' in resp.content)
+
+    def test_course_creator_group_granted(self):
+        # Test index page content with ENABLE_CREATOR_GROUP True, non-staff member with access granted.
+        with mock.patch.dict('django.conf.settings.MITX_FEATURES', self.enable_creator_group):
+            # self.user has staff permissions, can call this method.
+            add_user_with_status_granted(self.user, self.user)
+            # now make self.user non-staff
+            self._set_user_non_staff()
+            self._assert_can_create()
+
+    def test_course_creator_group_denied(self):
+        # Test index page content with ENABLE_CREATOR_GROUP True, non-staff member with access denied.
+        with mock.patch.dict('django.conf.settings.MITX_FEATURES', self.enable_creator_group):
+            self._set_user_non_staff()
+            self._set_user_denied()
+            resp = self._assert_cannot_create()
+            self.assertFalse(self.request_access_url in resp.content)
+            self.assertTrue('has-status is-denied' in resp.content)
+
+    def _assert_can_create(self):
+        """
+        Helper method that posts to the index page and checks that the user can create a course.
+
+        Returns the response from the post.
+        """
+        resp = self.client.post(self.index_url)
+        self.assertTrue('new-course-button' in resp.content)
+        self.assertFalse(self.request_access_url in resp.content)
+        self.assertFalse('Email staff to create course' in resp.content)
+        return resp
+
+    def _assert_cannot_create(self):
+        """
+        Helper method that posts to the index page and checks that the user cannot create a course.
+
+        Returns the response from the post.
+        """
+        resp = self.client.post(self.index_url)
+        self.assertFalse('new-course-button' in resp.content)
+        return resp
+
+    def _set_user_non_staff(self):
+        """
+        Sets user as non-staff.
+        """
+        self.user.is_staff = False
+        self.user.save()
+
+    def _set_user_denied(self):
+        """
+        Sets course creator status to denied in admin table.
+        """
+        self.table_entry = CourseCreator(user=self.user)
+        self.table_entry.save()
+
+        self.admin = User.objects.create_user('Mark', 'admin+courses@edx.org', 'foo')
+        self.admin.is_staff = True
+
+        self.deny_request = HttpRequest()
+        self.deny_request.user = self.admin
+
+        self.creator_admin = CourseCreatorAdmin(self.table_entry, AdminSite())
+
+        self.table_entry.state = CourseCreator.DENIED
+        self.creator_admin.save_model(self.deny_request, self.table_entry, None, True)
+
--- a/cms/djangoapps/contentstore/views/user.py
+++ b/cms/djangoapps/contentstore/views/user.py
@@ -35,21 +35,6 @@ def index(request):
                and course.location.name != '')
    courses = filter(course_filter, courses)

-    if settings.MITX_FEATURES.get('DISABLE_COURSE_CREATION', False):
-        course_creator_status = 'granted' if request.user.is_staff else 'disallowed_for_this_site'
-    elif settings.MITX_FEATURES.get('ENABLE_CREATOR_GROUP', False):
-        course_creator_status = get_course_creator_status(request.user)
-        if course_creator_status is None:
-            # User not grandfathered in as an existing user, has not previously visited the dashboard page.
-            # Add the user to the course creator admin table with status 'unrequested'.
-            add_user_with_status_unrequested(request.user)
-            course_creator_status = get_course_creator_status(request.user)
-    else:
-        course_creator_status = 'granted'
-
-    request_course_creator_url = reverse('request_course_creator')
-    csrf_token = csrf(request)['csrf_token']
-
    return render_to_response('index.html', {
        'new_course_template': Location('i4x', 'edx', 'templates', 'course', 'Empty'),
        'courses': [(course.display_name,
@@ -57,9 +42,9 @@ def index(request):
                    get_lms_link_for_item(course.location, course_id=course.location.course_id))
                    for course in courses],
        'user': request.user,
-        'request_course_creator_url': request_course_creator_url,
-        'course_creator_status': course_creator_status,
-        'csrf': csrf_token
+        'request_course_creator_url': reverse('request_course_creator'),
+        'course_creator_status': _get_course_creator_status(request.user),
+        'csrf': csrf(request)['csrf_token']
    })


@@ -67,11 +52,13 @@ def index(request):
@ensure_csrf_cookie
@login_required
 def request_course_creator(request):
+    """
+    User has requested course creation access.
+    """
    user_requested_access(request.user)
    return JsonResponse({"Status": "OK"})


-
@login_required
@ensure_csrf_cookie
 def manage_users(request, location):
@@ -169,3 +156,28 @@ def remove_user(request, location):
    remove_user_from_course_group(request.user, user, location, STAFF_ROLE_NAME)

    return JsonResponse({"Status": "OK"})
+
+
+def _get_course_creator_status(user):
+    """
+    Helper method for returning the course creator status for a particular user,
+    taking into account the values of DISABLE_COURSE_CREATION and ENABLE_CREATOR_GROUP.
+
+    If the user passed in has not previously visited the index page, it will be
+    added with status 'unrequested' if the course creator group is in use.
+    """
+    if user.is_staff:
+        course_creator_status = 'granted'
+    elif settings.MITX_FEATURES.get('DISABLE_COURSE_CREATION', False):
+        course_creator_status = 'disallowed_for_this_site'
+    elif settings.MITX_FEATURES.get('ENABLE_CREATOR_GROUP', False):
+        course_creator_status = get_course_creator_status(user)
+        if course_creator_status is None:
+            # User not grandfathered in as an existing user, has not previously visited the dashboard page.
+            # Add the user to the course creator admin table with status 'unrequested'.
+            add_user_with_status_unrequested(user)
+            course_creator_status = get_course_creator_status(user)
+    else:
+        course_creator_status = 'granted'
+
+    return course_creator_status